Jump to content

PineAP ssid_file

Thraks

By Thraks
in WiFi Pineapple NANO

Recommended Posts

Thraks Newbie

Thraks

Posted
Posted

This should be fairly straight forward, but has the location SSID's for PineAP are stored changed from "/etc/pineapple/ssid_file"? My pool location still points to the default "/etc/pineapple/", but I'm not able to see any SSID's in ssid_file, and it has a file size of 0 bytes. This is persistent through restarts, adding new SSIDs via GUI, as well as adding them to ssid_file (obv file size changes here) yet the list of existent ssids in PineAP is persistent and functional.

I've grep'd to locate ssid's i know should be in the file, but that comes up with empty results as well. 

Link to comment
Share on other sites
b0N3z Rookie

b0N3z

Posted
Posted

its now stored as a database.  I dont know why some of the options to change location are still in the webui because they dont seem like they are relevant.  Ive noticed this a while ago and wondered why those options were still there.  @Foxtrot 

Link to comment
Share on other sites
Just_a_User Newbie

Just_a_User

Posted
Posted
1 hour ago, Thraks said:

That makes a lot more sense. Anyway to import to that db that you're aware of?

I think SSID's are stored in /etc/pineapple/pineapple.db (so location is as per the GUI option) which is a sqlight3 database AFAIK there are a few tools to view/open/edit after downloading it.

I also think notifications are in there along with notes, maybe more as  i haven't spent much time digging.

Link to comment
Share on other sites
Thraks Newbie

Thraks

Posted
  • Author
Posted
5 minutes ago, Just_a_User said:

I think SSID's are stored in /etc/pineapple/pineapple.db (so location is as per the GUI option) which is a sqlight3 database AFAIK there are a few tools to view/open/edit after downloading it.

I also think notifications are in there along with notes, maybe more as  i haven't spent much time digging.

Thanks, you're right it is in pineapple.db

Incase anyone else is interested other tables are:

api_tokens, downloads, notes, notifications, ssids, tracking

Kind of a shame they moved from the simple list file. Made swapping, importing, comparing and joining super easy. But then again, it can't hurt to learn sql.

 

Anyway, thanks for your help guys.

 

Link to comment
Share on other sites
Foxtrot Grand Master

Foxtrot

Posted
Posted
4 hours ago, b0N3z said:

its now stored as a database.  I dont know why some of the options to change location are still in the webui because they dont seem like they are relevant.  Ive noticed this a while ago and wondered why those options were still there.  @Foxtrot 

The change location is still there because it allows you to change the location of the database, should the user want to. It will (and should) always be named 'pineapple.db'. This is why the "Change Location" input box omit the filename.

Link to comment
Share on other sites
Foxtrot Grand Master

Foxtrot

Posted
Posted
2 hours ago, Dave-ee Jones said:

is the Pineapple hosting an SQL server as well ...

No, the SQL DB(s) we use are SQLite, and we manipulate it by opening connections to it, modifying, and closing the connection.

2 hours ago, Dave-ee Jones said:

(phpMyAdmin maybe?)

Absolutely not.

Link to comment
Share on other sites
Just_a_User Newbie

Just_a_User

Posted
Posted
8 hours ago, Dave-ee Jones said:

Alright, calm down, was just curious. ?️

Maybe wrong but i think its because phpmyadmin has had 244 known CVE over the last 17  years so would possibly be a massive target/weakness on the pineapples. ? probably best to avoid it if possible.

Link to comment
Share on other sites
Dave-ee Jones Newbie

Dave-ee Jones

Posted
Posted
15 hours ago, Just_a_User said:

Maybe wrong but i think its because phpmyadmin has had 244 known CVE over the last 17  years so would possibly be a massive target/weakness on the pineapples. ? probably best to avoid it if possible.

In their defence 17 years is a long time and I'm pretty sure Microsoft's Windows has had more than that in the past 10 years.

I do use phpMyAdmin for my SQL server though, but it's not like it's open to the world ready for anyone to start hacking at it whenever they feel like it. Alternatives?

Link to comment
Share on other sites
Just_a_User Newbie

Just_a_User

Posted
Posted
7 hours ago, Dave-ee Jones said:

In their defence 17 years is a long time and I'm pretty sure Microsoft's Windows has had more than that in the past 10 years.

I do use phpMyAdmin for my SQL server though, but it's not like it's open to the world ready for anyone to start hacking at it whenever they feel like it. Alternatives?

You kinda just made my point for me - Microsoft has millions of targets... erm i mean CVE, phpmyadmin = musch less,  custom bit of code on a bespoke wifi auditing device = way way less.

Im just thinking if the pineapple is potentially picking up a red team or blackhat during an audit... i dunno though, Im just thinking out loud.

Link to comment
Share on other sites
Thraks Newbie

Thraks

Posted
  • Author
Posted

Comparing phpmyadmin to any full fledge operating system is almost ludacris. Windows has an attack surface that is exponentially that of phpmyadmin.

That’s like saying that it’s not so bad that my hobby level drone is a flying telnet server because a Boeing jetliner has a million more vulnerabilities.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...