Is the NANO outdated? Does any feature actually work?

[LaTonya]

After 3 months of rebooting, re-installing, rebooting, recovering, updating, rebooting, downloading, installing, etc... I've come to the conclusion that this thing is totally useless. The closest thing to a MITM attack that I was able to do was view my own cell phone that was connected as a client,  and the only URL I was able to see was the page that told me I was blocked because someone is performing a MITM attack. Is this thing totally outdated with all the security features that weren't around when it was created? Has anyone currently had any success with ANYTHING that this thing is supposed to do? I've tried almost half of the modules with issues with just about every one of them.

I'd love to hear everyones feedback.

[\/\/\/]

Its useless these days. DK has let this unit slide into oblivion. I just sold mine. Using a pwnagotchi instead.

[jackTheSignal]

Depends on your use-case.  I find nano rather useful, the only issue I'm currently facing is the device stability and older applications and modules compatibility with the firmware 2.6.x

[jackTheSignal]

As for MITM attack those are way more difficult than they used to be.  Everything went https and you have to adjust for that and that is not so easy.  You need to give a fake certificate or complete fake page, etc.

Nano is just a tool, you need to figure out what is the best scenario for you.

[LaTonya]

Thank you for your response, however, it pretty much re-worded my original question. As for the MITM attack, can the Wifi Pineapple  CURRENTLY  perform one, given everything you mention, such as https, giving fake certificates, fake pages, etc... Im just curious also to know if this thing is still marketing itself to do something that it cant. 

[Charbot]

As a fellow 3-month-nano-owner, I can sympathize. Ive gotten very familiar with the factory reset and firmware recovery process.  That said, Im pretty much a novice, and my journey with the pineapple has been a big learning experience; I the more I learn and understand what the modules and their scripts are actually doing, the better it all seems to work (and/or troubleshoot).   I think it is safe to assume that my lack of knowledge (and possible unrealistic expectations) definitely contributed to the bumpy ride.

Currently:    Evil Portal works perfectly (for me).  The "utility" modules like cabinet, ssid manager, signal strength, etc. all work.     I have  Portal auth, nmap, ngrep, p0f, and tcpdump, working too, but some needed some script amending, symlinks or other minor fixes and/or are a little quirky.    SSLSplit, Dwall, dnsspoof, all work fine but are effectively neutered in our modern https world.    I have responder installed and it appears to be operational, but havent yet really tested it out.    SiteSurvey seemed to work, but i never could get any handshakes whenever I tried it out.  

there are a lot of cool  (newer) tools NOT on the official module manager:  Some need to be run from the commandline some also have a GUI (or several), like  PMKID.   That one especially works very well.  checkout adde88's github page if you havent already.

hang in there!

[this-shit-is-effed]

Have you seen any good php script for harvesting credentials with the captive portal, to save time me writing my own?

because i am lazy like that

[kuyaya]

On 2/15/2020 at 2:21 AM, \/\/\/ said:

Its useless these days. DK has let this unit slide into oblivion. I just sold mine. Using a pwnagotchi instead.

How do you know that DK has let this unit slide into oblivion?? When did he say that?

Mine works perfectly. Also I find that the setup is really easy and it works fine. I love it. Best wireless pentest tool in my opinion.

[jackTheSignal]

15 hours ago, LaTonya said:

Thank you for your response, however, it pretty much re-worded my original question. As for the MITM attack, can the Wifi Pineapple  CURRENTLY  perform one, given everything you mention, such as https, giving fake certificates, fake pages, etc... Im just curious also to know if this thing is still marketing itself to do something that it cant. 

Charbot said it all.  It generally works.  Modules like SSLSplit have some quirks so they need to be polished more.  Generally most of the MITM modules there works.

[kevtheskin]

On 2/17/2020 at 1:30 AM, Charbot said:

As a fellow 3-month-nano-owner, I can sympathize. Ive gotten very familiar with the factory reset and firmware recovery process.  That said, Im pretty much a novice, and my journey with the pineapple has been a big learning experience; I the more I learn and understand what the modules and their scripts are actually doing, the better it all seems to work (and/or troubleshoot).   I think it is safe to assume that my lack of knowledge (and possible unrealistic expectations) definitely contributed to the bumpy ride.

Currently:    Evil Portal works perfectly (for me).  The "utility" modules like cabinet, ssid manager, signal strength, etc. all work.     I have  Portal auth, nmap, ngrep, p0f, and tcpdump, working too, but some needed some script amending, symlinks or other minor fixes and/or are a little quirky.    SSLSplit, Dwall, dnsspoof, all work fine but are effectively neutered in our modern https world.    I have responder installed and it appears to be operational, but havent yet really tested it out.    SiteSurvey seemed to work, but i never could get any handshakes whenever I tried it out.  

there are a lot of cool  (newer) tools NOT on the official module manager:  Some need to be run from the commandline some also have a GUI (or several), like  PMKID.   That one especially works very well.  checkout adde88's github page if you havent already.

hang in there!

Hi there, I have owned my nano for a year and not got anything to work. I tried to get evil portal working but just havent got a clue what i am doing :(.  When I run the downloaded portals from github I login to my rogue ssid on the nano and get no fake login page?.  Would you be so kind and pm me your setup up please. Cheers im just an auld guy trying to keep my brain good. Cheers Kev

[scretch]

Hello, 

I have been using the Pineapple Nano for three months now, (to perform WiFi PT) and I can agree with @LaTonya , nothing seems to work except EvilPortal that in my case seems to work correctly. However I still use my Nano because sometimes it's better than a Kali VM with an Alfa antena. 

I found two bugs in the SiteSurvey GUI:

1. If you start the deauth and then click on the stop button, the GUI doesn't kill aireplay-ng and essentially jamming the network. You can verify that with the commands ps aux | grep air* . I resolved by modifying the code to send only 5 deauth packets every time I click on the start/stop button.
2. Actually airodump-ng capture some handshake but they doesn't appear on the GUI. Instead they are saved in /tmp (if I remember correctly).

When you can, just use the nano with the SSH interface and aircrack-ng suite, otherwise use eaphammer on a raspberry.

[Darren Kitchen]

I understand the frustration when something doesn't work as expected. I think it's important to understand what the WiFi Pineapple sets out to achieve, and where it allows users to leverage its capabilities.

 

Since the beginning of this project we've been working hard at making the WiFi Pineapple a robust platform for WiFi pentests. Our focus is to provide a stable platform that makes the network and transport elements of a recon and rogue access point system simple, while providing an open API for developers to leverage our unique hardware. Because of this we've fostered a community of talented pentesters and developers that have made some fantastic modules, bring a lot of applications to the ecosystem – so in that I believe we've achieved this goal.

 

While we continue to refine the core system, we're faced with a number of challenges as third party module developers may need to update their code in order to work with the latest base. As @scretch pointed out, there are some known bugs - like the deauth function of SiteSurvey needing a modification to its aireplay command as an example. Thankfully this is made simple between the easy to follow developer docs (https://docs.hak5.org/hc/en-us/sections/360002377413-Development) and the open source module repository on github (https://github.com/hak5/wifipineapple-modules) – so anyone is able to contribute to a module.

 

Outside of the community developed modules, if there is a bug or feature request having to do with the core of the WiFi Pineapple – or really anything that you think would make it a better product – I absolutely welcome that feedback.

[Idk_Man]

Everyone also has to realize that if Hak5 we're to become responsible for producing the 3rd party modules, they would open themselves up to all sorts of nasty lawsuits and the fed's would quickly shut them down. Hak5 is responsible for the physical NANO and it's main operating system; nothing else. Everything else is left open to the community. It's no different than any other product on the open market available for consumers.

EXAMPLE: Anyone can legally buy an ordinary pencil from a store. No big deal, right? However the end user has the choice on how they wish to use the pencil. They can choose to use the pencil in a legal manner - on paper - or use the pencil to stab someone in the eyeball (now that pencil become an illegal weapon).

The pencil itself isn't illegal by nature. How the pencil is used by the end user determines the legality of the pencil.

**Hypothetically** (Don't do this!) if you walk into any police station and try to have them arrest you for carrying a normal, everyday pencil, they'd look at you like you were insane. You won't get arrested for walking around with a pencil on your person.

Now take that same pencil in our hypothetical situation and stab that same police officer (Don't do this!) who just said he won't arrest you for carrying around a pencil. You'll get jumped and arrested before you even know what's going on (and you'll probably get 6 warning shots to the back for good measure lol) You as the end user took a perfectly legal item and just turned it into an illegal weapon. Is that the fault of the pencil company? Absolutely not. The pencil company only produces legal pencils for its customers. That end user decided to use the pencil in an illegal manner.

So, if Hak5 decided to start writing their own modules with their name on it which allowed end users to use their product in an illegal manor, the NANO would then become illegal object to own. (Imagine if the same pencil company put instructions on how to stab people with their pencils on their boxes) How quickly would that company be getting dragged into court? 1 day?

It's up to the Hak5 community to write our own modules and decide for ourselves on how to use the NANO. So if you're unhappy about the 3rd party modules not working quite right, I suppose you'd better brush up on your coding and make the necessary edits to allow you to accomplish your own end goals.

If you break it down the NANO is really just running the Kali Linux software inside a custom built hardware shell. And last time I checked, owning a Kali Linux OS is not illegal. How you use it determines the legality.

 

[embe]

Hi!

New to wifipineapple. In fact I just received it today. And I cannot get it to work using Kali. Config is easy, runs smoothy, connects to the internet ..... for just a very short time. So, if I'm fast enough I can even read the bulletins on the web-gui. But after a few seconds Kali creates an errormessage saying network connectivity is gone. After addition seconds this problem is gone but the wifipineapple cannot route the network.

Here are the changes to the eth1 configuration - that's the one while everythings working:

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

         inet 172.16.42.42  netmask 255.255.255.0  broadcast 172.16.42.255

         inet6 fe80::ea90:a375:6938:418c  prefixlen 64  scopeid 0x20<link>

         ether 00:c0:ca:aa:2a:5c  txqueuelen 1000  (Ethernet)

         RX packets 16  bytes 1094 (1.0 KiB)

         RX errors 0  dropped 0  overruns 0  frame 0

         TX packets 66  bytes 6385 (6.2 KiB)

         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 

That's the config after a few seconds ... interesting changes.

 

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

         inet 172.16.42.170  netmask 255.255.255.0  broadcast 172.16.42.255

         inet6 fd85:c627:ef8a:0:cf86:277a:1e3e:fc4c  prefixlen 64 scopeid 0x0<global>

         inet6 fe80::ea90:a375:6938:418c  prefixlen 64  scopeid 0x20<link>

         inet6 fd85:c627:ef8a::e6a  prefixlen 128  scopeid 0x0<global>

         ether 00:c0:ca:aa:2a:5c  txqueuelen 1000  (Ethernet)

         RX packets 2322  bytes 1792936 (1.7 MiB)

         RX errors 0  dropped 0  overruns 0  frame 0

         TX packets 2009  bytes 511636 (499.6 KiB)

         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 

Any ideas? Thanks! 🙂

[Darren Kitchen]

It looks like at first your eth1 interface is set to 172.16.42.42 (which is what the WiFi Pineapple expects for ICS), then moments later eth1 has an IP address of 172.16.42.170 - likely obtained from the WiFi Pineapple's DHCP server. This leads me to believe your Kali Linux system is configured in such a way that a service, like network manager, is attempting to obtain an IP address from DHCP, overriding the statically assigned IP address previously set. I recommend looking into any service that may be overriding this setting. I'll give it a spin with a fresh Kali Linux VM and see if I can reproduce these results. 

[embe]

Thanks - will have to check that. The Kali installation is pretty new - just installed it a few days ago. Maybe something has changed. The only software running that could create these results might the network manager which is currently running on the system. BTW: eth1 is the pineapple adapter.

[LolNoStop]

The modules are trash and the device itself is useless. Hak5 tried, but honestly no serious professional would trust their BS on red teams or and serious pentest engagement.

[Irukandji]

4 hours ago, LolNoStop said:

The modules are trash and the device itself is useless. Hak5 tried, but honestly no serious professional would trust their BS on red teams or and serious pentest engagement.

The firmware was recently updated and all of the modules aren't from hak5.

https://forums.hak5.org/topic/51575-release-wifi-pineapple-firmware-v27x/

[LolNoStop]

3 hours ago, Jtyle6 said:

The firmware was recently updated and all of the modules aren't from hak5.

https://forums.hak5.org/topic/51575-release-wifi-pineapple-firmware-v27x/

I'm aware. Still ,given the track record of these things no one would seriously use one on an engagement.