Jump to content

[RELEASE][BETA] WiFi Pineapple Mark 7 Firmware 1.1.0


Recommended Posts

Hello all!

This monumental 1.1.0 Beta release gives you some amazing new features for your WiFi Pineapple that would not have been possible had it not been for the great feedback and feature requests from our community. Thank you. We hope you enjoy these new features and as always invite you to join us on Discord and the forums.

Changes since Beta 1 begin with NEW.

  • General
    • NEW: Removed bluelog and other bluetooth related tools from firmware.
      • Note: You can now install these packages and more with ease using the Package Manager.
    • NEW: Swap PineAP and Recon location in sidebar.
    • NEW: Enable SSH earlier in Setup process.
    • NEW: Removed polling for Reset button.
    • Add password reset functionality.
    • Notifications
      • Notifications are now previewed in the title bar.
      • Notifications can now be reported as "success", with a green color.
    • Changed to a better download icon.
    • Decrease clutter in title bar for mobile displays.
    • Fix an issue where some kernel modules would cause the device to reboot.
  • Setup
    • NEW: Added GIFs to indicate how to proceed with verification.
    • NEW: Added the ability to fine-tune filters during setup.
    • NEW: Generally improved layout of various setup elements.
  • Dashboard
    • NEW: Improved connection error message for "Get News".
  • Campaigns
    • Fix an issue where some reports will use the first Recon scan, instead of the latest.
    • NEW: Fix an issue where reports would not be removable.
  • PineAP
    • NEW: Change "WPA & Open" tab to "Access Points".
    • NEW: Change "Authenticated AP" card title to "Evil WPA AP".
    • NEW: Add "View Handshakes" button to Evil WPA AP card.
    • NEW: Evil WPA AP handshakes now only send one notification per client.
    • Fix an issue where empty SSIDs would be added to the SSID Pool.
    • Add a new tab for Management and Open APs.
    • Fix an issue where the "Handshakes Captured" counter wouldn't be accurate.
    • Add Evil Twin WPA Access Point.
  • Recon
    • NEW: Added the ability to specify save location for Recon scans.
    • NEW: Added the ability to specify save location for Handshakes.
    • NEW: Fix an issue introduced in Beta 1 where handshakes could not be deleted.
    • NEW: Fixed an issue where the table would become unsorted during a scan.
    • NEW: Added graphs for wireless landscape and channel distribution.
    • NEW: Moved Settings into a new card, with search functionality.
    • Added the ability to select which radio is used for Recon scanning.
    • Add dual-band scanning support for supported adapters.
    • Add the ability to download handshakes in hashcat format.
    • Improved the user experience for cloning access points.
      • Cloning options can now be fine tuned from inside Recon.
      • Add the ability to clone WPA/2 access points.
    • Fixed an issue where BSSIDs would not be highlightable in some browsers.
    • Fixed an issue where a handshake capture button might show for open APs.
    • Massively improved scanning performance by rewriting result de-duplication logic.
    • Massively improved WPA/2 Handshake capture performance.
    • Changed how partial and full handshakes are written to disk.
    • Fixed a rare crash when scanning in client-heavy landscapes.
    • Handshake MAC addresses are now censored when censorship mode is enabled.
    • Handshake MAC addresses now use colon seperators.
  • Logging
    • NEW: Added the ability to specify PineAP log save location.
    • NEW: Added pagination and search functionality to the PineAP Log.
    • Create a new system module for logging.
    • Add ability to download and search the device system log.
  • Modules
    • NEW: Move search box into table footer.
    • Add a new tab for package management.
      • Add the ability to search and download a wide variety of packages.
    • Improve user experience when the device is offline.
  • Settings
    • General
      • Improve user experience when the device is offline.
      • NEW: Added a scrollbar for longer change logs such as this one.
    • Networking
      • NEW: Rewrote Client Mode handling to improve reliability of connection.
      • NEW: Improved reliability of automatic route setting when handling USB Ethernet, ICS, or Client Mode connections.
      • NEW: Disconnect button is now disabled after being clicked once.

 

You can catch the beta release OTA, by following the instructions outlined in the Hak5 Docs article for Beta/Nightly updates.

Thanks again for the continued feedback.

- Foxtrot

  • Like 4
Link to comment
Share on other sites

11 minutes ago, RaucousThrone3 said:

I do not see the option to add Evil Twin WPA Access Point in Pine AP suite.

Go to PineAP -> WPA/Open. You may need to clear your browsers cache after the update.

  • Like 1
Link to comment
Share on other sites

2 days of using. No crashes.

It's really important to add one fundamental thing - while using any attack or rogue scan device must ignore his own interfaces and internet-wifi connection.

Get his own MACs in the initial state of any attack, or maybe additional "ignore" list.

 

And the second thing is sorting of SSIDs in Recon menu.

I need to sort them depending of signal strength, but it resets immediately to alphabetical order.

Link to comment
Share on other sites

i Love new update thanks for this, keep making pineapple mark 7 the best option to pentest wifi. thanks 

Link to comment
Share on other sites

2 days of using. No crashes.

It's really important to add one fundamental thing - while using any attack or rogue scan device must ignore his own interfaces and internet-wifi connection.

Get his own MACs in the initial state of any attack, or maybe additional "ignore" list.

 

And the second thing is sorting of SSIDs in Recon menu.

I need to sort them depending of signal strength, but it resets immediately to alphabetical order.

One more thing - there are no more setting to disable/enable management wifi and to hide both management and open wifi AP.

By the way - disabling of open AP is also useful. Sometimes wanna stay under radar.

Link to comment
Share on other sites

On 5/6/2021 at 12:21 PM, Zaagr said:

And the second thing is sorting of SSIDs in Recon menu.

I need to sort them depending of signal strength, but it resets immediately to alphabetical order.

Thanks for the feedback! I'll make sure that the sorting for running scans is persistent in the Beta 2 release.

On 5/6/2021 at 9:17 PM, Zaagr said:

One more thing - there are no more setting to disable/enable management wifi and to hide both management and open wifi AP.

By the way - disabling of open AP is also useful. Sometimes wanna stay under radar.

Regarding the Management AP: The option to disable and/or hide it is in the PineAP -> WPA & Open page, where it looks the same as previously.

Regarding the Open AP: This option hasn't been a thing since other parts of the device can rely on the Open AP being present, however it's something we can look at in a future update.

On 5/8/2021 at 5:00 PM, StrangePanda said:

After a proper shutdown my handshakes are always gone. Also: My Filter-Rules are resetting themselves from time to time. 
 

are these bugs or features? 

Handshakes are currently stored in /tmp/, as they were on all previous versions of the firmware. 1.1.0 Beta 2 will include options for the user to choose where to store Recon results, handshakes, and logs.

I will look into filter rules resetting themselves "time to time", but more information on this would be nice.

 

Thanks 

  • Like 1
Link to comment
Share on other sites

Thanks for the 'Add dual-band scanning support for supported adapters'.

I'm using the Alfa AWUS036ACM and can Recon 2.4 or 5GHz by selecting the appropriate tab in the web interface, and Access Points & Clients populate and display as selected. But If I try and choose the 'Both' tab in Recon I don't get any results.

And for anyone trying the new Beta, this is what's been working for me:

Start the Pineapple Mk7. Then Plug Alfa AWUS036ACM USB into the Pineapple. Select the Settings Cog in the Pineapple Web Interface (Bottom left of screen) and then the Network tab at the top of the screen. Select wlan3 for Recon Wireless Interface and Save. Now go back to the Binocular Recon and choosing either 5Ghz or 2.4Ghz should give results.

 

Thanks for your efforts and continued hard work.

Cheers
 

Link to comment
Share on other sites

On 5/9/2021 at 8:55 PM, Foxtrot said:

Regarding the Open AP: This option hasn't been a thing since other parts of the device can rely on the Open AP being present, however it's something we can look at in a future update.

Maybe for some kind of "stealth recon mode" that only allows for limited features and needs a preconfigured routine (for use with a powerbank), or a USB connection to a phone with an OTG adapter.

In big companies (not just many people but also when there is a large area), there are usually no foreign access points visible and employees are not allowed to use private ap devices. Therefore, any new network will raise suspicion if it exists for a longer period of time. To stay under the radar, you would have to only monitor, but not create an access point.

So I think it's a nice idea for future updates.

Greetings from Europe :)

Link to comment
Share on other sites

On 5/17/2021 at 1:26 AM, Mr Moonlight said:

...

I'm using the Alfa AWUS036ACM and can Recon 2.4 or 5GHz by selecting the appropriate tab in the web interface, and Access Points & Clients populate and display as selected. But If I try and choose the 'Both' tab in Recon I don't get any results.

...

Thanks for the feedback, I'll be sure to try and reproduce before continuing to the next beta release.

22 hours ago, toString said:

Greetings from Europe :)

As a European, hello back to you :)

Link to comment
Share on other sites

  • 2 weeks later...

I have to say, now that I have finally found the correct 5Ghz adapter to work in the pineappple, combined with this update this thing is finally coming into it's own. I only wish that the pineapple would have had the 5Ghz adapter built in instead of needing to have an external adapter/device.

  • Upvote 1
Link to comment
Share on other sites

Hi there,

I've been using the new firmware for the past couple days. So far no issues occurred.

But I'd like to suggest a configuration / api option:
It would be nice to disable the open-ap as well as the management-ap.
This is already possible by editing /etc/config/wireless:

[...]
config wifi-iface

       option device 'radio0'
       option network 'lan'
       option mode 'ap'
       option maxassoc '100'
       option encryption 'none'
       option ssid 'open-ap-ssid'
       option hidden '0'
       option disabled '1'

[...]

It would be nice to configure this using the API and UI.

 

Best regards,

Jadyn

  • Upvote 1
Link to comment
Share on other sites

New update runs fine here too.

However, the list of missing features I would consider pretty basic functionality is pretty long. Most of the time I have no idea what the Pineapple is doing.

When doing a recon scan: What channels are being utilized? Whats the dwell time per channel? Can I change those parameters? Which radio is being used? And why doesnt the internal card support 5 GHz (I knew this before buying but it seems like such an odd omission. Mini PCIe cards AC cards that support packet injection and monitor mode are like $20 on Amazon.

The "Capture WPA Handshakes" feature is a mystery too. Does it simply camp on the associated channel for the selected network and listen for handshakes? Does it filter on SSID based on the selected network? Can I listen for handshakes for multiple SSID's on the same channel? What about listening for handshakes across different channels for different network? Why is there a dedicated "Capture WPA handshakes" function in there in the first place? The UI also doesnt show much in terms of technical information regarding observed networks. What 802.11 standard is being used? How wide are the channels? etc.

Tbh, I would do the entire network interface completely differently. Why not do what Kismet does and allow you to simply start passively collecting data on the channels you specify? All while capturing data, including and handshake data that might be caught? You could then add filtering rules to include/exclude networks and devices from being monitored. Can I specify what frame types to collect? Can I decrypt data for networks on the fly if I have the network key and session key?

Perhaps the WiFi Pineapple suite is geared towards pentesters with no desire to learn WiFi or having to deal with channels, frame types or 802.11 variants.

Hope my feedback make sense. Keep up the great work.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...