[RELEASE][BETA] WiFi Pineapple Mark 7 Firmware 1.1.0

[Foxtrot]

Hello all!

This monumental 1.1.0 Beta release gives you some amazing new features for your WiFi Pineapple that would not have been possible had it not been for the great feedback and feature requests from our community. Thank you. We hope you enjoy these new features and as always invite you to join us on Discord and the forums.

Changes since Beta 1 and Beta 2 begin with NEW.

Beta 3 Change Log:

• General
  • NEW: Move warnings into an "Informational Messages" dialog.
    • This new dialog adds more information about system messages, and provides convenient links directly to the relevant setting.
  • Removed bluelog and other bluetooth related tools from firmware.
    • Note: You can now install these packages and more with ease using the Package Manager.
  • Swap PineAP and Recon location in sidebar.
  • Enable SSH earlier in Setup process.
  • Removed polling for Reset button.
  • Add password reset functionality.
  • Notifications
    • Notifications are now previewed in the title bar.
    • Notifications can now be reported as "success", with a green color.
  • Changed to a better download icon.
  • Decrease clutter in title bar for mobile displays.
  • Fix an issue where some kernel modules would cause the device to reboot.
• Setup
  • NEW: Add Sweden to WiFi Country Code list.
  • NEW: Fix typo in Client Filters page.
  • Added GIFs to indicate how to proceed with verification.
  • Added the ability to fine-tune filters during setup.
  • Generally improved layout of various setup elements.
• Dashboard
  • Improved connection error message for "Get News".
• Campaigns
  • Fix an issue where some reports will use the first Recon scan, instead of the latest.
  • Fix an issue where reports would not be removable.
• PineAP
  • NEW: Fix an issue where extended Recon scans would lead to a memory leak.
  • NEW: Add Sweden to WiFi Country Code list.
  • NEW: Fix a crash.
  • NEW: Fix a hang introduced in the beta which would cause Recon and Filters to show an incorrect status.
  • Change "WPA & Open" tab to "Access Points".
  • Change "Authenticated AP" card title to "Evil WPA AP".
  • Add "View Handshakes" button to Evil WPA AP card.
  • Evil WPA AP handshakes now only send one notification per client.
  • Fix an issue where empty SSIDs would be added to the SSID Pool.
  • Add a new tab for Management and Open APs.
  • Fix an issue where the "Handshakes Captured" counter wouldn't be accurate.
  • Add Evil Twin WPA Access Point.
• Recon
  • NEW: Fix an issue where handshakes in custom locations couldn't be downloaded.
  • NEW: Scan settings are now loaded from the current scan across devices.
  • Added the ability to specify save location for Recon scans.
  • Added the ability to specify save location for Handshakes.
  • Fix an issue introduced in Beta 1 where handshakes could not be deleted.
  • Fixed an issue where the table would become unsorted during a scan.
  • Added graphs for wireless landscape and channel distribution.
  • Moved Settings into a new card, with search functionality.
  • Added the ability to select which radio is used for Recon scanning.
    • Supported devices are listed at docs.hak5.org
  • Add dual-band scanning support for supported adapters.
  • Add the ability to download handshakes in hashcat format.
  • Improved the user experience for cloning access points.
    • Cloning options can now be fine tuned from inside Recon.
    • Add the ability to clone WPA/2 access points.
  • Fixed an issue where BSSIDs would not be highlightable in some browsers.
  • Fixed an issue where a handshake capture button might show for open APs.
  • Massively improved scanning performance by rewriting result de-duplication logic.
  • Massively improved WPA/2 Handshake capture performance.
  • Changed how partial and full handshakes are written to disk.
  • Fixed a rare crash when scanning in client-heavy landscapes.
  • Handshake MAC addresses are now censored when censorship mode is enabled.
  • Handshake MAC addresses now use colon seperators.
• Logging
  • NEW: Improve column width for the System Log.
  • NEW: Improve parsing of System Log.
  • Added the ability to specify PineAP log save location.
  • Added pagination and search functionality to the PineAP Log.
  • Create a new system module for logging.
  • Add ability to download and search the device system log.
• Modules
  • NEW: Add hot-link support for Available Modules, Package Manager, and Develop tabs.
  • Move search box into table footer.
  • Add a new tab for package management.
    • Add the ability to search and download a wide variety of packages.
  • Improve user experience when the device is offline.
• Settings
  • General
    • Improve user experience when the device is offline.
    • Added a scrollbar for longer changelogs such as this one.
  • Networking
    • Rewrote Client Mode handling to improve reliability of connection.
    • Improved reliability of automatic route setting when handling USB Ethernet, ICS, or Client Mode connections.
    • Disconnect button is now disabled after being clicked once.

You can catch the beta release OTA, by following the instructions outlined in the Hak5 Docs article for Beta/Nightly updates.

Thanks again for the continued feedback.

- Foxtrot

[RaucousThrone3]

I do not see the option to add Evil Twin WPA Access Point in Pine AP suite.

[Foxtrot]

11 minutes ago, RaucousThrone3 said:

I do not see the option to add Evil Twin WPA Access Point in Pine AP suite.

Go to PineAP -> WPA/Open. You may need to clear your browsers cache after the update.

[StrangePanda]

I can not find it. Even with the cache cleared:

[StrangePanda]

3 minutes ago, StrangePanda said:

I can not find it. Even with the cache cleared:

 

Got it... Never mind or delete my post 🙂

[Foxtrot]

For any potential future readers, the settings for the Evil WPA AP are the ones in the card titled "Authenticated Access Point".

[NoobDad]

GREAT! Thanks for the update.❤️

Have been looking forward to this. Keep making the Pineapple better. 

[Zaagr]

2 days of using. No crashes.

It's really important to add one fundamental thing - while using any attack or rogue scan device must ignore his own interfaces and internet-wifi connection.

Get his own MACs in the initial state of any attack, or maybe additional "ignore" list.

 

And the second thing is sorting of SSIDs in Recon menu.

I need to sort them depending of signal strength, but it resets immediately to alphabetical order.

[Traxxas]

i Love new update thanks for this, keep making pineapple mark 7 the best option to pentest wifi. thanks 

[Zaagr]

2 days of using. No crashes.

It's really important to add one fundamental thing - while using any attack or rogue scan device must ignore his own interfaces and internet-wifi connection.

Get his own MACs in the initial state of any attack, or maybe additional "ignore" list.

 

And the second thing is sorting of SSIDs in Recon menu.

I need to sort them depending of signal strength, but it resets immediately to alphabetical order.

One more thing - there are no more setting to disable/enable management wifi and to hide both management and open wifi AP.

By the way - disabling of open AP is also useful. Sometimes wanna stay under radar.

[StrangePanda]

After a proper shutdown my handshakes are always gone. Also: My Filter-Rules are resetting themselves from time to time. 
 

are these bugs or features? 

[Foxtrot]

On 5/6/2021 at 12:21 PM, Zaagr said:

And the second thing is sorting of SSIDs in Recon menu.

I need to sort them depending of signal strength, but it resets immediately to alphabetical order.

Thanks for the feedback! I'll make sure that the sorting for running scans is persistent in the Beta 2 release.

On 5/6/2021 at 9:17 PM, Zaagr said:

One more thing - there are no more setting to disable/enable management wifi and to hide both management and open wifi AP.

By the way - disabling of open AP is also useful. Sometimes wanna stay under radar.

Regarding the Management AP: The option to disable and/or hide it is in the PineAP -> WPA & Open page, where it looks the same as previously.

Regarding the Open AP: This option hasn't been a thing since other parts of the device can rely on the Open AP being present, however it's something we can look at in a future update.

On 5/8/2021 at 5:00 PM, StrangePanda said:

After a proper shutdown my handshakes are always gone. Also: My Filter-Rules are resetting themselves from time to time. 
 

are these bugs or features? 

Handshakes are currently stored in /tmp/, as they were on all previous versions of the firmware. 1.1.0 Beta 2 will include options for the user to choose where to store Recon results, handshakes, and logs.

I will look into filter rules resetting themselves "time to time", but more information on this would be nice.

 

Thanks 

[Mr Moonlight]

Thanks for the 'Add dual-band scanning support for supported adapters'.

I'm using the Alfa AWUS036ACM and can Recon 2.4 or 5GHz by selecting the appropriate tab in the web interface, and Access Points & Clients populate and display as selected. But If I try and choose the 'Both' tab in Recon I don't get any results.

And for anyone trying the new Beta, this is what's been working for me:

Start the Pineapple Mk7. Then Plug Alfa AWUS036ACM USB into the Pineapple. Select the Settings Cog in the Pineapple Web Interface (Bottom left of screen) and then the Network tab at the top of the screen. Select wlan3 for Recon Wireless Interface and Save. Now go back to the Binocular Recon and choosing either 5Ghz or 2.4Ghz should give results.

 

Thanks for your efforts and continued hard work.

Cheers
 

[toString]

On 5/9/2021 at 8:55 PM, Foxtrot said:

Regarding the Open AP: This option hasn't been a thing since other parts of the device can rely on the Open AP being present, however it's something we can look at in a future update.

Maybe for some kind of "stealth recon mode" that only allows for limited features and needs a preconfigured routine (for use with a powerbank), or a USB connection to a phone with an OTG adapter.

In big companies (not just many people but also when there is a large area), there are usually no foreign access points visible and employees are not allowed to use private ap devices. Therefore, any new network will raise suspicion if it exists for a longer period of time. To stay under the radar, you would have to only monitor, but not create an access point.

So I think it's a nice idea for future updates.

Greetings from Europe :)

[Foxtrot]

On 5/17/2021 at 1:26 AM, Mr Moonlight said:

...

I'm using the Alfa AWUS036ACM and can Recon 2.4 or 5GHz by selecting the appropriate tab in the web interface, and Access Points & Clients populate and display as selected. But If I try and choose the 'Both' tab in Recon I don't get any results.

...

Thanks for the feedback, I'll be sure to try and reproduce before continuing to the next beta release.

22 hours ago, toString said:

Greetings from Europe :)

As a European, hello back to you :)

[jholbrookftl]

I have to say, now that I have finally found the correct 5Ghz adapter to work in the pineappple, combined with this update this thing is finally coming into it's own. I only wish that the pineapple would have had the 5Ghz adapter built in instead of needing to have an external adapter/device.

[Jadyn]

Hi there,

I've been using the new firmware for the past couple days. So far no issues occurred.

But I'd like to suggest a configuration / api option:
It would be nice to disable the open-ap as well as the management-ap.
This is already possible by editing /etc/config/wireless:

[...]
config wifi-iface
       option device 'radio0'
       option network 'lan'
       option mode 'ap'
       option maxassoc '100'
       option encryption 'none'
       option ssid 'open-ap-ssid'
       option hidden '0'
       option disabled '1'
[...]

It would be nice to configure this using the API and UI.

 

Best regards,

Jadyn

[terraformer]

New update runs fine here too.

However, the list of missing features I would consider pretty basic functionality is pretty long. Most of the time I have no idea what the Pineapple is doing.

When doing a recon scan: What channels are being utilized? Whats the dwell time per channel? Can I change those parameters? Which radio is being used? And why doesnt the internal card support 5 GHz (I knew this before buying but it seems like such an odd omission. Mini PCIe cards AC cards that support packet injection and monitor mode are like $20 on Amazon.

The "Capture WPA Handshakes" feature is a mystery too. Does it simply camp on the associated channel for the selected network and listen for handshakes? Does it filter on SSID based on the selected network? Can I listen for handshakes for multiple SSID's on the same channel? What about listening for handshakes across different channels for different network? Why is there a dedicated "Capture WPA handshakes" function in there in the first place? The UI also doesnt show much in terms of technical information regarding observed networks. What 802.11 standard is being used? How wide are the channels? etc.

Tbh, I would do the entire network interface completely differently. Why not do what Kismet does and allow you to simply start passively collecting data on the channels you specify? All while capturing data, including and handshake data that might be caught? You could then add filtering rules to include/exclude networks and devices from being monitored. Can I specify what frame types to collect? Can I decrypt data for networks on the fly if I have the network key and session key?

Perhaps the WiFi Pineapple suite is geared towards pentesters with no desire to learn WiFi or having to deal with channels, frame types or 802.11 variants.

Hope my feedback make sense. Keep up the great work.

[Foxtrot]

Hello,

We just pushed Beta 2 to the beta channel! You can catch the changes in the change log in the original post, all new additions/changes start with NEW.

Thanks!

[MStoneDK]

Hi, 

I'm running beta 2, and have doing this the last couple of days. I keep getting this yellow warning triangle saying "Potential filters misconfiguration" Filters are set to allow list, but no entries are present. 

I have tried to reinstall the firmware and defining both filters to "deny list", but when i enter the filters section they are set to defaulted to "allow" again, which is not what i have set it to at initial configuration. When i change the filters to "deny" in both, i get the green check mark, and is writes back setting have changed. But when i reenter the filters section again it is again set back to "allow" mode. So no matter what I do, it is always set to "allow". I guess there is a small bug somewhere 🙂

Regards

[chrizree]

I seem to remember that this has been discussed lately on the Discord server.

[MStoneDK]

Ok - thanks

[Jen Henennsen]

Hello! This is my first day on the forum. I have the MKVII and I have set it to beta channel. I click check for updates and it tells me no updates are available. Also, when I click get available modules it tells me "failed to obtain modules, check again later". It has done this for two days now.

[darkside]

Hi Gorlock,

I experienced the same issue. just try to reconnect to the Internet using the wireless wlan2 and check on your pineapple using ifconfig and iwconfig if your SSID and IP is configured on the interface (wlan2) and that you can ping www.google.com or other public url.

Also check with

nslookup www.google.com

if it resolves properly.

If all ok, you should see these updates, news feed and available modules

 

[darkside]

On 6/10/2021 at 9:31 PM, Foxtrot said:

Hello,

We just pushed Beta 2 to the beta channel! You can catch the changes in the change log in the original post, all new additions/changes start with NEW.

Thanks!

 

On 6/17/2021 at 10:52 AM, MStoneDK said:

Hi, 

I'm running beta 2, and have doing this the last couple of days. I keep getting this yellow warning triangle saying "Potential filters misconfiguration" Filters are set to allow list, but no entries are present. 

I have tried to reinstall the firmware and defining both filters to "deny list", but when i enter the filters section they are set to defaulted to "allow" again, which is not what i have set it to at initial configuration. When i change the filters to "deny" in both, i get the green check mark, and is writes back setting have changed. But when i reenter the filters section again it is again set back to "allow" mode. So no matter what I do, it is always set to "allow". I guess there is a small bug somewhere 🙂

Regards

Hi There,

I am facing similar issues with the filters.

if I set the SSID allow list with one SSID, let say 'IamAllowed', and the deny list for macs empty, i should only see this SSID in the PineAP SSID pool, right?

Instead I see all SSID's being scanned and added to the pool. Other interesting point that I do not see any clients connecting when I have enabled PineAP in active mode. I did some testing with my local wifi but I can not get the clients connected to the pineapple.