Wifi Pineapple Nano: Difference between revisions

From Edgar BV Wiki
Jump to navigation Jump to search
 
(13 intermediate revisions by the same user not shown)
Line 11: Line 11:
* In network connections rename the new ASIX USB network to pineapple using F2
* In network connections rename the new ASIX USB network to pineapple using F2
* In your internet connection, right click -> properties -> sharing -> set to on -> select pineapple in the drop down list (home networking connection) and apply
* In your internet connection, right click -> properties -> sharing -> set to on -> select pineapple in the drop down list (home networking connection) and apply
* Pineapple connection, right click -> properties -> set ipv4 address to 172.16.42.42, netmask 255.255.255.0. Gateway and DNS stays empty
* Pineapple connection, right click -> properties -> set ipv4 address to 172.16.42.42, netmask 255.255.255.0. Gateway stays empty and DNS 8.8.8.8 / 8.8.4.4 (Google DNS but you can use your own)
 
[https://docs.hak5.org/wifi-pineapple/faq/establishing-an-internet-connection/configuring-ics-on-windows Configuring ICS on Windows]


Now continue under '''Both'''
Now continue under '''Both'''
Line 28: Line 30:
   sudo ip route add 172.16.42.0/24 dev enx00c0ca9153f3
   sudo ip route add 172.16.42.0/24 dev enx00c0ca9153f3
And then run the wp6.sh script and use the C button.
And then run the wp6.sh script and use the C button.
=== Connection problems ===
[https://forums.hak5.org/topic/44095-internet-sharing-issue-with-kali/?tab=comments#comment-309864 Internet sharing issue with Kali / Just_a_User] shows you how to connect using Network Manager
Plug the nano into your kali machine and wait for it to be detected.
Use network manager to configure the IP manually to 172.16.42.42, subnet 255.255.255.0 .
Either turn off and on the interface using network manager or unplug and replug nano - confirm ip is 172.16.42.42.
Open up ssh terminal and type in "nm-connection-editor" and select your interface - maybe name it e.g. nano
[[File:Selection 012.png]]
Browse to ipv4 settings tab and use the drop down menu to select "Shared to other computers"
[[File:Selection_013.png]]
Either turn off and on the interface using network manager or unplug and replug nano
Browse to Pineapple UI or ssh into nano and check internet connectivity - hopefully sorted.


You may have to run above command again to be able to get the pineapple to connect.
You may have to run above command again to be able to get the pineapple to connect.
Line 41: Line 65:


When rebooting you may need to reseat the PC USB plug closest to the female USB plug (in the pineapple)
When rebooting you may need to reseat the PC USB plug closest to the female USB plug (in the pineapple)
[https://forums.hak5.org/topic/44375-setup-for-wifi-pineapple-nano-on-ubuntu-1804/ Setup for Wifi Pineapple Nano on Ubuntu 18.04] has a better script than above
[https://forums.hak5.org/topic/39964-problems-with-pineap-daemon-starting/ Another alternate script] Use like "sudo ./script <pineapple_interface> <computer_wifi_interface> <wifi_router_address>"
<pre>
#!/bin/bash
IFACE_IN=$1
IFACE_EX=$2
GW=$3
ifconfig $IFACE_IN up
ifconfig $IFACE_IN 172.16.42.42 netmask 255.255.255.0
route del default gw Pineapple.lan
route add default gw $GW netmask 0.0.0.0
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o $IFACE_EX -j MASQUERADE
iptables -A FORWARD -i $IFACE_EX -o $IFACE_IN -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $IFACE_IN -o $IFACE_EX -j ACCEPT
</pre>


== Both ==
== Both ==
Line 46: Line 93:


= Modules =
= Modules =
== Stuff not in the hak5 repositories ==
[https://forums.hak5.org/topic/44213-pmkid-attack-on-wifi-pineapples/ PMKID]
[https://github.com/adde88/openwrt-useful-tools adde88] repo of very useful tools
== Not installing / updating ==
== Not installing / updating ==
Most likely the there are problems with the SD Card.
Most likely the there are problems with the SD Card.
Line 84: Line 136:
The solution [https://forums.hak5.org/topic/37145-questions-about-sd-card/page/4/] here at least formats your sd card in the right way. You may need to perform a few of these steps from another linux PC though - every time I tried the mkfs.ext4 /dev/sda1 on the pineapple the scsi bus would reboot and it would tell me /dev/sda1 doesn't exist.
The solution [https://forums.hak5.org/topic/37145-questions-about-sd-card/page/4/] here at least formats your sd card in the right way. You may need to perform a few of these steps from another linux PC though - every time I tried the mkfs.ext4 /dev/sda1 on the pineapple the scsi bus would reboot and it would tell me /dev/sda1 doesn't exist.


== Tools to wipe from sdcard.org ==
[https://www.sdcard.org/downloads/formatter/ SD Memory Card Formatter 5.0.1 for SD/SDHC/SDXC]
== complete wipe and gui format ==
    Completely wipe SD card with dd if=/dev/zero of=/dev/sdcard/sd bs=4096
    Eject SD card from WiFi Pineapple NANO
    Power off WiFi Pineapple NANO
    Insert SD card into WiFi Pineapple NANO
    Power on WiFi Pineapple NANO
    Use the webinterface to format the SD card (this may take a while). Alternatively, use a linux distro to format the SD card ext4.
    The card should mount automatically. If it does not, reboot the WiFi Pineapple NANO.
== hand formatting ==
Format SD Card
Format SD Card
     cat /pineapple/modules/Advanced/formatSD/fdisk_options | fdisk /dev/sda
     cat /pineapple/modules/Advanced/formatSD/fdisk_options | fdisk /dev/sda
Line 92: Line 157:


change /etc/config/fstab to:
change /etc/config/fstab to:
'''NOTE: TRY USING THE UUID of sda1 instead of /dev/sda1'''


     config global
     config global
Line 113: Line 180:


Reboot and the SD Card should be mounted.
Reboot and the SD Card should be mounted.
= Learning resources =
[https://www.youtube.com/watch?v=CcnCbxoUWps&t=317s WiFi Hacking Workflow - The NEW WiFi Pineapple 2.5 Firmware - Hak5 2514]
[https://fractionalciso.com/wifi-pineapple/ WiFi Pineapple: Can Still Compromise Your Network in 2019]
= Firmware recovery =
Follow the steps [https://docs.hak5.org/hc/en-us/articles/360010471774-Firmware-Recovery here]
The WiFi Pineapple features a firmware recovery option which allows the user to restore the device to a factory firmware image. This procedure is performed via a special web interface.
Download the factory recovery firmware image for your WiFi Pineapple device from the Hak5 Download Center.
It is extremely important that you only use the recovery firmware image for the correct device, and not the latest release or an image for a different device (e.g. the WiFi Pineapple NANO recovery image on a WiFi Pineapple TETRA).
    WiFi Pineapple TETRA Recovery Image
    WiFi Pineapple NANO Recovery Image
Next, follow these steps to access the recovery web interface and update the firmware.
    Unplug the WiFi Pineapple completely from all power sources.
    Begin holding the RESET button on the device.
    With the RESET button held, power on the device.
    Continue holding the RESET button for 10 seconds, then release.
        NANO: The blue LED will remain solid
        TETRA: The yellow LED will remain solid
    Connect the host PC to the WiFi Pineapple via the USB Ethernet Port
        NANO: The male USB A plug
        TETRA: The Micro USB port labeled ETH
    From the host PC, configure a static IP address on the WiFi Pineapple facing Ethernet interface to 192.168.1.2 with netmask 255.255.255.0
        For example, in Linux run ifconfig eth1 192.168.1.2 netmask 255.255.255.0 up (where eth1 is the interface name of the WiFi Pineapple).
        also create a route with sudo ip route add 192.168.1.0/24 dev enx00c0ca9153f3
    From the host PC, browse to http://192.168.1.1
    Click Choose File and select the factory firmware image downloaded above.
    Click Update Firmware.
    This process will take several minutes. Do not interrupt the power supply while the firmware is updating. Once complete, the WiFi Pineapple will restart.
    Reset the the WiFi Pineapple facing USB Ethernet interface back to DHCP or 172.16.42.42 with netmask 255.255.255.0

Latest revision as of 06:58, 12 July 2022

Setting up

  • Download the firmware Hak5 download centre
  • plug in the pineapple to the PC using the USB Y-cable: both USB ends in the PC and the female usb onto the pineapple
  • surf to http://172.16.42.1:1471
  • follow instructions and then:

Windows

  • you get a new network connection
  • In network connections rename the new ASIX USB network to pineapple using F2
  • In your internet connection, right click -> properties -> sharing -> set to on -> select pineapple in the drop down list (home networking connection) and apply
  • Pineapple connection, right click -> properties -> set ipv4 address to 172.16.42.42, netmask 255.255.255.0. Gateway stays empty and DNS 8.8.8.8 / 8.8.4.4 (Google DNS but you can use your own)

Configuring ICS on Windows

Now continue under Both

Linux

  lsusb 

shows you an ASIX fast ethernet card

  ifconfig | grep eth 

shows you a new usb ethernet port

  wget wifipineapple.com/wp6.sh
  chmod +x wp6.sh
  sudo ./wp6.sh

Because the wp6.sh script doesn't write the route properly, using C to connect results in a message: "Detecting Wifi Pineapple......." and endless dots. To fix this

  sudo ip route add 172.16.42.0/24 dev enx00c0ca9153f3

And then run the wp6.sh script and use the C button.

Connection problems

Internet sharing issue with Kali / Just_a_User shows you how to connect using Network Manager

Plug the nano into your kali machine and wait for it to be detected.

Use network manager to configure the IP manually to 172.16.42.42, subnet 255.255.255.0 .

Either turn off and on the interface using network manager or unplug and replug nano - confirm ip is 172.16.42.42.

Open up ssh terminal and type in "nm-connection-editor" and select your interface - maybe name it e.g. nano

Browse to ipv4 settings tab and use the drop down menu to select "Shared to other computers"

Either turn off and on the interface using network manager or unplug and replug nano

Browse to Pineapple UI or ssh into nano and check internet connectivity - hopefully sorted.

You may have to run above command again to be able to get the pineapple to connect.

  ip route list

should look a bit like

  default via 192.168.0.1 dev wlp4s0 proto dhcp metric 20600
  169.254.0.0/16 dev wlp4sc0 scope link metric 1000
  172.16.42.0/24 dev enx00c0ca9153f3 scope link
  192.168.0.0/24 dev wlp4s0 proto kernel scope link src 192.160.0.53 metric 600

This keeps a problem with the resolver, where for some reason the laptop can't resolve DNS, but the pineapple can.

When rebooting you may need to reseat the PC USB plug closest to the female USB plug (in the pineapple)

Setup for Wifi Pineapple Nano on Ubuntu 18.04 has a better script than above

Another alternate script Use like "sudo ./script <pineapple_interface> <computer_wifi_interface> <wifi_router_address>"

#!/bin/bash

IFACE_IN=$1
IFACE_EX=$2
GW=$3

ifconfig $IFACE_IN up
ifconfig $IFACE_IN 172.16.42.42 netmask 255.255.255.0

route del default gw Pineapple.lan
route add default gw $GW netmask 0.0.0.0

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o $IFACE_EX -j MASQUERADE
iptables -A FORWARD -i $IFACE_EX -o $IFACE_IN -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $IFACE_IN -o $IFACE_EX -j ACCEPT

Both

Now you can surf to http://172.16.42.1:1471 and load the bulletins - now you know you're online.

Modules

Stuff not in the hak5 repositories

PMKID

adde88 repo of very useful tools

Not installing / updating

Most likely the there are problems with the SD Card.

If you SSH in you may find the following error:

pineapple nano jffs2-partition seems full and overlayfs is mounted read-only

then the modules have probably installed to

  /overlay/upper/pineapple/modules/

and / or

  /sd/modules

There should be links in /overlay/upper/pineapple/modules/ from /sd/modules/, so empty both directories and re-install after ensuring the sd card is mounted properly, or you may end up with version mismatches.

list of installed modules

Dwall Evil Portal Deauth nmap Occupineapple Portal Auth SSLsplit Site Survey Log manager

SD Card

This can be a real problem to mount or get working. You can find loads of interesting error messages in dmesg but none of them will make much sense. The recommendation is to format the SD Card in the webinterface. Under Advanced you can click on USB & Storage and select Format SD Card. That may very well not work.

The SD Card has two partions

  • data partition
  • swap partition

Commands you will use a lot

  fdisk -l
  dmesg

The solution [1] here at least formats your sd card in the right way. You may need to perform a few of these steps from another linux PC though - every time I tried the mkfs.ext4 /dev/sda1 on the pineapple the scsi bus would reboot and it would tell me /dev/sda1 doesn't exist.

Tools to wipe from sdcard.org

SD Memory Card Formatter 5.0.1 for SD/SDHC/SDXC

complete wipe and gui format

   Completely wipe SD card with dd if=/dev/zero of=/dev/sdcard/sd bs=4096
   Eject SD card from WiFi Pineapple NANO
   Power off WiFi Pineapple NANO
   Insert SD card into WiFi Pineapple NANO
   Power on WiFi Pineapple NANO
   Use the webinterface to format the SD card (this may take a while). Alternatively, use a linux distro to format the SD card ext4.
   The card should mount automatically. If it does not, reboot the WiFi Pineapple NANO.

hand formatting

Format SD Card

   cat /pineapple/modules/Advanced/formatSD/fdisk_options | fdisk /dev/sda
   mkfs.ext4 /dev/sda1
   mkfs.ext4 /dev/sda2
   mkswap /dev/sda2
   mkdir /sd

change /etc/config/fstab to:

NOTE: TRY USING THE UUID of sda1 instead of /dev/sda1

   config global
   	option anon_swap '0'
   	option anon_mount '0'
   	option auto_swap '1'
   	option auto_mount '1'
   	option delay_root '5'
   	option check_fs '0'
   config mount
   	option target '/sd'
   	option device '/dev/sda1'
   	option fstype 'auto'
   	option options 'rw,sync'
   	option enabled '1'
   config 'swap'
           option device '/dev/sda2'
           option enabled '1'

Reboot and the SD Card should be mounted.

Learning resources

WiFi Hacking Workflow - The NEW WiFi Pineapple 2.5 Firmware - Hak5 2514

WiFi Pineapple: Can Still Compromise Your Network in 2019

Firmware recovery

Follow the steps here

The WiFi Pineapple features a firmware recovery option which allows the user to restore the device to a factory firmware image. This procedure is performed via a special web interface.

Download the factory recovery firmware image for your WiFi Pineapple device from the Hak5 Download Center.

It is extremely important that you only use the recovery firmware image for the correct device, and not the latest release or an image for a different device (e.g. the WiFi Pineapple NANO recovery image on a WiFi Pineapple TETRA).

   WiFi Pineapple TETRA Recovery Image
   WiFi Pineapple NANO Recovery Image


Next, follow these steps to access the recovery web interface and update the firmware.

   Unplug the WiFi Pineapple completely from all power sources.
   Begin holding the RESET button on the device.
   With the RESET button held, power on the device.
   Continue holding the RESET button for 10 seconds, then release.
       NANO: The blue LED will remain solid
       TETRA: The yellow LED will remain solid
   Connect the host PC to the WiFi Pineapple via the USB Ethernet Port
       NANO: The male USB A plug
       TETRA: The Micro USB port labeled ETH
   From the host PC, configure a static IP address on the WiFi Pineapple facing Ethernet interface to 192.168.1.2 with netmask 255.255.255.0
       For example, in Linux run ifconfig eth1 192.168.1.2 netmask 255.255.255.0 up (where eth1 is the interface name of the WiFi Pineapple).
       also create a route with sudo ip route add 192.168.1.0/24 dev enx00c0ca9153f3
   From the host PC, browse to http://192.168.1.1
   Click Choose File and select the factory firmware image downloaded above.
   Click Update Firmware.
   This process will take several minutes. Do not interrupt the power supply while the firmware is updating. Once complete, the WiFi Pineapple will restart.
   Reset the the WiFi Pineapple facing USB Ethernet interface back to DHCP or 172.16.42.42 with netmask 255.255.255.0