Feature Request: Wifi Pineapple Mark V Compatibility

[mw3demo]

This looks like a great tool for the Wifi Pineapple! It also already has karma attacks built in.

https://www.wifipineapple.com/ https://forums.hak5.org/

Great work!

[DanMcInerney]

My friend was just talking about how he might need it for javascript keylogger injection on his Mark V. I'd be honored to have it in an infusion. Let me know if you need anything done.

[DanMcInerney]

Actually I realize that we'll probably need to eliminate the arp spoofing portion if it's on the pineapple.

[mw3demo]

Thank you very much for the very quick reply. I setup a thread a couple weeks ago on the Hak5 forum when I came across your Github.

https://forums.hak5.org/index.php?/topic/31275-extremely-powerful-python-creds-program-lanspy/

The devs and other infusion devs frequent the boards and are much more knowledgeable then I am. I only just purchased a pineapple a couple weeks ago and haven't had time to really play with it.

It it possible to continue the discussion in that thread for others to pitch in? I really believe that the pineapple is a very powerful platform just waiting to be taking advantage off, and Lans.py would be an exciting addition.

[mw3demo]

Hey Dan,

Hope you had a good Christmas. Is this something that could happen, or would the change in code base be too drastic? (You mention the elimination of arp spoofing) Do you need anything from the pineapple community?

[DanMcInerney]

It will be easy. I'll just need like a week or two

On Sun, Dec 29, 2013 at 12:14 PM, mw3demo notifications@github.com wrote:

Hey Dan,

Hope you had a good Christmas. Is this something that could happen, or would the change in code base be too drastic? (You mention the elimination of arp spoofing) Do you need anything from the pineapple community?

— Reply to this email directly or view it on GitHubhttps://github.com/DanMcInerney/LANs.py/issues/28#issuecomment-31320776 .

[DanMcInerney]

I'm sure someone out there saw my comment above and thought, "poor delusional fool". They would be right, I'm going to get a karma-like attack working within the script before I spend my time resources on making it pineapple compatible so this is likely going to take much longer than a week or two.

[chadfurman]

My pineapple is coming soon, I might give it a shot.

[chadfurman]

Hey, I got my Pineapple. Can we get together a list of dependencies? Scapy is the big one that comes to mind right off the bat.

I'm gonna package the missing dependencies and then package LANs.py. The Pineapple runs openWRT http://wiki.openwrt.org/doc/devel/packages

[chadfurman]

Nevermind, all the dependencies are at the top of the primary file in this project :)

[chadfurman]

Looks like someone started a thread over on Hak5 Forums. https://forums.hak5.org/index.php?/topic/31275-extremely-powerful-python-creds-program-lanspy/?hl=lans.py

[DanMcInerney]

My plan is to try and add a fake ap attack to the script and once that's done I should have an easily convertible version of the script for the pineapple. No ETA, but I'm working on it.

[mw3demo]

Sounds good Dan! The effort is much appreciated, good luck!

[chadfurman]

Yay Dan! :)

[DanMcInerney]

So I have the fake AP working in Kali, not yet integrated into LANs.py but damn does it ever slow down the users' browsing. Anyone think using hostap would be faster? I'm inclined to say it wouldn't be compared to airbase. I actually have a pineapple and I don't think it slows down the victim as much as this. Using an alfa card and a modern laptop I can barely surf at all on the 1 victim machine that's attached and that's without parsing the packets for interesting data. I can't imagine what 2+ victims attached to the AP would do, probably DOS it.

It makes me wonder how the pineapple would fare under the stress since the pineapple is so low powered if it were parsing the packets itself I'm guessing you might take it down if there were more than 1 victim attached. I'm continuing the research.

[DanMcInerney]

I just put up creds.py, a simple portable credential harvester that should work very well with the pineapple. I'm not entirely sure how to add it as an infusion though. When I created a hak5 account and tried to submit it on the infusion submission page it said it was an invalid file.

[chadfurman]

Infusions get created on the pineapple, iirc. They're just a web-interface to your back-end script.

[mw3demo]

Hey Dan!

Sounds great, here are some resources that may help:

http://wiki.wifipineapple.com/index.php/Infusions http://wiki.wifipineapple.com/index.php/Creating_Infusions https://forums.hak5.org/index.php?/forum/79-mark-v-infusions/

I'd also recommend PM'ing "Whistle Master" on the forum and/or making a post on the Mark V infusion section, Whistle Master has done most of the infusions.

[mw3demo]

Also a quick heads up, scapy is not on the pineapple by default. I installed it via:

1) Download the latest scapy via http://scapy.net/ then unzip, then transfer to your SD card on your pineapple via sftp (Important for it to be on the SD as the internal memory is not big enough) 2) SSH into the pineapple, then "python setup.py install" in the directory you transferred the scapy directory into.

This allows me to run your scripts.

[mw3demo]

Hey Dan,

You might be interested in adapting your modules for FruityWifi instead of the the pineapple. It is basically the pineapple but for Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi).

https://github.com/xtr4nge/FruityWifi/

The RTL8187 is bugged on the Mark V, and limited to 11Mbps. The SD also resets under load. It is very buggy in it's current state, and they have no ETA on a fix.

See my thread here: https://forums.hak5.org/index.php?/topic/32013-pineapple-ap-is-incredibly-slowinconsistent/

[DanMcInerney]

So the main things that have stopped me from working on this are 1) code injection is available via strip-n-inject so I feel like the part of LANs.py thats somewhat novel is already taken care of and 2) I have no web front end skills to make the infusion. 2 is the lesser of the problems. Mostly I'm just unmotivated since there's already dns spoofers, arp spoofers, nmap scanners and code injection scripts in the pineapple. I'm checking out fruitywifi but looks like the same issues. For now I'm indefinitely done.