Skip to content

…Yellow for a slice of Pineapple Pi…

by on June 24, 2013

Yellow_Pi

First we brought you “Blue for the Pineapple…” a cheap Access Point and hack to make the Pineapple Project more affordable for students/researchers or even pentesters as a cheap expendable throwaway pwn-box.

The plan to port the Pineapple was always on the cards, especially after the successful port to the TPLink AP.  After several inquisitive comments and emails we bring you an update…

…a slice of Pineapple Pi .

Yes, we have ported the karma patches to the Raspbian image of the Raspberry Pi.  Why?  Not only does the software take advantage of the full hard-float processor.  But the advantages over the openwrt image mean:

  • More RAM (256/512MB RAM, v1/v2)
  • More Disk Space (X_GB SDcard as a base image)
  • Faster processor (Upto 1GHz (Turbo Mode))
  • Ruby works…
  • therefore, Metasploit works & …
  • we can perfrom a hell of a lot more pentesting tasks

Initial tests confirm karma is working correctly.

We are now working on porting the PHP web interface using a combination of:

  • nginx
  • php5-fpm

As the Pi can support multiple users (as other cheap devices tend to run everything as “root”), the web-interface has to be cleverly re-written to support the the binaries and layout of the Raspbian image.  Keep an eye on our github repository for future updates https://github.com/PenturaLabs.

 List of packages

Here is a list of packages to get you started:
nginx nginx-common nginx-full ncurses-bin php5-cli php5-fpm at ri ruby-dev ruby1.9.1-examples ri1.9.1 graphviz ruby1.9.1-dev ruby-switch libnl1 libnl-dev wget hostapd libncurses5 libpcap libncurses5-dev libpcap-dev nmap curl iw procps openssl git subversion crda libpq-dev 

Still working out the kinks on a DHCP and BIND daemons or other DHCP/DNS solutions.

Updates

  • Added Patched Karma Hostapd Binaries to Github

More to follow throughout the week…

10 Comments
  1. Patched Hostapd binaries added to repo. More to follow by end of the week…

  2. why make a php interface when you can use xming and commandline 🙂

    • some reason – people like fluffy easy to use web interfaces ? supply and demand

  3. Matteo permalink

    Good Job Andy !!!.. Finally also on raspberry pi 😀 … But it work with wich usb wifi ?

    • I used the popular USB Alfa specifically AWUS036NH. But in theory it should work with any WiFi dongle as hostapd is patched not the driver.

  4. Psy permalink

    Finally, a use for the v1 RaspPi I have kicking around. Andy, you and your team rock.

  5. Crypt0s permalink

    Works pretty well. check out my build here: https://sourceforge.net/p/piwat/wiki/Home/
    I have all the parts scripted to work together to build a pineapple analog — hostapd, Browser exploit framework, injection proxy, iptables routing, and evil twin, ettercap, and malicious access point attacks. you just need to run one start-script.

  6. MLT permalink

    Is this still going on ? Haven’t found the web-interfache on github.

Trackbacks & Pingbacks

  1. Python Warp 9 – PyPy Beta For Raspberry Pi | Pentura Labs's Blog
  2. … Green For The Anti-Pineapple | Pentura Labs's Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: