Pineapple Mac OS
Motivation
- Bacon, ham, pineapple, extra cheese BBQ Chicken Hawaiian Chicken, bacon, pineapple, BBQ sauce, cheddar & mozzarella cheese Philly Steak Philly steak, onions, green peppers, mushrooms & spicy mayo Pizza Mac Seasoned ground beef, onion, pickles, cheddar, mozzarella, 1000 island, topped w/ lettuce Italian Pizza.
- Jul 26, 2014 WiFi Pineapple and Mac OS X Internet Sharing » SSLsplit on WiFi Pineapple Update: after this blogpost somebody made an Infusion for SSLSplit on the WiFi Pineapple.
I needed to get the pineapple to work with my mac, and I needed to get the internet sharing to work. I got a lot of really good documentation from Hak5s 'WiFi Pineapple Generation 6 User Manual', but there are no good examples on how to set up for a mac. I needed this documentation and I documented it in my blog just in case someone else needs the same thing.
Connect the WiFi Pineapple Mark VII to a computer using the included USB cable. For Windows and Linux computers, the ASIX AX88772C USB Ethernet adapter drivers should install automatically. Mac OS Catalina and above may not install the driver automatically. If necessary, install the driver from the ASIX driver download page for the AX88772C. Source MAC - by default, this is the MAC address of wlan0 on the WiFi Pineapple. This is the interface for which associations may be allowed and also hosts the Management Access Point. The MAC address of wlan0 may be changed from the Networking view. This MAC address may be set to that of a secondary WiFi Pineapple if desired. WWDC June 3, 2019. Announcing upgraded operating systems for iPhone, Apple Watch, and Mac — and a brand new one for iPad. And introducing the new Mac Pro and Pro Display XDR.
Factory reset
To factory reset the wifi pineapple to the latest you need to press and hold the reset button at the back for 7 seconds, and then release. All your previous settings will be deleted, but the installed firmware will remain the same. The wifi pineapple will reboot and you will have to set the initial wifi setup and password again.
Data not stored on an USB/SD card will be erased in this process.
Set up after factory reset
After reboot, your factory reseted pineapple will identify itself on the wifi as Pineapple_<4 last digit on mac address>. You can find the mac address under your pineapple. I have removed my last characters for security reasons.
Open a browser and enter http://172.16.42.1:1471/. You will be greeted with this page:
Click get started, and a prompt will appear asking you to click the reset button, but only for a second. This will disable the radio on the wifi pineapple for security reasons.
Do one of the two alternatives. In this tutorial I only clicked the reset button for 1 second. Then I fill out the form with my desired details.
Click the complete setup button, and you are good to go.
Internet sharing on osx
Use the usb cable that comes with the Tetra pineapple and connect the pineapple to your mac.
Internet sharing on Mac only works with devices on certain IP addresses. We need to adjust this range of addresses to include those used by the Pineapple. We do this by running these commands in a shell as root:
- defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkNumberStart 172.16.42.42
- defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkNumberEnd 172.16.42.200
- defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkMask 255.255.255.0
Enter system preferences and navigate into Network and mark the USB connection. From the Configure IPv4 drop down meny, choose Using DHCP with manual address and enter the IP address: 172.16.42.42 in the IP address field. In this case I have given my interface a name, Pineapple and It looks like this:
Make sure the Pineapple interface is on top over the Wi-Fi interface. You can configure this using the cog-drop-down meny at bottom left.
Enter System preferences -> sharing. Make sure that 'Sharing your connection from' is WiFi or where ever you get the internet access from, and make sure you check the USB/Pineapple in the window below where you want the internet sharing to. Finally check the 'Internet Sharing' and click start in the popup window.
You are now good to go. Enter http://172.16.42.1:1471 and log in, then click on the Load Bulletings from WifiPineapple.com.
If it works you will get bulletins from WifiPineapple.com like this:
Happy responsible hacking!
After a few weeks of testing on the field, I’ve found the perfect configuration for WiFi pentesting using a WiFi Pineapple NANO, an OSX laptop and BetterCap.
Since different people from different forums had issues making this work ( mostly due to the difficulties of internet connection sharing between OSX and the Pineapple ) I’ve decided to share my setup today ^_^
Pineapple Mac Os Catalina
WiFi Pineapple AKA KARMA attack for the masses
First of all, let’s talk a little bit about the KARMA attack in case you have no idea what I’m talking about. DigiNinja page on karma says:
Long story short, on each WiFi access point there’s a demon running called hostapd which receives probes from nearby clients ( your laptop, mobile, etc ) and only responds to the probes that were sent to its SSID, discarding everything else.
Someone created a patched version of the hostapd binary which instead accepts every probe, this results in a WiFi access point that pretends to be (for instance) your home network thus forcing nearby devices to automatically connect to it.
You can create such kind of “Evil Twin” AP using a Kali distribution, the right drivers, the right hardware and so forth, or you can also hack a cheap TPLink WR703N, but the easiest, quickest (and IMHO more stable) solution is buying a WiFi Pineapple from Hak5 online shop.
In my case, I have a MKV, a Tetra and a NANO, in this post I’ll talk about the latter.
Internet Connection Sharing with OS X
Once you’ve done with the basic NANO configuration, you’ll have your device up and running with the ip address 172.16.42.1, in order to share the connection from your Mac wifi adapter to the NANO ( which is plugged to the Mac’s USB port at this point ) you’ll need to change this ip address to a different one which eventually will be “accepted” by the ICS OS X mechanism, so:
You’ll then enable internet connection sharing from your Mac WiFi adapter to the NANO USB-Eth adapter:
And eventually you’ll need to configure a static ip address for the interface:
Almost done, you need to apply the correct firewall rules on your Mac to make everything work between the two interfaces, this is a bash script I’ve made ( in my case the NANO ethernet interface is en4, change it to your needs ):
Once you’ve launched it, you can ssh again into your NANO and verify that the connection sharing is actually working.
Last step, just configure and start PineAP as you normally would:
Pineapple Mac Strain
You now have your KARMA attack running and nearby WiFi enabled devices should start connecting to your evil AP very soon :)
Pineapple Mac Os Update
Port Redirection and BetterCap
Unfortunately making bettercap run on the NANO is a pain in the ass and, even if you manage to do it, its hardware is simply not powerful enough to properly running it while handling multiple connections, so I’ve decided to run it on the laptop and have the NANO redirect all HTTP (and optionally HTTPS) traffic to it.
Here’s a simple bash script that you need to copy to your NANO, it will enable or disable port redirection to your bettercap instance running on the laptop:
Once you’ve enabled port redirection, you can simply start bettercap on your laptop with your preferred command line and start intercepting the traffic of the target clients that have been forced to connect to your evil access point :D
DONE! :D You won’t even need to MITM something, with this attack the targets will connect to you … enjoy! :)