Cyber security

Pineapple Mark VII REST Client

The Pineapple Mark VII REST Client offers a robust suite of tools for WiFi penetration testing and security analysis. Developed by TW-D and compatible with Ruby, it allows users to automate both active and passive network attacks.

With an extensive library of payloads, this toolkit identifies vulnerable devices, facilitates WiFi exploitation, and offers comprehensive reconnaissance capabilities. Dive into the details below for installation, usage, and system modules.

  • The leading rogue access point and WiFi pentest toolkit for close access operations.
  • Passive and active attacks analyze vulnerable and misconfigured devices.

Author:: TW-D

Version:: 1.3.7

Copyright:: Copyright (c) 2022 TW-D

License:: Distributes under the same terms as Ruby

Doc:: Click here

Requires:: Ruby >= 2.7.0p0 and Pineapple Mark VII >= 2.1.0-stable

Installation (Debian, Ubuntu, Raspbian)::

  • sudo apt-get install build-essential curl g++ ruby ruby-dev
  • sudo gem install net-ssh rest-client tty-progressbar

Description

Library allowing the automation of active or passive attack operations.

Note : “Issues” and “Pull Request” are welcome.

Payloads

In “./payloads/” directory, you will find :

COMMAND and CONTROLAuthorUsage
Hak5 Key Croc – Real-time recovery of keystrokes from a keyboardTW-D(edit) ruby ./hak5_key-croc.rb
Maltronics WiFi Deauther – Spam beacon framesTW-D(edit) ruby ./maltronics_wifi-deauther.rb
DEFENSEAuthorUsage
Hak5 Pineapple SpotterTW-D with special thanks to @DrSKiZZ, @cribb-it, @barry99705 and @dark_pyrro(edit) ruby ./hak5-pineapple_spotter.rb
DoSAuthorUsage
Deauthentication of clients available on the access pointsTW-D(edit) ruby ./deauthentication-clients.rb
EXPLOITATIONAuthorUsage
Evil WPA Access PointTW-D(edit) ruby ./evil-wpa_access-point.rb
Fake Access PointsTW-D(edit) ruby ./fake_access-points.rb
Mass HandshakesTW-D(edit) ruby ./mass-handshakes.rb
Rogue Access PointsTW-D(edit) ruby ./rogue_access-points.rb
Twin Access PointsTW-D(edit) ruby ./twin_access-points.rb
GENERALAuthorUsage
System Status, Disk Usage, …TW-D(edit) ruby ./dashboard-stats.rb
Networking InterfacesTW-D(edit) ruby ./networking-interfaces.rb
System LogsTW-D(edit) ruby ./system-logs.rb
RECONAuthorUsage
Access Points and Clients on 2.4GHz and 5GHz (with a supported adapter)TW-D(edit) ruby ./access-points_clients_5ghz.rb
Access Points and ClientsTW-D(edit) ruby ./access-points_clients.rb
MAC Addresses of Access PointsTW-D(edit) ruby ./access-points_mac-addresses.rb
Tagged Parameters of Access PointsTW-D(edit) ruby ./access-points_tagged-parameters.rb
Access Points and Wireless Network Mapping with WiGLETW-D(edit) ruby ./access-points_wigle.rb
MAC Addresses of ClientsTW-D(edit) ruby ./clients_mac-addresses.rb
OPEN Access PointsTW-D(edit) ruby ./open_access-points.rb
WEP Access PointsTW-D(edit) ruby ./wep_access-points.rb
WPA Access PointsTW-D(edit) ruby ./wpa_access-points.rb
WPA2 Access PointsTW-D(edit) ruby ./wpa2_access-points.rb
WPA3 Access PointsTW-D(edit) ruby ./wpa3_access-points.rb
WARDRIVINGAuthorUsage
Continuous Recon on 2.4GHz and 5GHz (with a supported adapter)TW-D(edit) ruby ./continuous-recon_5ghz.rb [CTRL+c]
Continuous Recon for Handshakes CaptureTW-D(edit) ruby ./continuous-recon_handshakes.rb [CTRL+c]
Continuous ReconTW-D(edit) ruby ./continuous-recon.rb [CTRL+c]

Payload skeleton for development

#
# Title:            <TITLE>
#
# Description:      <DESCRIPTION>
#
#
# Author:           <AUTHOR>
# Version:          <VERSION>
# Category:         <CATEGORY>
#
# STATUS
# ======================
# <SHORT-DESCRIPTION> ... SETUP
# <SHORT-DESCRIPTION> ... ATTACK
# <SHORT-DESCRIPTION> ... SPECIAL
# <SHORT-DESCRIPTION> ... FINISH
# <SHORT-DESCRIPTION> ... CLEANUP
# <SHORT-DESCRIPTION> ... OFF
#

require_relative('<PATH-TO>/classes/PineappleMK7.rb')

system_authentication = PineappleMK7::System::Authentication.new
system_authentication.host = "<PINEAPPLE-IP-ADDRESS>"
system_authentication.port = 1471
system_authentication.mac = "<PINEAPPLE-MAC-ADDRESS>"
system_authentication.password = "<ROOT-ACCOUNT-PASSWORD>"

if (system_authentication.login)

    led = PineappleMK7::System::LED.new

    # SETUP
    #
    led.setup

    #
    # [...]
    #

    # ATTACK
    #
    led.attack

    #
    # [...]
    #

    # SPECIAL
    #
    led.special

    #
    # [...]
    #

    # FINISH
    #
    led.finish

    #
    # [...]
    #

    # CLEANUP
    #
    led.cleanup

    #
    # [...]
    #

    # OFF
    #
    led.off

end

Note : Don’t hesitate to take inspiration from the payloads directory.

System modules

Authentication accessors/method

system_authentication = PineappleMK7::System::Authentication.new

system_authentication.host = (string) "<PINEAPPLE-IP-ADDRESS>"
system_authentication.port = (integer) 1471
system_authentication.mac = (string) "<PINEAPPLE-MAC-ADDRESS>"
system_authentication.password = (string) "<ROOT-ACCOUNT-PASSWORD>"

system_authentication.login()

LED methods

led = PineappleMK7::System::LED.new

led.setup()
led.failed()
led.attack()
led.special()
led.cleanup()
led.finish()
led.off()

Pineapple Modules

Dashboard

Notifications method

dashboard_notifications = PineappleMK7::Modules::Dashboard::Notifications.new

dashboard_notifications.clear()

Stats method

dashboard_stats = PineappleMK7::Modules::Dashboard::Stats.new

dashboard_stats.output()

Logging

System method

logging_system = PineappleMK7::Modules::Logging::System.new

logging_system.output()

PineAP

Clients methods

pineap_clients = PineappleMK7::Modules::PineAP::Clients.new

pineap_clients.connected_clients()
pineap_clients.previous_clients()
pineap_clients.kick( (string) mac )
pineap_clients.clear_previous()

EvilWPA accessors/method

evil_wpa = PineappleMK7::Modules::PineAP::EvilWPA.new

evil_wpa.ssid = (string default:'PineAP_WPA')
evil_wpa.bssid = (string default:'00:13:37:BE:EF:00')
evil_wpa.auth = (string default:'psk2+ccmp')
evil_wpa.password = (string default:'pineapplesareyummy')
evil_wpa.hidden = (boolean default:false)
evil_wpa.enabled = (boolean default:false)
evil_wpa.capture_handshakes = (boolean default:false)

evil_wpa.save()

Filtering methods

pineap_filtering = PineappleMK7::Modules::PineAP::Filtering.new

pineap_filtering.client_filter( (string) 'allow' | 'deny' )
pineap_filtering.add_client( (string) mac )
pineap_filtering.clear_clients()
pineap_filtering.ssid_filter( (string) 'allow' | 'deny' )

Impersonation methods

pineap_impersonation = PineappleMK7::Modules::PineAP::Impersonation.new

pineap_impersonation.output()
pineap_impersonation.add_ssid( (string) ssid )
pineap_impersonation.clear_pool()

OpenAP method

open_ap = PineappleMK7::Modules::PineAP::OpenAP.new

open_ap.output()

Settings accessors/method

pineap_settings = PineappleMK7::Modules::PineAP::Settings.new

pineap_settings.enablePineAP = (boolean default:true)
pineap_settings.autostartPineAP = (boolean default:true)
pineap_settings.armedPineAP = (boolean default:false)
pineap_settings.ap_channel = (string default:'11')
pineap_settings.karma = (boolean default:false)
pineap_settings.logging = (boolean default:false)
pineap_settings.connect_notifications = (boolean default:false)
pineap_settings.disconnect_notifications = (boolean default:false)
pineap_settings.capture_ssids = (boolean default:false)
pineap_settings.beacon_responses = (boolean default:false)
pineap_settings.broadcast_ssid_pool = (boolean default:false)
pineap_settings.broadcast_ssid_pool_random = (boolean default:false)
pineap_settings.pineap_mac = (string default:system_authentication.mac)
pineap_settings.target_mac = (string default:'FF:FF:FF:FF:FF:FF')
pineap_settings.beacon_response_interval = (string default:'NORMAL')
pineap_settings.beacon_interval = (string default:'NORMAL')

pineap_settings.save()

Recon

Handshakes methods

recon_handshakes = PineappleMK7::Modules::Recon::Handshakes.new

recon_handshakes.start( (object) ap )
recon_handshakes.stop()
recon_handshakes.output()
recon_handshakes.download( (object) handshake, (string) destination )
recon_handshakes.clear()

Scanning methods

recon_scanning = PineappleMK7::Modules::Recon::Scanning.new

recon_scanning.start( (integer) scan_time )
recon_scanning.start_continuous( (boolean) autoHandshake )
recon_scanning.stop_continuous()
recon_scanning.output( (integer) scanID )
recon_scanning.tags( (object) ap )
recon_scanning.deauth_ap( (object) ap )
recon_scanning.delete( (integer) scanID )

Settings

Networking methods

settings_networking = PineappleMK7::Modules::Settings::Networking.new

settings_networking.interfaces()
settings_networking.client_scan( (string) interface )
settings_networking.client_connect( (object) network, (string) interface )
settings_networking.client_disconnect( (string) interface )
settings_networking.recon_interface( (string) interface )
Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a Comment
Share
Published by
Tamil S
Tags: Automation AttacksPineapple Mark VIIWiFi Penetration
1 year ago

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

14 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

15 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

3 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

4 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago