Cyber security

Pineapple Mark VII REST Client

The Pineapple Mark VII REST Client offers a robust suite of tools for WiFi penetration testing and security analysis. Developed by TW-D and compatible with Ruby, it allows users to automate both active and passive network attacks.

With an extensive library of payloads, this toolkit identifies vulnerable devices, facilitates WiFi exploitation, and offers comprehensive reconnaissance capabilities. Dive into the details below for installation, usage, and system modules.

  • The leading rogue access point and WiFi pentest toolkit for close access operations.
  • Passive and active attacks analyze vulnerable and misconfigured devices.

Author:: TW-D

Version:: 1.3.7

Copyright:: Copyright (c) 2022 TW-D

License:: Distributes under the same terms as Ruby

Doc:: Click here

Requires:: Ruby >= 2.7.0p0 and Pineapple Mark VII >= 2.1.0-stable

Installation (Debian, Ubuntu, Raspbian)::

  • sudo apt-get install build-essential curl g++ ruby ruby-dev
  • sudo gem install net-ssh rest-client tty-progressbar

Description

Library allowing the automation of active or passive attack operations.

Note : “Issues” and “Pull Request” are welcome.

Payloads

In “./payloads/” directory, you will find :

COMMAND and CONTROLAuthorUsage
Hak5 Key Croc – Real-time recovery of keystrokes from a keyboardTW-D(edit) ruby ./hak5_key-croc.rb
Maltronics WiFi Deauther – Spam beacon framesTW-D(edit) ruby ./maltronics_wifi-deauther.rb
DEFENSEAuthorUsage
Hak5 Pineapple SpotterTW-D with special thanks to @DrSKiZZ, @cribb-it, @barry99705 and @dark_pyrro(edit) ruby ./hak5-pineapple_spotter.rb
DoSAuthorUsage
Deauthentication of clients available on the access pointsTW-D(edit) ruby ./deauthentication-clients.rb
EXPLOITATIONAuthorUsage
Evil WPA Access PointTW-D(edit) ruby ./evil-wpa_access-point.rb
Fake Access PointsTW-D(edit) ruby ./fake_access-points.rb
Mass HandshakesTW-D(edit) ruby ./mass-handshakes.rb
Rogue Access PointsTW-D(edit) ruby ./rogue_access-points.rb
Twin Access PointsTW-D(edit) ruby ./twin_access-points.rb
GENERALAuthorUsage
System Status, Disk Usage, …TW-D(edit) ruby ./dashboard-stats.rb
Networking InterfacesTW-D(edit) ruby ./networking-interfaces.rb
System LogsTW-D(edit) ruby ./system-logs.rb
RECONAuthorUsage
Access Points and Clients on 2.4GHz and 5GHz (with a supported adapter)TW-D(edit) ruby ./access-points_clients_5ghz.rb
Access Points and ClientsTW-D(edit) ruby ./access-points_clients.rb
MAC Addresses of Access PointsTW-D(edit) ruby ./access-points_mac-addresses.rb
Tagged Parameters of Access PointsTW-D(edit) ruby ./access-points_tagged-parameters.rb
Access Points and Wireless Network Mapping with WiGLETW-D(edit) ruby ./access-points_wigle.rb
MAC Addresses of ClientsTW-D(edit) ruby ./clients_mac-addresses.rb
OPEN Access PointsTW-D(edit) ruby ./open_access-points.rb
WEP Access PointsTW-D(edit) ruby ./wep_access-points.rb
WPA Access PointsTW-D(edit) ruby ./wpa_access-points.rb
WPA2 Access PointsTW-D(edit) ruby ./wpa2_access-points.rb
WPA3 Access PointsTW-D(edit) ruby ./wpa3_access-points.rb
WARDRIVINGAuthorUsage
Continuous Recon on 2.4GHz and 5GHz (with a supported adapter)TW-D(edit) ruby ./continuous-recon_5ghz.rb [CTRL+c]
Continuous Recon for Handshakes CaptureTW-D(edit) ruby ./continuous-recon_handshakes.rb [CTRL+c]
Continuous ReconTW-D(edit) ruby ./continuous-recon.rb [CTRL+c]

Payload skeleton for development

#
# Title:            <TITLE>
#
# Description:      <DESCRIPTION>
#
#
# Author:           <AUTHOR>
# Version:          <VERSION>
# Category:         <CATEGORY>
#
# STATUS
# ======================
# <SHORT-DESCRIPTION> ... SETUP
# <SHORT-DESCRIPTION> ... ATTACK
# <SHORT-DESCRIPTION> ... SPECIAL
# <SHORT-DESCRIPTION> ... FINISH
# <SHORT-DESCRIPTION> ... CLEANUP
# <SHORT-DESCRIPTION> ... OFF
#

require_relative('<PATH-TO>/classes/PineappleMK7.rb')

system_authentication = PineappleMK7::System::Authentication.new
system_authentication.host = "<PINEAPPLE-IP-ADDRESS>"
system_authentication.port = 1471
system_authentication.mac = "<PINEAPPLE-MAC-ADDRESS>"
system_authentication.password = "<ROOT-ACCOUNT-PASSWORD>"

if (system_authentication.login)

    led = PineappleMK7::System::LED.new

    # SETUP
    #
    led.setup

    #
    # [...]
    #

    # ATTACK
    #
    led.attack

    #
    # [...]
    #

    # SPECIAL
    #
    led.special

    #
    # [...]
    #

    # FINISH
    #
    led.finish

    #
    # [...]
    #

    # CLEANUP
    #
    led.cleanup

    #
    # [...]
    #

    # OFF
    #
    led.off

end

Note : Don’t hesitate to take inspiration from the payloads directory.

System modules

Authentication accessors/method

system_authentication = PineappleMK7::System::Authentication.new

system_authentication.host = (string) "<PINEAPPLE-IP-ADDRESS>"
system_authentication.port = (integer) 1471
system_authentication.mac = (string) "<PINEAPPLE-MAC-ADDRESS>"
system_authentication.password = (string) "<ROOT-ACCOUNT-PASSWORD>"

system_authentication.login()

LED methods

led = PineappleMK7::System::LED.new

led.setup()
led.failed()
led.attack()
led.special()
led.cleanup()
led.finish()
led.off()

Pineapple Modules

Dashboard

Notifications method

dashboard_notifications = PineappleMK7::Modules::Dashboard::Notifications.new

dashboard_notifications.clear()

Stats method

dashboard_stats = PineappleMK7::Modules::Dashboard::Stats.new

dashboard_stats.output()

Logging

System method

logging_system = PineappleMK7::Modules::Logging::System.new

logging_system.output()

PineAP

Clients methods

pineap_clients = PineappleMK7::Modules::PineAP::Clients.new

pineap_clients.connected_clients()
pineap_clients.previous_clients()
pineap_clients.kick( (string) mac )
pineap_clients.clear_previous()

EvilWPA accessors/method

evil_wpa = PineappleMK7::Modules::PineAP::EvilWPA.new

evil_wpa.ssid = (string default:'PineAP_WPA')
evil_wpa.bssid = (string default:'00:13:37:BE:EF:00')
evil_wpa.auth = (string default:'psk2+ccmp')
evil_wpa.password = (string default:'pineapplesareyummy')
evil_wpa.hidden = (boolean default:false)
evil_wpa.enabled = (boolean default:false)
evil_wpa.capture_handshakes = (boolean default:false)

evil_wpa.save()

Filtering methods

pineap_filtering = PineappleMK7::Modules::PineAP::Filtering.new

pineap_filtering.client_filter( (string) 'allow' | 'deny' )
pineap_filtering.add_client( (string) mac )
pineap_filtering.clear_clients()
pineap_filtering.ssid_filter( (string) 'allow' | 'deny' )

Impersonation methods

pineap_impersonation = PineappleMK7::Modules::PineAP::Impersonation.new

pineap_impersonation.output()
pineap_impersonation.add_ssid( (string) ssid )
pineap_impersonation.clear_pool()

OpenAP method

open_ap = PineappleMK7::Modules::PineAP::OpenAP.new

open_ap.output()

Settings accessors/method

pineap_settings = PineappleMK7::Modules::PineAP::Settings.new

pineap_settings.enablePineAP = (boolean default:true)
pineap_settings.autostartPineAP = (boolean default:true)
pineap_settings.armedPineAP = (boolean default:false)
pineap_settings.ap_channel = (string default:'11')
pineap_settings.karma = (boolean default:false)
pineap_settings.logging = (boolean default:false)
pineap_settings.connect_notifications = (boolean default:false)
pineap_settings.disconnect_notifications = (boolean default:false)
pineap_settings.capture_ssids = (boolean default:false)
pineap_settings.beacon_responses = (boolean default:false)
pineap_settings.broadcast_ssid_pool = (boolean default:false)
pineap_settings.broadcast_ssid_pool_random = (boolean default:false)
pineap_settings.pineap_mac = (string default:system_authentication.mac)
pineap_settings.target_mac = (string default:'FF:FF:FF:FF:FF:FF')
pineap_settings.beacon_response_interval = (string default:'NORMAL')
pineap_settings.beacon_interval = (string default:'NORMAL')

pineap_settings.save()

Recon

Handshakes methods

recon_handshakes = PineappleMK7::Modules::Recon::Handshakes.new

recon_handshakes.start( (object) ap )
recon_handshakes.stop()
recon_handshakes.output()
recon_handshakes.download( (object) handshake, (string) destination )
recon_handshakes.clear()

Scanning methods

recon_scanning = PineappleMK7::Modules::Recon::Scanning.new

recon_scanning.start( (integer) scan_time )
recon_scanning.start_continuous( (boolean) autoHandshake )
recon_scanning.stop_continuous()
recon_scanning.output( (integer) scanID )
recon_scanning.tags( (object) ap )
recon_scanning.deauth_ap( (object) ap )
recon_scanning.delete( (integer) scanID )

Settings

Networking methods

settings_networking = PineappleMK7::Modules::Settings::Networking.new

settings_networking.interfaces()
settings_networking.client_scan( (string) interface )
settings_networking.client_connect( (object) network, (string) interface )
settings_networking.client_disconnect( (string) interface )
settings_networking.recon_interface( (string) interface )
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: Automation AttacksPineapple Mark VIIWiFi Penetration
1 year ago

Recent Posts

Promptmap

Prompt injection is a type of security vulnerability that can be exploited to control the…

2 days ago

Firefly – Black Box Fuzzer For Web Applications

Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly…

2 days ago

Winit : Cross-Platform Window Creation And Management In Rust

Winit is a robust, cross-platform library designed for creating and managing windows in Rust applications.…

2 days ago

Browser Autofill Phishing – The Hidden Dangers And Security Risks

In today’s digital age, convenience often comes at the cost of security. One such overlooked…

2 days ago

Terminal GPT (tgpt) – Your Direct CLI Gateway To ChatGPT 3.5

Terminal GPT (tgpt) offers a seamless way to bring the power of ChatGPT 3.5 directly…

2 days ago

garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security

garak checks if an LLM can be made to fail in a way we don't…

5 days ago