WiFi Pineapple NANO v1.0.6 firmware

Hello! I’m trying to update the AR-150 with the NANO firmware v1.0.6.

After a successful upload, I browse to 192.168.8.1:1471, main screen stating that the NANO “is booting” but it stays just there…

I also tried the v1.0.5 but nothing…

 

Any ideas? I’m using the pre-packed binaries, I’m not doing all the process myself.

Thanks a lot!

Is that possible? I can see its the same CPU but after that the hardware is quite different isn’t it.

The CPU is the same. Wifi pineapple is with a 2nd radio, but it has drivers in openwrt.

I am sure the firmware can be run in AR150. But as I remember, wifi pineapple use same kind of flash layout as our 6416. Without changing the image, it will not run in AR150, but should run at 6416.

Hey all! Thanks for your replies!

OK, I was using: GitHub - kow/glinetpineapple: Wifi Pineapple firmware for for GL.iNet GL-AR150, the 1.0.6 version.

Some notes:

  1. When changing firmware, “do not keep current configuration”

  2. When uploading is done, WAN port should be used, and Pineapple DHCP will give you an IP address correctly :wink:

  3. Connect to its web interface, when it asks to press the reset button, press the one in AR150, and set a password. Done! Now it’s working…

All the hardware is pretty similar, however the NANO has 2 wlan’s but this on only one, so a few things (internal scripts for example) need some tuning… also, you will be connected to the AR150 via WAN port and that will be like the USB eth on the original NANO…

I’m playing with this and maybe come up with some script that will change the necessary things to make it work… also, I’m connecting my Alfa RTL8187 to the AR150 usb port so I can “emulate” the second interface… it could be cool to put 2 ar150 connected via the lan port both with Pineapple firm and use them as one nice wifi hacking device, right?

I will post here my research and notes… if any of you is playing with this same arrangement, ping me, and we can stay in touch… I will need some help maybe :slight_smile:

 

cheers!

 

Hey ST5, seems that your post was kinda deleted. Let me re-post it:

hak5 makes a script you can use to enable internet connection sharing with the wifi pineapple. you can download the script with wget www.wifepineapple.com/wp6.sh . make the script executable with chmod +x wp6.sh then run the script with ./wp6.sh . This only provides a way to share internet from your computer from what I understand. I still want to find out how to provide internet from ethernet when I have the pineapple set up at my house.

Moebius,

Could you explain the process by which you connected your Alfa RTL8187 and set it up as a second interface? I have a few usb wifi adapters lying around that I could try to use. Do you know which chipsets are compatible?

Yes, you are right, of course you can run that script in order to provide the NANO with Internet access, the script will insert the typical iptables rules to nat the device behind it and that’s it, pretty easy.

Since I can’t run iptables and/or modprobe commands (I don’t know exactly why, if someone can help wth this it will be very appreciated - side note: both commands work ok in chaos calmer openwrt firm -) I used “insmod” to install the rtl8187 module (which is already in /lib/modules). After that, you can connect an ALFTa with an RTL8187 chipset and you will have the second interface. Basically, any chipset accepted by openwrt project would prolly work.

So, as of now:

  1. Replace the original firm with modified nano 1.0.6 using the default web interface without saving actual configuration

  2. Connect to the NANO using the WAN port (which is eth0 by default config - LAN port will be eth1 -) You will get an ip address like 172.16.42.XXX

  3. Change the provided IP address with 172.16.42.42 (default gw in NANO). Run the script (you will need to modified the expected MAC address, look inside the code of the script or remove those lines checking for the NANO) or modify the computer’s iptables to give inet access to that iface… (this is what the helper script will actually do)

  4. Now, NANO will have inet access through WAN eth0 port… of course all this config can be changed, I’m making this as easy as I can…

  5. If you want, you can connect an ALFA and with insmod install the module and now the NANO will have wlan0 and wlan1

  6. Some internal modules such as PineAP, Recon and others, will need some fine tuning because they use “wlan1” and if you don’t connect the external ALFa you will have just wlan0. So replace the instances of wlan1 with wlan0 and for “client” connections “wlan0-1” can be used too…

  7. Some modules like ssltrip will not work. I’m working on this. This is because iptables is not working fine and, as I already said, I don’t know why. The same happens with modprobe… I will need some help here… if someone can try…

  8. Also, we will need the usb port to connect an external usb memory, to expand its memory. The CPU goes to 100% very quick and it stops responding if it’s too full, according to my tests.

Hope all of this raises some interest and someone can try and help to make this work very well!

Thanks!

Here´s my little tutorial:

 

Download Firmware Mod Kit v0.99: Google Code Archive - Long-term storage for Google Code Project Hosting.

 

https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/firmware-mod-kit/fmk_099.tar.gz

 

Note: if there’s a problem while extracting firmware, check that ${BINWALK} is really pointing to the binwalk binary. I just replaced ${BINWALK} with binwalk inside extract-firmware.sh file

 

Follow Google Code Archive - Long-term storage for Google Code Project Hosting. in order to have all the required dependencies.

 

 

Clone GitHub - domino-team/openwrt-cc: openwrt CC with Domino/GL patches

Install required dependencies.

Update and Install the Feeds (follow instructions in their main page)

 

 

Download WifiPineApple NANO firmware WiFi Pineapple - Downloads

(v1.0.6)

 

Note that the kernel in use here is 3.18.23 (we will do some modifications on this later)

 

 

Extract the files in NANO’s firm “upgrade-1.0.6”:

 

cd firmware-mod-kit

./extract-firmware.sh upgrade-1.0.6

 

(remember that if there’s a problem it might be because the binwalk binary is wrongly specified, check step 1)

 

 

After the successful extraction, in the same directory, under fmw/rootfs, the full “filesystem” of the NANO will appear. All files in there should be copied into a new directory called “files” in the openwrt-cc main directory (this is for customizing the final result, as shown in OpenWrt Buildroot – Uso [Old OpenWrt Wiki] — Custom Files section —). So:

 

cd openwrt-cc

mkdir files

 

then

 

cp -R firmware-mod-kit/fmw/rootfs/* openwrt-cc/files/

 

Example of the final result:

 

root@kali:~/Desktop/openwrt-cc/files# ls

bin etc mnt pineapple rom sbin tmp var

dev lib overlay proc root sys usr www

 

We are going to refer to this directory structure as “The Pineapple NANO” one.

 

 

Now, some magic tricks are needed from here:

 

a)

 

Remove the “modules” directory in /lib/ of the above structure:

 

rm -rf openwrt-cc/files/lib/modules

 

The modules for NANO v1.0.6 (kernel 3.18.23) conflict with the current in openwrt-cc project (3.18.27). It’s OK if we completely remove them. I think that this first trick will work for every update even for NANO or for the openwrt-cc project.

 

b)

 

Remove the modprobe binary (under the /sbin/ dir) and all the iptables* + ip6tables binaries (under /usr/sbin/ dir) in the PineApple NANO directory structure

 

I found that because of the difference on the kernel version, these two little guys weren’t working without doing this magic trick #2. And they are VERY necessary (example SSLsplit module).

 

 

Now, we are ready to cross compile! First, lets add some modules we will probably use later:

 

root@kali:~/Desktop/openwrt-cc# make menuconfig

 

a) Change “Target Profile” to match “GL-AR150”

 

b) Kernel Modules -> Wireless Drivers -> kmod-rtl8187 (so we can connect an ALFA wifi device with a REALTEK 8187 chipset using the USB port available in the AR150. Select any other chipset or install it later using opkg)

 

Save config and Exit.

 

b) Time to make, time to wait (from half an hour to 5 or 6 hours :slight_smile:

 

make -j1 V=s

 

 

If everything went fine (I can promise it works!) under the bin/ar71xx directory you will find a lot of binaries, the one we will use is:

 

ls -la openwrt-ar71xx-generic-gl-ar150-squashfs-sysupgrade.bin

-rw-r–r-- 1 root root 14155780 May 13 14:58 openwrt-ar71xx-generic-gl-ar150-squashfs-sysupgrade.bin

 

(size could be slightly different, but always <16MB!)

 

 

Replace the firmware on the AR150 with this one, following the UBOOT procedure or just using the GLInet custom web interface (the second one will check if everything on the binary is “OK”). Remember if you use the second procedure to de-select the “Keep current config” options. We need to start from a clear config.

 

 

Connect to the “WAN” port and wait for the DHCP from the AR150 to offer one new IP like 172.16.42.XXX (important: USE THE WAN PORT!!! I lost a few hours dealing with this, so disconnect from the LAN port and connect to the WAN port now)

 

 

Using any browser: http://172.16.42.1:1471

 

 

Follow the procedures for the very first time, use the reset button on the AR150 when asked to “press the reset button on the NANO” after the initial step. Configure a password and the rest of the things. Done!

 

 

As the NANO has one USB port acting as an eth and two wlan interfaces, some of the internal scripts will fail since they are using hardcoded identifiers (example: wlan1 for the “Recon - AP&Client” module and there is no wlan1 in our current config). So a few more fine tuning should be executed.

 

Can can connect an ALFA device and it will be immediately recognized as wlan1, so with that we can work perfectly without modifying any of the modules.

 

 

iptables should be working OK at this point, but we will need to run the following command to update our kmod utilities for the current kernel:

 

root@Pineapple:~# opkg install kmod -force-overwrite

 

 

Try iptables -L and modprobe both should be working OK now.

Moebius thanks for the input! At the moment I managed to use a tl-wn722n to provide an external wifi interface. It actually didn’t require the addition of any other firmware. I’m currently able to use both interfaces but when I do I’m unable to provide an internet connection which pretty much nullifies any ability to perform mitm. Do you suggest that I follow you’re tutorial to resolve my issue? Or does there happen to be some way I can configure the network settings to provide internet from the ethernet connection? Thanks much friend! Is there a way I can DM you to discuss matters further? I’m not sure if the glinet forums provide such a feature…

hey st5!

I think you’re missing some routes or iptables rules. If you’re using nano firm, the host machine should be 172.16.42.42 and on that computer you need some iptables rules for packets forwarding and nating.

You can contact me at nahuel at cintainfinita dot com

cheers

It sounds like st5 is looking for wpa6.sh (wp6/wp6.sh at master · hak5darren/wp6 · GitHub).

moebius, thanks for the guide. I am really considering an AR150, since the TP-Link MR3020 w/ MK5 I currently use is rather … flakey. It seems to randomly deinitialize anything I connect to the USB port, which are an external wifi stick (TP-Link TLWN722N) and USB storage for extroot. Because it drops the extroot, the device has a kernel panic and reboots.

Did you perhaps test the AR150 with more than 1 USB device?

Hey nantronic!

Nope, I haven’t tried that yet, just with the RTL8187 alfa dev. I can give that a try later but I think you can give the ar150 a try… it definitely worths the price!!!

Let me know if you can follow my guide!

it will also work with an external usb hub. you don’t necessarily need to use a usb flash drive because the internal storage available in the gl-ar150 is more than 4x that of the mr3020. you can install the firmware without any extra storage that’s for certain. you may wish to use external storage if you intend to maintain large number of logs or use a number of modules.

Moebius,

check your inbox. i sent you a message.

Wow!! Thank you so much Moebius your tuto works like a charm.

The only issue was extracting pineapple firmware. The binwalk path. I fixed it with “sudo apt-get install binwalk” and then renaming the ${BINWALK} to binwalk.

Now iptables are working.

Do you think it is possible make a new compilation with “kmod -force-overwrite” applied?

Nantronic right now I have two wireless card and one usb storage working without problem. And the router is powered by my laptop… amazing!

Good to know! Perfect!

Hello All, has released new firmware 1.1.1 nano can anyone compiled on the basis of it the firmware for GL-AR150, I personally do not have the resources and knowledge that would make it

can everyone do it for mt7620?

hi…not clear to me if Moebius solved the boot loop issue. Hack5 released 1.13 firmware, anybody tested it over little lovely ar-150!?

Do GL sell additional router pineapple compatible? Feedback would be really appreciated!

yes…this boot loop!