884 B
Vulnerable Application
The 'pineapple_bypass_cmdinject' exploit attacks a weak check for pre-authorized CSS files, which allows the attacker to bypass authentication. The exploit then relies on the anti-CSRF vulnerability (CVE-2015-4624) to obtain command injection.
This exploit uses a utility function in /components/system/configuration/functions.php to execute commands once authorization has been bypassed.
Verification Steps
This exploit requires a "fresh" pineapple, flashed with version 2.0-2.3. The default options are generally effective due to having a set state after being flashed. You will need to be connected to the WiFi pineapple network (e.g. via WiFi or ethernet).
Assuming the above 2.3 firmware is installed, this exploit should always work. If it does not, try it again. It should always work as long as the pineapple is in its default configuration.