wifipineapple-wiki/api.md

WiFi Pineapple Module API

#TODO: Add available destinations for ModuleManager.

Introduction

Unlike the old web interface, the back end of the new interface has been decoupled from the front end. All requests to perform system actions are sent as POSTs to /api/. The content of the POST is JSON and contains a minimum of two parameters.

The first parameter key must be either system or module

system is used for core system functions such as logging users in and performing system setup as well as managing notifications. module is used when sending a request to any of the default modules or to any user modules. The value is set to the module with which you are trying to communicate. For example, "system": "notifications" or "module": "RandomRoll".

The second parameter key action

This is set to the action you wish to perform. For instance, this could be "action": "listNotifications" or "action": "getRandomRollRolls".

Any other parameters are optional and are specific to the module and action you are requesting

Many actions do not require additional parameters. For instance, {"system": "notifications", "action": "listNotifications"} will return a list of all of the current unread notifications (as JSON). However, there are some functions, such as addNotification, that require additional parameters (in this case message). To create a new notifications, one would use the following request:

{
  "system": "notifications",
  "action": "addNotification",
  "message": "Hello World!"
}

Authentication

(Please note that extra authentication parameters are not required when using the angular module api due to the fact that client side module components are loaded after the user authenticates their browser)

There are a couple ways to authenticate with the pineapple. Requests sent via the web interface use a PHPSESSID cookie as well as an X-XSRF-TOKEN header. The pineapple will verify that the session is valid and logged in and that the XSRF token matches the one generated at the start of the session. If both of these conditions are met, the request is routed. An example of a request sent by chrome is as follows:

POST /api/ HTTP/1.1
Host: 172.16.42.1:1471
Connection: keep-alive
Content-Length: 55
Accept: application/json, text/plain, */*
Origin: http://172.16.42.1:1471
X-XSRF-TOKEN: b01c5046faa2f8ffbed6f2fdd90a5605e6c505e3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: http://172.16.42.1:1471/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Cookie: PHPSESSID=cfd6b0bb983666362cae311c457d1d34; XSRF-TOKEN=b01c5046faa2f8ffbed6f2fdd90a5605e6c505e3

{"system":"notifications","action":"listNotifications"}

This type of authentication is awkward and clumbsy to implement programmatically. Because of this, we have added a new way to authenticate with the WiFi Pineapple: API tokens. Though API tokens are supported by default, the pineapple is shipped without any valid tokens. The process of generating API tokens is simplified by the API Tokens module. After a token has been generated, it can be sent as an additional parameter. To use an API token, simply add an additional apiToken key to the request body. For example, to add a notification, one could send the following JSON request:

{
  "system": "notifications",
  "action": "addNotification",
  "message": "Hello World!",
  "apiToken": "7365626b696e6e652063616e7420636f6465202724ef6b5d7ac0b800cc83d474e8e007"
}

If the apiToken parameter is valid, the request will be route; otherwise an error will be returned.

Modules

Advanced

Description

The advanced module simplifies some more advanced processes like performing system upgrades and clearing system caches. FOr example, the following will clear the pineapple's caches:

{
  "module": "Advanced",
  "action": "dropCaches"
}

Action	Description	Parameters
getResources	Returns a JSON array of disk and memory usage	none
dropCaches	Clears system caches	none
getUSB	Returns a list of USB devices connected ot the pineapple	none
getFstab	Returns the contents of /etc/config/fstab	none
getCSS	Returns the contents of main.css	none
saveFstab	Overwrites /etc/config/fstab with a string	fstab A string to be written to /etc/config/fstab
saveCSS	Overwrites the contents of main.css with a string	css A string to be written to /pineapple/css/main.css
checkForUpgrade	Fetches the list of upgrades and the description of each	none
downloadUpgrade	Upgrades the pineapple to a specified firmare version (see output of checkForUpgrades and getCurrentVersion)	version The version to which the pineapple should be upgraded
getDownloadStatus	Tells whether a firmware download is complete or in progress and how many bytes have been downloaded	none
performUpgrade	Upgrades using the image in /tmp/upgrade.bin	none
getCurrentVersion	Returns the current firmware version on the pineapple	none

Clients

Description

Configuration

Description

Dashboard

Description

Filters

Description

Logging

Description

ModuleManager

Description

The Module Manager is responsible for installing, removing, and upgrading modules. It's API can be used to manage modules, as well as fetching the list of installed modules and getting available modules. To use them in your module, your request body would look like this:

{
    "module": "ModuleManager",
    "action": "removeModule",
    "moduleName": "Module"
}

Action	Description	Parameters
getAvailableModules	Return an array of modules available for download	none
getInstalledModules	Return an array of modules currently installed	none
downloadModule	Download a specified module	moduleName Name of module to install destination Destination of module.
installModule	Install a specified module	moduleName Name of module to install destination Destination of module.
removeModule	Remove a specified module	moduleName Name of module to remove
downloadStatus	Check status of module download	none
installStatus	Check status of module install	none
checkDestination	Check if the specified destination has the specified space free	name Name of module size Size of module

Networking

Description

The Networking module API allows you to interface with the networking side of the WiFi Pineapple without having to write your own functions to manage interfaces, the DNS, and the routing table. As described above, you can use these actions in your own module like so:

{
    "module": "Networking",
    "action": "setHostname",
    "hostname": "Pineapple"
}

Action	Description	Parameters
getRoutingTable	Returns the routing table of the Pineapple	none
restartDNS	Restarts the DNS service on the Pineapple	none
updateRoute	Updates the routing table	routeIP IP Address for the route routeInterface Interface for the route
getAdvancedData	Returns the hostname and ifconfig	none
setHostname	Sets the hostname for the Pineapple	hostname String for the hostname
resetWirelessConfig	Resets the Wireless Configuration for the Pineapple	none
getInterfaceList	Returns an array of available network interfaces	none
saveAPConfig	Writes properties to the AP configuration	selectedChannel Channel for the AP to operate on openSSID String for the SSID of the Open Access Point hideOpenAP Boolean to hide the Open Access Point or not managementSSID String for the SSID of the Management AP managementKey string for the WPA2 passphrase for the Management AP disableManagementAP Boolean to disable the Management AP or not
getAPConfig	Returns an array of properties from the access point configuration.	none
getMacData	Returns the MAC Addresses of each of the wireless interfaces	none
setMac	Sets the MAC address for a specified interface	random Boolean to set the MAC address as a random value. interface The interface you want to change the MAC address of mac The new MAC address of the interface
resetMac	Reset the specified interface's MAC address to the factory default.	interface The interface to reset

PineAP

Description

The PineAP module provides an easy way to interface with the PineAP suite. For example, one might use the following to add an SSID to PineAP's pool:

{
  "module": "PineAP",
  "action": "addSSID",
  "ssid": "ACME WiFi"
}

Action	Description	Parameters
getPool	Returns an array of the SSIDs in PineAP's pool	none
clearPool	Clears the PineAP pool	none
addSSID	Adds an SSID to the pool	ssid The SSID string to add
removeSSID	Removes an SSID from the pool	ssid The SSID string to remove
setPineAPSettings	Update PineAP's settings	settings A dictionary with setting key/value pairs allowAssociations Whether clients should be allowed to associate to the pineapple logProbes Whether to log probe requests logAssociations Whether to log associations beaconResponses Whether to send beacon responses captureSSIDs Whether to add sniffed SSIDs to the pool broadcastSSIDs Whether to broadcast the SSID pool beaconInterval The beacon interval- must be one of "low", "normal" or "aggressive" responseInterval The response interval- must be one of "low", "normal" or "aggressive" targetMAC The MAC to target with responses sourceMAC The MAC PineAP should spoof
getPineAPSettings	Returns a dictionary with all the current PineAP settings	none
deauth	Deauth a list of clients from a station. Use this with caution. The misuse of this function may be illegal in some places.	sta The bssid of the station from which to disconnect the clients clients An array of client MACs to deauth multiplier The number of deauths (from 1 to 10) to send channel The channel to hop to before sending the frame(s)
enable	Enables PineAP	none
disable	Disables PineAP	none
saveAsDefault	Makes the current configuration persist after reboots	none
downloadPineAPPool	Get a download link to the SSID pool (useful for client side modules)	none

Recon

Description

Reporting

Description

Tracking

Description

Community Python API

Further Information