How To Dns Spoof Https Links

[fellowgeek]

Hello,

I created a bunch of phishing pages for Facebook, twitter, and gmail to test out

the dns-spoof function on Mark IV pineapple.

The pages work fine and Pineapple will redirect the traffic to the fake login pages

that I created however, when the victims type in a HTTPS address like https://twitter.com the

redirect won't work and a connection error message would show up in browser,

or sometimes they will see the real site's HTTPS version.

Is there anyway around this? can I redirect HTTPS links to a landing page as well?

Thanks

[potato]

Check out ssl strip

[Neworld]

ssl strip removes https encryption.... You won't need it though because the majority of people don't type https into a address bar or google. Usually they type twitter.com or twitter into google.... the regular way should work.

[fellowgeek]

I notices most of the browsers i.e. Safari and Chrome are switching to HTTPS version most of the time, I'll try experimenting with

SSL Strip, thanks for the replys, would anyone be interested in my fake login pages when they are done ?

[PineDominator]

I don't get it would a computer still not look up a dns server regardles if it's encrypted or not? or are there ssl dns servers for https?

can you try clearing the cash and restarting the device your testing with? on android I use 1tap cleaner.

what I found is if you visit a site with an android device it saves the ip and skips the lookup after that.

[Neworld]

I notices most of the browsers i.e. Safari and Chrome are switching to HTTPS version most of the time, I'll try experimenting with

SSL Strip, thanks for the replys, would anyone be interested in my fake login pages when they are done ?

I'm interested in your fake login pages... Send me a message when you got them all done :D