Search the Community

Hi there! I'm trying to make an evilportal on the wifi pineapple (OS version: 2.1.2, Evil portal version: 1.5.3, other modules installed, don't know if it helps: hcxdumptool[1.0], httpseek[1.2.1]) I've made a template using the "New Portal" button, then modified it to my needs. The problem is that when I try it out with my iphone 13 it fails to reach "http://captive.apple.com/hotspot-detect.html" instead it tries to find the hotspot-detect.html on the webserver. There are a lot of these errors in the log file: 2024/01/20 15:35:51 [error] 25944#0: *9 open() "/www/hotspot-detect.html" failed (2: No such file or directory), client: 172.16.42.143, server: www, request: "GET /hotspot-detect.html HTTP/1.0", host: "captive.apple.com" 2024/01/20 15:36:02 [error] 25944#0: *17 open() "/www/hotspot-detect.html" failed (2: No such file or directory), client: 172.16.42.143, server: www, request: "GET /hotspot-detect.html HTTP/1.0", host: "captive.apple.com" The process (on the Iphone): 1. I join the open wifi network hosted by pineapple with my phone. 2. The captive portal pops up with the desired visual. 3. I fill out the required fields in the form, then click on the submit button. 4. Since it should be a friendly demonstation the destionation url is set to the rickroll Youtube url. (In my head it should redirect to yt and start playing the song, then the user could click on the "Done" button in the top right corner to dismiss the captive portal screen. *Meanwhile the phone's ip makes its way to the "Allowed Clients" list. (So there is in fact internet access on the phone...)* 5. BUT this is where shit hits the fan. There is no "Done" button, only "Cancel", since the phone thinks that the network has no internet on it (since it can't reach the hotspot-detect url described above). Note: If I put a hotspot-detect.html on the pineapple, the captive portal will not pop up, since ios finds it and thinks that everything is fine, no need to pop the portal... I'm almost sure that this behaviour will be there if I test it with an android phone, since it too will have an url to check for internet. (I'll test it later, then edit the post accordingly!) Thanks for the help in advance! Have a nice day, and happy hacking!

I have an iPhone that I bought and pay for. Is it possible to bypass any of the locked to owner security walls. Including iCloud lock or activation lock? If so what else might I need to know or buy to do it?

I’m not affiliated in anyway to this guy but I wish he was someone I hung out with; I’msure it would make me a smarter person. I love this guy’s apps. They’re informative, useful and to the point. He’s one of three app developers where I’ve sent extra money to support his work. His Electronic Toolbox Pro and RF-Toolbox Pro are way over my head. His Network Toolbox app is something I keep on my static iphone dock. Man is It’s useful. Check out his stuff I think most of the serious people on this forum would appriciate his work. https://itunes.apple.com/us/developer/marcus-roskosch/id334053438 https://roskosch.de

First off the iPhone is question is jailbroken on iOS 9.3.3. What i'm trying to do is a project like this(https://braindead-security.blogspot.com/2017/06/building-rogue-captive-portal-for.html) but on my phone's personal hotspot. I think this should be possible, I'm just not entirely sure how to go about this on an iPhone.

NetworkToolbox - Network scanning and analyzing by Marcus Roskosch https://appsto.re/us/9wa2M.i https://networktoolbox.de/ Shits extensive. I don't pay for apps willy-nilly, this one has not failed to impress. Heres a list of it's features: Features of NetworkToolbox Scan your local home- or corporate-network within seconds. Explore all connected devices and get a complete picture of your network. Over 26 individual tools are available to analyze your network, to perform various security checks or even connect to devices on your network. SCANNING – FAST AND COMPLETE The included Network scanner runs repeated scans to get the most accurate results. To prevent from being detected by Firewalls or IDS (Intrusion detection systems), the scanned addresses are selected randomly. For the fastest possible speed, scans will be performed in hundreds of concurrent tasks at the same time. This results in the fastest and most reliable scan results compared to any other app. Devices, found by the Network scanner can be further analyzed by scanning for services using the Portscan tool. Portscans may reveal known and unknown (hidden) services of devices. All tools are highly integrated. Wherever you want to dig deeper into the results of one tool, a single tap will allow you to open the internal browser, start a telnet or FTPsession, ping the host, get information about a SSL certificate, perform certain security checks and more. Scan results can also be logged and multiple scans can be compared to each other. This way, it is easy to find out, if devices have been added, removed or changed between two scans. NO NETWORK SPECIALIST – (YET) ? If you are not a network expert, don’t worry and don’t be scared. NetworkToolbox makes it easy for you to dig into those networking details. Several included How-To’s and Guides will show you how easy it is, for instance, to perform an open-port analysis. By this, you will be able to quickly scan your home network to find ports that are unintentionally open to the web. Such ports will often be used by cyber criminals to break into your internal network. The app also includes Video tutorials, samples and other learning resources. Each tool also has a comprehensive Help text that explains the purpose of each tool and how to use it. Last but not least, a Glossary is included that explains terms from A like “Access control” to Z like “Zero day”. TELNET AND SSH TERMINAL NetworkToolbox also includes a telnet or SSH terminal which allows you to connect to linux devices, routers with telnet interfaces or any other telnet or SSH device. SHODAN AND MORPHEUS DEVICE SCANNING SHODAN is a search engine that lets you find specific computers (routers, servers, etc.). SHODAN can be seen as a public port scan directory. Web search engines, such as Google and Bing, are great for finding websites. But what if you’re interested in finding computers running a certain piece of software (such as Apache)? Or if you want to know which version of Microsoft IIS is the most popular? Or you want to see how many anonymous FTP servers there are? Maybe a new vulnerability came out and you want to see how many hosts it could infect? Traditional web search engines don’t let you answer those questions. SHODAN is fully integrated in NetworkToolbox. In addition to SHODAN, NetworkToolbox integrates it’s own Device scanning engine called Morpheus. Like SHODAN, Morpheus runs on a distributed network of scanning engines around the world and can be queried from inside NetworkToolbox. ALL FEATURES : The above just shows a fraction of the possibilities of NetworkToolbox. Below is a list of features. This list may already incomplete because NetworkToolbox is being extended and updated continuously. If you are missing a feature or have questions, please feel free to ask. Local device and network information Local and public IP address Network Gateway and DNS Server addresses WiFi network information Cell network information Shodan and Morpheus search engines DNS lookup Reverse DNS lookup IP Geo-Location Provider information MX, NS, SOA DNS Server record information Graphical PING Network Scan Shows Device Type MAC address Device Network name Device Vendor Individual names can be assigned Port Scan Individual port ranges Traceroute Telnet client FTP client SSH client SFTP client HTTP Header analyzer Internal Webbrowser Individual User-Agents to mimic iPhone, Windows PC, Mac Individual Mime types Standard password test function HTTP traversal exploit test function Source display with syntax highlighting XML browser Website Spider WEB-Service analyzer Individual Endpoint, Service header and body GET, PUT, POST methods XML, JSON, plain-text SOAP, REST support Results will be displayed in a drill-down browser SSL Certificate inspector Bonjour scanner Bluetooth LE (4.0) scanner Port forward tool MAC address database IP address calculation Security check tool Router exploit tests mongoDB exploit test and more Mail server check Reports mail client settings Identifies mail server issues Glossary Logbook To collect scan results To remember Addresses and links To compare two scan results and find differences Ability to integrate external apps For instance, your preferred VNC or SSH app can be fully integrated Support URL-Scheme Other apps can call NetworkToolbox e.g. to use the WebService tool Additional resources and links Vulnerability databases Exploit archive Internet Storm Center and definitely much more…

Hi, Doing some security testing/learning in my home lab again, this time using an iOS phone. Does anyone know how the Two-Factor-Authentication for iOS devices determines whether the device logging in is indeed a 'Trusted Device'? Does it use the MAC address of the device, the IP address, a file on the device? I'm using a Kali box to see if I can log in to the iCloud without it asking for Two-Factor-Authentication; tricking the login in to thinking that the Kali box is actually the trusted iOS phone. In order to do so, I need to narrow down how the iOS login determines that the device is trusted. So far, I've found; I assume this means that a file must be saved on the device somewhere? Thank you.

Is it possible to create an ios app payload, like we do using metasploit to hack an android phone using reverst tcp method by creating a payload.apk?

Can we bypassing HSTS by using this MITM technique? The attack works on latest versions of iOS including iOS 8.1.1 and On most Android devices. Source: https://blog.zimperium.com/doubledirect-zimperium-discovers-full-duplex-icmp-redirect-attacks-in-the-wild/

Just received my pineapple a couple of days ago, yay (with a defective power supply, unfortunately) What is the best practise to control a pineapple from a smartphone? I'm using a Nexus 6, but my browser can't handle the big tiles properly. When entering a big tile, I can't scroll down within that tile. That makes most of the infusions useless to control from a smartphone. I've tried Chrome and Firefox even in "Desktop mode" but still no joy. How do you guys control your pineapple from a smartphone (android in particular)? //WB

Hi guys, I recently started learning more about ethical hacking and stumbled upon metasploit. It is a great tool but I am having an issue on a pen test, which is the following. I am trying to exploit my IPad Air- IOS 8.1.1 Jailbroken and I am using the exploit "exploit/apple_ios/ssh/cydia_default_ssh". Also the OS I am running is Kali Linux. I am able to setup the RHOST with my IP Address (192.168.1.2) and the default port 22. This data is confirmed and accurate as I did a nmap scan just before that showed me that the port 22 was open on that IP. Everything seems fine until i try to run the exploit, what happens is this: [*] 192.168.1.2:22 - Attempt to login as 'root' with password 'alpine' [-] 192.168.1.2:22 SSH Error: Net::SSH::Exception : could not settle on kex algorithm [*] 192.168.1.2:22 - Attempt to login as 'mobile' with password 'dottie' [-] 192.168.1.2:22 SSH Error: Net::SSH::Exception : could not settle on kex algorithm I have left the root:alpine login as per default in my ipad. I had even changed the password in my Ipad's terminal and tried to login via Armitage with SSH Login and the updated credentials. Still, I am always getting the same error and not sure what is going on. Can anyone help here? Cheers

i want to test and demo pwning of mobile devices such as Android and iOS. i googled a lot and found a recent example: https://www.youtube.com/watch?v=TbyQoWyaw2g can i achieve the same thing using Pineapple only? right now i am trying to get Kali machine + beef + metasploit working with that module without success (that specific vulnerability). i found in the forum there's something named JasagerPwn that contains beef: https://forums.hak5.org/index.php?showtopic=30588 but don't know if this is an updated infusion or if it was replaced with other infusion. bottom line - is there an infusion or setup with Pineapple that can operate beef against browsers of mobile devices and let me run exploits and to be specific the UXSS demo shown in the movie? will be happy to get your inputs and redirection what is the needed setup i need to focus on? more general questions - what else do you think i can demo on mobile phones/browsers? keylogger? i am looking for something with an affect - visual or sound that can be an action i decide what is the timing (not redirecting to a page that will play wav file). thank you very much! pineapple is so cool - can't wait to understand how deep i can use it

Hey, so I grabbed my Rubber Ducky and iPhone 30 pin to USB adapter, opened notes, plugged in Rubber Ducky. And I see error 'Cannot Use Device - The connected USB device is not supported.' although upon saying OK to do see keys being send to the notes via this Rubber Ducky HID device. So now to play with some payloads on iOS maybe? Also on another note id like to place this Rubber Ducky on a Blackberry... Any ideas? No go at first glance and something about blackberries using Master USB keyboards versus Slave. Anyone? Thanks and Have FUN, HiWEB

Hey I recently saw the topic about the rubber ducky working with iOS and it got me thinking. Is there a way for the rubber ducky to capture a screenshot on an iPad (or other iOS device)? From the research I've done if you turn on VoiceOver and press Ctrl+Alt+H then that hits the home button but I haven't figured out how to simulate a Sleep/Lock button press. Any suggestions?