Search the Community
Showing results for tags 'spoof'.
Found 18 results
-
I'm trying to spoof my Surface 4 Pro's WiFi MAC address. It's running Win10, and the stock Marvel driver mrvlpcie8897 circa 2016. Using Powershell, like Darren shows in his video here: MAC Spoofing for Free in-flight Wi-Fi (and monkeys) - Hack Across The Planet - Hak5 2208 https://youtu.be/vuY-u-HfSMs?t=478 ...it appears my driver doesn't permit changing MAC address. My question is- what driver is recommended (what driver is Darren using on his W10 platform?) and where can I get a hold of it? I also tried using an Alfa AWUS036H, USB-WiFi adaptor...but its driver also prohibits MAC spoofing. Any ideas? Thanks.
-
Hello all Total newb here. Have done some small hacks in the past but no real knowledge. Recently had a friend spoofed from the email address @emkei.cz would like to know using the source if it can be traced back to the sender? reason this is important is this is a political issue. I have seen a lot of no's on forums but i thought this place might know more than the standard fare that comes up in google searches. Regards
-
Hi, I am using asterisk and gotrunk as voip service provider to achieve call spoofing. The 'set CallerID' feature of asterisk is used to modify the callerID and then call is forwarded to voip trunk. But Go Trunk blocked spoofing caller ID feature probably because of scamming. Are there any alternatives that i can use to achieve the same functionality??
-
Works like a charm if Bunny detects as 2Gb adapter (takes precedence over host's NIC) https://github.com/pojebus/bashbunny-payloads/tree/master/payloads/library/dns_spoofer
-
I have a pineapple tetra and am currently interning with an I.T. admin. We decided to see how the Cisco AP's would react to the tetra. I booted up Kali and the pineapple on my laptop (which was connected to the guest network) and immediately, the admin received texts and emails that a rogue AP had been detected. When I tried to deauth the AP's for the guest network, they blocked it and sent another email saying the attacks were "contained." As I come to understand wireless networks, I assume being on the guest wifi helped detect the tetra, but I also assume that a wifi adapter in monitor mode could pick up devices without the Cisco AP's flagging it... The goal is to get to the hidden wlan- pineapple or not, any suggestions would be great for accessing the wlan. Cheers
-
Hi I'm experimenting with Ettercap to perform MiTM attacks, and DNS-spoof. My setup exists out of two laptops. Laptop A running Kali Linux 2.0 and is the 'attacker' machine (IP: 192.168.0.131), and Laptop B running Windows 7 as 'victim' (IP: 192.168.0.150). I'm encountering a few problems when I try this, first of all, the command 'route' doesn't find my actual default gateway. It says the default is '192.168.0.0', but Ettercap and the Windows machine say it is '192.168.0.1' which is the correct one. But that ain't he biggest problem, the biggest problem is, that my DNS-spoof attack is working when performing it using the Ettercap-GUI. But as soon as I try to do it by using the terminal it fails; it doesn't even intercept the requests made from the victim. My command: ettercap -T -q -i wlan0 -M arp:remote -P dns_spoof //192.168.0.1//192.168.0.150// What is wrong with this command, because the attack works in graphical mode there is something wrong with the command, not with my network setup. I also made a video showing the problem: https://sendvid.com/8o8p2ssz like you can see there it is working graphical, but not from terminal using the command. And than my second question Can someone point me in the right direction/tutorial on how to use this attack with SSLstrip? This to perform a downgrade attack to also be able to DNS-spoof SSL-protected (HTTPS) websites. Of course I have searched myself, but none tutorial or video found showing it with Ettercap etc. Thanks!
-
So here are the facts i am working with kali sana trying to spoof dns with ethercap 1.internal network 2.I can spoof dns ===> when pinging facebook.com from victim machine i get my internal IP (192.168.1.6) 3.but when i try to browse with edge, chrome to facebook.com it says no connection 4.when i spoof a different url i get the index page of the server of the attacker 5.tried to spoof dns on xp and on windows 10 same results how can i solve this problem and what is the cause Thank you in advance
-
hiii i have make some fake pages for known pages like Facebook etc i have also install dnsmasq in Kali and setup Apache server and every thing is okay now when the victim visit Facebook in chrome for example it will told him that this is unsecured cuz of https is there any way or tools in Kali to avoid that or any other thing would be greet thanks :)
-
Why don't we use the innate ability of dnsmasq to spoof hosts instead of dnsspoof? I noticed that the pineapple would reply to my queries twice when using dnsspoof (instead of once as I expected). After some research http://blog.philippheckel.com/2013/07/18/how-to-dns-spoofing-with-a-simple-dns-server-using-dnsmasq/ I noticed that is it 1. entirely possible thus moving away from the hit and miss of dnsspoof and 2. would make it much neater. Should we look into creating an infusion maybe? Wishing you all well, Cristian
-
Dear Hak5 Community, Whilst playing around with the Wifi Pineapple MK5 -> dnsspoof and I noticed that whilst I would receive the spoofed reply, dnsmasq would also send the correct record. I then started investigating dnsmasq and I noticed that it is possible to use it in order to spoof hosts directly. The problem I have with dnsspoof is that sometimes the browser would get the correct reply thus making this module less useful. When using dnsmasq the success rate is 100%. Do any of you know why we are not dropping dnsspoof and use dnsmasq instead? I have a proof of concept infusion, but before I work on it any more I would like to know if anyone could foresee any issues with using dnsmasq instead of dnsspoof. Kind regards, Cristian
-
I currently need information as how to spoof my DHCP Name I am already spoofing my MAC address but the name appears as my computer name and the admin (parents) reset it. If I continue with it I will have multiple duplicates of my computers name. Which will end in extreme suspicion. I only need to make the name be "Network Device" for we already have 3 of those and won't look suspicious at all. I am full admin of my computer I do have it password protected so no one but me will access it. I only need the spoof for random occurrences. Simply for the fact if I used it too often I would get caught. Thanks for any help.
-
Hi, I'm trying to set up the Pineapple (firmware 2.0.3) as an access point (no Karma at all, just a single SSID) and display a simple page when wireless clients look for some specific websites. This sounds pretty easy to do. I first have to make the Pineapple connect to an access point with wlan1 to route all the traffic. Then use dnsspoof and make a few host entries (eg: 172.16.42.1 website.com) for the websites I want clients to be redirected to and finally, modifying redirect.php to what I want to display. The routing/forwarding part works, it's a bit slow but it works (I guess due to the forwarding to another AP). However, I can't get dnsspoof to work. When I do dns lookup for one of the domains from a connected client, I get the legitimate IP address and not the IP address I entered in dnsspoof. It worked at some point but all I got was a page that kept trying to load (like when you try to reach the pineapple on port 80; even though I changed the index to go to redirect.php) but it stopped working as soon as I rebooted the pineapple. I also tried removing the infusions and reinstalling them, reflashing the pineapple, removing all unnecessary infusions but it is still not working. Am I doing anything wrong? Or is that scenario not doable on the pineapple?
-
Question: If i clone a web page that contains links to other web pages will they still work? -For example, i clone an index.html. -the real index.html has links to other pages on the site. - i am redirecting my network's taffic to my clone of index.html that is on my pc - if a machine on my network clicks a link on my cloned page will the machine still resort to public dns and go to the speficif web page online?
-
I had an issue where after starting dnsspoof through the infusions it would simply not work. pinging example.com would show as going to the pineapple on the victim PC, and best case scenario i would see www.example.com/example.html in the address bar however the page was blank and would not load. going straight to 172.16.42.1 loaded the page properly though after lots of different configurations and hours of messing around with the settings i found two main issues: 1. i found no way for dnsspoof to work through the pineapple GUI/by clicking on "start" in the infusions. I finally managed to get it to work by running this through PuTTY dnsspoof -i br-lan -f /etc/pineapple/spoofhost you can also run it without the -f expression, in that case it would simply redirect all traffic, rather than only what is specified in the host file. you can also specify an expression at the end to point to where you want a log file to be created. syntax: dnsspoof [-i interface] [-f hostsfile] [expression] 2. after doing this, it worked in IE and firefox (which i have installed for testing purposes). Chrome is my default browser however, and i had an add-on installed i completely forgot about which forces https whenever possible. so when i was typing facebook.com, it was changing it to the https version and thus, automatic failure. my pages: index.php redirect.php error.php spoofhost file: 172.16.42.1 *facebook.com so far i only have this configured to work with facebook for demo purposes, however ill be testing out some other websites. feels so good to see something load properly after investing so much time into trying to make it work! anyway just wanted to post my solution because this would've saved me so much time if i had known this earlier
-
Dear friends, How to spoof the TTL(Time to Live) value in backtrack. I have no idea about that. I search this topic with Google. But i have not a good result. So please tell me how to do this ? if you think TTL value is most important to hide my ID?
-
/etc/sysctl.conf ##############################################################3 # Functions previously found in netbase # # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1 This is in the backtrack "/etc/sysctl.conf" So why this option give to us? what is the reverse-path filter? Are you think This option is most important to hide my ID? Help me...
-
Hello all, I am having an issue with DNS spoofing in backtrack 5 r3 ove rmy wireless interface. My attacking computer is a hp pavilion laptop with 2 gigs of ram, x64 processor, backtrack 5 r3, and my wireless card is a Atheros AR2425 with driver ath5k. My victim computer is a windows 7 serv pack 1 box with kasperski antivirus (turned off) and firewall down. I first modified my set_config file to set ETTERCAP=ON and the ETTERCAP_INTERFACE=wlan0. I then ran SET and chose >Social-Engineering Attacks>Website Attack Vectors>Java Applet Attack Method>Site Cloner>Nat/protforwarding NO>Ip addy for reverse connection"192.168.0.8">url to clone: http://www.google.com>Windows'>http://www.google.com>Windows Reverse_TCP Meterpreter>Backdoored Executable>Port 443>It tells me Arp Cache Poisoning is ON>Site to redirect: http://www.google.com>Says'>http://www.google.com>Says its launching attack,loads up metasploit and starts two listners. At this point when I browse to http://www.google.com on my victim computer using ie it simply loads the real google website. Now if I type my subnet ip for the attackign computer SET is hosting the server on it will take me to the fake page and the java applet will appear and work when clicked. My problem is it does not seem to be redirectiong traffic on my wifi network to the fake site when i try to go to the real one. I have tried doing this the old way as well and turning off ETTERCAP inside the SET_config file. I then would launch my fake site in SET and then edit the ETTER.dns file wif the website connect info and my attacker ip. This did not work either. I have also apt-get updated and upgraded backtrack, as well as msfupdate for metasploit and svn updates for set and ettercap. What could I be missing about getting Ettercap to redirect my network traffic? Thank you for your help and let me know if there is any more information you need to help you trouble shoot this issue!
-
Guys, Here's a quick script for changing your mac address. Simply run the script and enter the network card you would like to change. You will see your new mac address as well as your original mac. Enjoy! ~skysploit #!/bin/sh # This script will change your MAC address" # Usage: ./mac-me.sh # Script by skysploit clear echo "What interface would you like to change. Example; eth0" echo "" read ADAPTER; clear echo "Entering stealth mode " echo "" ifconfig $ADAPTER down macchanger -r $ADAPTER ifconfig $ADAPTER up echo "" echo "Your MAC Adrress has been changed, it will reset upon reboot"; echo "If this script failed: <apt-get install macchanger> and run as root"
