Whistle Master Posted April 21, 2012 Author Share Posted April 21, 2012 We still have issue with ettercap We are working on it with Seb. Link to comment Share on other sites More sharing options...
ON-jOlt Posted April 24, 2012 Share Posted April 24, 2012 i've not completely familiarized myself with the pineapple, i know enough about it. I just put OpenWRT on a TP-Link MR3020 (the one they use for PirateBox) and thought to myself im going to make it more like a pineapple. I digress, could you not just route them through a proxy that, instead of injecting an ad, you inject the JS. have the ajax point to HTML5 socket or nodeJS, hell you may even be able to open an XMLHttpRequest to "<anydomain-like-google.com/pineapple/kl" then just filter (regex) the request at the proxy for "/pineapple/kl" and redirect it to wherever you want to run it. I do XSS hacking this way alot. Just my 2 cents, they do this kind of JS for logging mouse movements and keys on OWA (OpenWebAnilitics) and piwik and store it in DB so you can replay a session, its sick. Link to comment Share on other sites More sharing options...
hakatta Posted May 29, 2012 Share Posted May 29, 2012 Did I miss something, I cant find keylogger in the Module system. I have a Mk4 running v2.1. Thanks Link to comment Share on other sites More sharing options...
Whistle Master Posted May 29, 2012 Author Share Posted May 29, 2012 The first version of the keylogger module is not available because I currently trying to make a v2 with ettercap, but still having issue with it Link to comment Share on other sites More sharing options...
NullNull Posted June 21, 2012 Share Posted June 21, 2012 (edited) Is there any progress with this module?? WM i am really hoping you are steel working on it because it sounds just PERFECT! Is there any way of installing v. 1.1?? It has all I need ;) Edited June 21, 2012 by Giannhs Link to comment Share on other sites More sharing options...
thaihenry Posted June 21, 2012 Share Posted June 21, 2012 Instead of using ettercap, (the filters don't work properly) use sslstrip to write an iframe in the response body. If you provide me with your java script code, I can modify sslstrip for you to do that, so that your sslstrip module will also do key logging! This can also be taken further to do all kinds of things like for example sending users to a computer running metasploit, set etc. while you are at it might as well do a SET module since I have SET working on my router. Link to comment Share on other sites More sharing options...
Whistle Master Posted June 22, 2012 Author Share Posted June 22, 2012 To be honest, I did not give a try since quite a long time I have everything ready but I need to investigate some stuff with Seb on ettercap. You are right thaihenry, this could also be done with a modified version of sslstrip, I will give it a try. Link to comment Share on other sites More sharing options...
Crazy52 Posted June 22, 2012 Share Posted June 22, 2012 ive had more luck with ajax keyloggers than java Link to comment Share on other sites More sharing options...
Whistle Master Posted June 22, 2012 Author Share Posted June 22, 2012 This is a ajax keylogger but the injection with ettercap does not work at the moment. This is what I have to investigate. Link to comment Share on other sites More sharing options...
NullNull Posted June 22, 2012 Share Posted June 22, 2012 Is it possible to make the v 1.1 available again until the release of v 2? I think v 2 will become pineapple's top module ;) Link to comment Share on other sites More sharing options...
Anton Posted June 22, 2012 Share Posted June 22, 2012 Is there a module out there that will dump all traffic for every one connected to the pineapple to a file so i can open it in say wire shark or something like that latter? Link to comment Share on other sites More sharing options...
Molotof Posted June 22, 2012 Share Posted June 22, 2012 Is there a module out there that will dump all traffic for every one connected to the pineapple to a file so i can open it in say wire shark or something like that latter? Yes for sure it is call tcpdump it will capture all traffic and put it in a pcap file for your wireshark pleasure, but SSL traffic is going to be useless, so run sslstrip with it to have an all seeing eye :) Link to comment Share on other sites More sharing options...
Anton Posted June 22, 2012 Share Posted June 22, 2012 getting an error with tcpdump "/usb/modules/tcpdump/tcpdump.sh: line 2: tcpdump: not found" is there a guid on how to use this any where? Cheer Molotof. Link to comment Share on other sites More sharing options...
PineDominator Posted June 22, 2012 Share Posted June 22, 2012 getting an error with tcpdump "/usb/modules/tcpdump/tcpdump.sh: line 2: tcpdump: not found" is there a guid on how to use this any where? Cheer Molotof. I would ask that question here http://forums.hak5.org/index.php?showtopic=26338&st=0&p=201321&hl=+tcpdump%20+module&fromsearch=1entry201321 sounds like you need to install tcpdump try the opkg module to do this. Link to comment Share on other sites More sharing options...
Anton Posted June 22, 2012 Share Posted June 22, 2012 I would ask that question here http://forums.hak5.org/index.php?showtopic=26338&st=0&p=201321&hl=+tcpdump%20+module&fromsearch=1entry201321 sounds like you need to install tcpdump try the opkg module to do this. thanks petertfm Link to comment Share on other sites More sharing options...
RebelCork Posted July 3, 2012 Share Posted July 3, 2012 Instead of using ettercap, (the filters don't work properly) use sslstrip to write an iframe in the response body. If you provide me with your java script code, I can modify sslstrip for you to do that, so that your sslstrip module will also do key logging! This can also be taken further to do all kinds of things like for example sending users to a computer running metasploit, set etc. while you are at it might as well do a SET module since I have SET working on my router. How is SET working out for you ? I presume its the Metasploit-less version ? Link to comment Share on other sites More sharing options...
thaihenry Posted July 4, 2012 Share Posted July 4, 2012 How is SET working out for you ? I presume its the Metasploit-less version ? Yes that is correct, I have not done much testing on it otherwise. You just need to manually install the prerequisites as having SET install them for you will not work. Also have quite a few other python tools working great like mitmproxy Link to comment Share on other sites More sharing options...
Molotof Posted July 4, 2012 Share Posted July 4, 2012 Yes that is correct, I have not done much testing on it otherwise. You just need to manually install the prerequisites as having SET install them for you will not work. Also have quite a few other python tools working great like mitmproxy Can you please shed some light on mitmproxy configuration and advantages? Link to comment Share on other sites More sharing options...
RebelCork Posted July 4, 2012 Share Posted July 4, 2012 Yes that is correct, I have not done much testing on it otherwise. You just need to manually install the prerequisites as having SET install them for you will not work. Also have quite a few other python tools working great like mitmproxy Can you do a write on how you install SET on the pineapple or post a link to how its done, as one common thread here on the forums is on how to clone websites. SET's inbuilt cloner would be ideal, and it would only take a quick module to access the data that is received ( i believe SET generates a html/xml file for you) This would make the pineapple more deadly :) Link to comment Share on other sites More sharing options...
PineDominator Posted August 8, 2012 Share Posted August 8, 2012 WM I can't wait to try this one out, I would use your ettercap module but I have no experience with those kind of tools. Link to comment Share on other sites More sharing options...
NullNull Posted October 22, 2012 Share Posted October 22, 2012 WM should we wait for a release of something like the keylogger module or you are working on this anymore? Link to comment Share on other sites More sharing options...
mondrianaire Posted October 22, 2012 Share Posted October 22, 2012 I may be misunderstanding the entire process behind this, but I do not understand how an ettercap filter would be the best way to do this. If I am correct, it is javascript that is doing the keylogging and reporting, and an iframe just displays the rest of the pages. If this is the case, would it not be easier to redirect all dns queries to a landing page that loads the javascript and then referral page in an iframe? This would not be a 'true' keylogger as it would only work while in a browser on a box connected to the pineapple, but it is far more than a 'credentials grabber' as some are suggesting. From looking at the screenshots, this is exactly what the module looks like it is doing. All queries are being redirected to pineapple: "172.16.42.1 *" the landing page is redirecting to login.php (which would house the javascript and referrer iframe redirect), and then the keylogger part is just reading a file. The implementation of this is a keylogger that will work on any webpage in a browser. It will grab all creds as well as emails, forum posts, things of the such. ...right? Link to comment Share on other sites More sharing options...
--nick-- Posted November 20, 2012 Share Posted November 20, 2012 where do we download it from ? Link to comment Share on other sites More sharing options...
NullNull Posted November 20, 2012 Share Posted November 20, 2012 --nick-- calm down, it's not available anymore. We all hope WM one day releases it. It's also "a high demand feature" ;) Link to comment Share on other sites More sharing options...
Sebkinne Posted November 20, 2012 Share Posted November 20, 2012 --Nick--, Please refrain from spamming a thread with useless comments. If you read the thread you would have your answer. Link to comment Share on other sites More sharing options...
Recommended Posts