SilverExploit

You must first install the hidden iframe, and then spoof the target using dns spoof to 172.16.42.1 . in the redirect page there is the hidden iframe which will gather the information.

Yes, that is exactly the idea :D I'm looking into the /etc/config/network file I already uploaded the new evil java module, but it's not up in the pineapple bar yet! If you have any other awesome ideas like this one, let me know. Cheers

Hi. I want to be able to redirect all traffic going to the ip 1.3.3.7 to 172.16.42.42! I have tried everything that came up in the google results, but none of them worked. I followed instructions, but at the end, the traffic doesn't seem to be forwarded. Can someone help me with this? Thanks in advance... ;)

I see... netcat or iptables will do the trick. I'll add a box where you can update the pentesters ip so that lets say 172.16.42.111 redirects to the pentesters ip to ex: 172.16.42.42, and all payloads are set to connect to 172.16.42.111 ! Very clever

Very nice idea! I'll start working on it right away. :) Thanks for the suggestion.

First of all thanks to reflex for creating the evil java page. I just turned it into a module. The full version of this module is yet to come... EvilJava module - version 2.0 (CURRENT) Custom payloads can be uploaded from gui. They are categorized for Windows, Mac, and Linux. You can select through the UI which payload to use for a specific OS. Custom payloads can be deleted too Java applet and payloads can be saved in USB (this way you can have tens of custom payloads for each OS and switch between them very easily) You can synchronize with the GET module in order to see what OS the clients are using, and wether they have Java enabled NOTE: The listener ip changer will be fixed as soon as I figure out why all connections except metasploit work ;( NOTE: A better 'help' and support for 'OTHER' OS are coming soon EvilJava module - version 1.0 Malicious Java Applet for Windows, MAC, and Linux Modify index.php page to redirect to EvilJava NOTICE: the default payloads are set to connect back to 172.16.42.42 so make sure that's your IP unless you're using custom payloads. Feel free to upload as many custo payloads as you like :) Please leave any suggestions, or bug reports you have here. Thanks... :) Infected Page:

Hi everyone :) I am developing a toolkit with new tools for man in the middle attacks. Quick question/survey : Should i use sqlite3 or should i make a text-file-database ?

OK, I'll make simple module for the evil applet for now. But after I finish a toolkit (hint hint) I'm working on, I can make the evil applet work and still provide internet. Thats the reason I asked if it already worked with internet access to the client. Back to programming now :)

Won't this method completely disallow the client to get any internet connection whatsoever. This would make the whole thing suspicious for the client. Am I right? Also it would be a good idea if this was turned into a Module.

Quick question: does sslstrip only remove the 's' from https? So if there were no http version of the website, would sslstrip still work? If yes, then how can I use sslstrip on myself? (Sorry fo asking so many question, but this toolkit I'm making is very complex )

The assigning to variable thing didn't work. I had already tried that. Darren, thanks for the reply but I can't have the output in a file because the script is supposed to be executed a few times at the same time, which will completely mess up the output file. Thanks for the reply anyway. I think that I found a way to use wget instead of netcat. I'm testing the new method right now.

Hi, I am working on a really cool and useful module but i can't seem to forward the netcat output to a php page. I tried echo exec("netcat code here...") and all sorts of variations of the above command but it doesnt seem to want to cooperate. Any ideas ?

Great job like always, I have a suggestion though :) urlsnarf -i wlan0 | cut -d ' ' -f1,7 The above command displays a very clean output with the name of the device and the url of the website that is being visited. I would suggest putting an option that shows this clean output. Another cool thing would be if you could make a database with devices and the user can select one device and it will show all the history for that particular device. That way you can keep track on what clients are doing.

Get is a module that uses javascript and PHP to find several information about the client's browser and OS and saves them to a 'database' file. For now this module supports IP, browser type, OS type, Geolocation (if you have permissions it shows the coordinates ), MAC, Username, etc. It also detects browser plugins and MIMEs (the different| file formats and the applications associated with them). The hosts are recognized by MAC address. No duplicate data will be recorded on the database if the data for that host already exists, but it will add the data if the person visits with a new browser or makes changes to the old browser. Get module - version 2.0 (CURRENT) Firmware 2.1 Compatible Get module - version 1.2 Install Database on USB Option Got rid of annoying geolocation popup Minor bug fixes Get module - version 1.1 Client History Minor bug fixes Get module - version 1.0 Add Comments to Clients MAC Address LAN IP address Host Name App name User Agent Product Sub Language Cookies enabled App Version Vendor Platform App Codename Java enabled CPU Class Screen Resolution Browser Plugins Browser MIMEs Please leave any suggestions, or bug reports you have here. Thanks... :)

Thank you so much guys :)