nopenopenope

I don't like windows based capturing tools, I've played with Intercepter-ng and its set up well, but it seemed buggy to me, I recommend you look into a linux distro and use something like ettercap. Google around about it.

this is my rickroll page I just added 172.16.42.1 *.example.com 172.16.42.1 *. 172.16.42.1 * to the spoof list (all three because I didn't know which one redirects everything) <html> <title> whatever </title> <head></head> <body> <h1 size="36"> Hi :) the site you are trying to visit no longer exists, but he's a video instead, sorry for the inconvenience. </h1> <p><img src="http://i0.kym-cdn.com/photos/images/original/000/096/044/trollface.jpg?1296494117"/> </p> <iframe width="420" height="315" src="http://www.youtube.com/embed/oHg5SJYRHA0" frameborder="0" allowfullscreen></iframe> </body> </html> I didn't want to upload any pictures to the pinapple for space reasons, make sure you have image directory's correct, or webpage links correct, your code is looking for image.png on the root folder, make sure you specify the correct path. Hope my code helps.

oh thanks Seb, never looked at that section, this will make my life much more easy.

Since there's a Reveal Public Ip function, what about a way to connect to these little guys remotely? I'm not sure how you would do that, but would NAT do it?

ehh, my GF tells me I'm a nerd all the time. But she knew that coming in lol

Man, the battery life turnout on these mods are amazing, I'll just throw some connectors on my pineapple with a pelican case. Darren, you use that magazine a lot :P And one last thing, I found the battery's on amazon, what are you using to charge these once they are all soldered together?

I have backtrack running on my droid razr, most phones, if any besides the n900 support monitor mode, but I can run metasploit at least, and do some MITM stuff, but theres plenty of apps for that, I'll give you a list of some of them that are on my phone. Anti (I have gold) probably my favorite app, supports MITM, browser pwn, some basic exploits for xp, nmap, hydra, local dos attacks - available at zimperium.com/anti.html shark/shark reader, basic wireshark - on the market wigle wifi and wigle bluetooth - basically kismet -- available on the market network spoofer, tons of MITM attacks, flip images, change images, redirect -- on market droidsheep, like firesheep, collects login cookies -- available at droidsheep.de backtrack installer, install backtrack, ssh into it, and vnc into it locally (vnc doesn't work for me, nor do i need it, i prefer ssh on a small screen, alot of tools aren't there, but you have metasploit, and SET, and some others, not really any wireless tools -- on market and thats basically my mobile hack kit on my phone, I like to use my built in wifi hotspot, and name it like another around me (does a half assed pineapple attack) and start capturing packets with shark, or droid sheep. Theres ways to unlock the wifi hotspot, but I'm not going to go into that or into rooting a phone, as its different for almost all of them.

You can tab complete with Better Terminal Emulator Pro, on my droid razr is it volume up x2, you can set it in the settings, it wont say tab completion though, set your key as ^[ then when press it twice it auto completes. Also, Better Terminal Emulator Pro has SSH built into it, I would think most would. Just type shh to check. When I'm using backtrack on my phone it's ssh'ing into the localhost. So if i want multiple terminals I just open a new tab and 'ssh localhost' or 'ssh 127.0.0.1' and then obviously its backtrack, and its on my phone so I'm to lazy to set a new password lol, it asks for the password, in this case toor, and your good.

if theres room in the case, pop it open, and solder it directly in if your not planning on useing the port for anything else, otherwise look into non software based usb hubs, if they exist, or one that supports a basic linux kernal

Thanks Darren, I'll look into it when I get mine, as well as using an alfa instead of a 3g card, since I don't have a card because I just use my hacked wifi hotspot on my droid razr. Also, I see a problem that might occur with that, can I SSH into the pineapple from my phone, when its getting internet from my phone. phone's internet --> alfa in pineapple --> pineapples network --> ssh from same phone into it? when I can't use the wireless card in phone when it's hotspot is active. say the pineapple is connected to my phone on 192.168.1.5, would I just SSH into that?

Is the ettercap update going to contain the fake sslcert plugin? so we can sniff ssl the "proper" way, without just saying NO SSL FOR YOU

good luck swapping anything out on a laptop besides the hard drive and RAM, most things are actually part of the mother board. I've been looking for some time for a mini usb wireless dongle that supports monitor mode, one i can leave in and doesn't stick out more than 1/2 inch.

Im going into the same field, from what ive read pentesters make atleast 70k a year in the U.S. and i bet you will see that number grow as time goes on with all these companys getting hacked. More and more companys will realize that its a problem and can affect them financially instead of just getting a "virus" and causing physical havoc instead of a financial havoc. The degree im going for right now is an associates in information security for homeland security. Then I plan to transfer to a university to get my masters in information assurance. And the offensive security certifications as well as the CISSP. Ill be plenty happy with what ever I make as long as Im doing what i love. As far as a programming language goes, python and C are probably the 2 best ones you can learn. Most of pentesting seems to be social engineering, if you can get someome to basically give you all you need, then theres no reason to write 0 days. Because no one can prevent those, its the responsibility of the software companys to test, fix, and patch those. If you want to do code security and writeing exploits look into application security and exploit development.

I'm going to wait until I can get a mark 4, then I'll start using it again, and using your script. keep up the good work leg3nd.

i got one back ordered, i think http://www.newark.com/raspberry-pi/raspbrry-pcba/dp/83T1943?Ntt=83T1943 thats what i ordered, i hope it was the model B estimated delivery date: Sometime in May lol

Your doing this the really complicated way, look into packet capturing like digip said, search terms like mitm (man in the middle), wireshark, and arpspoofing. Learn how to read packets in wireshark. If it is really being sent unencrypted then wireshark should work.

I love jasager pwn, I got sad when I started having issues with it, and started having issues with jasager in general and completely switched to the easycreds script and SET for java applet. I'm looking forward to v4, and I hope to see jasagerpwn updated for that.

I've done alot of stuff to screw it up, I get impatient for the repo's to get updated so I start installing crap manually. I should probably stop that lol.

Ok, I'll give it a shot, As soon as bt5 r2 comes out I'm going to install from scratch, my configs are messed up everywhere and its screwing everything else up, mainly SET / metasploit <_< and i'm getting sick of going around trying to change every config file.

I just ordered myself the droid razr, I've always been a motorola fan. It's excpected to upgrade to 4.0, no release date yet though.

nope, just apt-get update, apt-get upgrade, apt-get dist-upgrade, msfupdate, then the set update menu wasn't working for me, after i saw rel1k updated it on twitter i dicided to reinstall it with synaptic. then my set_config couldn't find the msf directory, so looking at that i found 2 locations, 1 for msf 3 and msf 4. it also jacked up my gnome menu for metasploit. what version of SET are you using?

also. when you update metasploit, and SET, make sure you edit set_config for the new metasploit location, i had this problem right away. (i dont remember where they were) and for what ever reason i now have double application launchers in my metasploit menu in gnome. basically they changed directory's so make sure you update all your config files and scripts :)

Sounds like you never selected a payload, being that the exploit made it to the target but you were unable to get a sesson because no payload was uploaded. check out this site and watch some video's. http://www.securitytube.net/groups?operation=view&groupId=10 You'll most likely find your problem in one of the first 3 video's

I little AP (or any AP for that matter) wouldn't be suited for any type of cracking. your best bet would be to use reaver or cowpatty w/ rainbow tables on the network you're looking to attack. then set up a pineapple (or at this point any AP) with the same SSID and password (not entirely sure if this would work with WPA because you need a handshake). then deauth the other and let them start rolling in. Since the broadcast name would be the same, there is no need for karma. (example: your at a college and you have auto connect set up and no matter what building your in, you always connect, because the name is always the same). I do this all the time without a pineapple, just a VM and a alfa and set the SSID to the same name of an SSID of an AP for what location I'm in ("myuniversity-Internet"), even without deauthing I always get clients to connect. You could always use karma but in this case your tageting a specific network, not random clients, therefore you don't really need it.

Read a few posts up, I already mentioned that.