Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


About loozr

  • Birthday 01/01/1983

Profile Information

  • Gender
  • Location

Recent Profile Visitors

2,866 profile views

loozr's Achievements


Newbie (1/14)

  1. Yes, that should be possible with the Network Module. Have you checked it out already?
  2. I would love to betatest, however im going home on holidays, and the module might finish up during the holidays? ;) Anyway, will there be a script replacing images as well?
  3. You just use the phishing files that is in /www/ folder. It's the error.php that saves the login data to /pineapple/logs/"something"(well something like that I guess, just have a look in the error.php, and you will see the exact location) So when you are phishing the login data will automagically appear in the logs page(may require refreshing the page) Edit: Hope that's an OK description, if you have more questions about phishing, then I guess that will be off-topic for this thread..(?)
  4. Not sure if you have resolved this, but this problem might be related to how you save the facebook page, or you may have to activate internet connection sharing. It might not be best practice but I do always save the complete webpage, i.e. I will recieve both the facebook.htm and facebook_files folder. It might be enough that you activate the ICS and your page will load the image from the original server. I guess you could also snoop around in the code, and find the address to the image, and save it locally and edit the link in your facebook.htm.
  5. This is my redirect.php <?php $ref = "http.//".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (strpos($ref, "hotmail")){header('Location: hotmail.htm');} if (strpos($ref, "facebook")){header('Location: facebook.htm');} require('error.php'); ?>
  6. @Sud0x3 That's absolutely true. However, for me it's faster to hack around in the existing code, than to make a similar page myself from scratch(since my knowledge in code is quite limited, I can read some, but not write). I have managed to edit out most of the scripting in this page, and successfully come up with an ok result. However, I have a little problem in getting the "Sign in" button to do some posting now.. or, actually it''s doing something, it's removing the input, but I'm not getting any post in return. And yes I have edited the name of the inputfields to equal the "pickup"script.. Is there any app that can trace the actions in a given webpage?
  7. Have anybody managed to make a functional hotmail phish yet? I'm struggling to get it working.. The thing is that it seems M$ is trying to avoid phishing attacks by using some scripting. I have very limited knowledge in web programming, but have been snooping around a little bit in their code, and it seems that 1. You can't avoid the scripts totally because then you will not be able to type username/password. 2. The script mbox.js is checking if a cookie is valid by checking session and pc id. If this cookie is not found to be legit, you will be redirected to https://login.live.com/cookiesDisabled.srf?.. Now I guess there is some magic happening in the 13'th line in the hotmail source code, but for a noob it's quite exhausting to make sense of..
  8. This sounds great! Love the amazing work that you guys do with the pineapple! If there should be a beta period I would love to test this out and report back any issues. The least one could do when you guys are making wonderful infusions! ;)
  9. Hi there! When you guys are posting code, please use the code brackets [code]and the actual code [/code] Systemcrash: The code used in the tutor you followed is kind of old, better to use the original files that follows the pineapple flash. When your facebookclone is crafted you have to copy it over to the pineapple. If you place it directly in the /www/folder on your pineapple move on, if you placed it on your /usb/ then you have to symlink your files to the /www/ folder. In my case I use the command ln -s /usb/phish/* /www/ but you have to enter what is true in your case. Now, when you enter ls -la /www/ you should see your facebook files. Since they are symlinks they may look a bit different than i.e. index.php, but the important thing is that they shows up. Now go ahead and edit redirect.php. I myself like to use nano, just because that's the editor I'm familiar with, and it is installed in the pineapple;) Sadly I don't have an example of that file on this computer, but originally I think it contains an example.com example. Just edit example and example.com to facebook and facebook.com. I guess you'll understand what I mean when you open the file. Remember to writeout your changes. For the DnsSpoof part you will have to test out a little bit, but the basic understanding is that * = anything *.facebook.com = .anything.facebook.com Personally I'm using (haha weird colors) *facebook.com And power up DnsSpoof. You have to remember that most computer do cache the DNS requests, meaning that if you have visited the real facebook site you may end up in the real facebook site afterall. If this is the case then in windows you will have to enter the following in commandline ipconfig /flushdns And make another try. Lastly I have to say that filenames and foldernames may be different in your case, so you'll have to substitute your own.
  10. Nice to see what might be up in the next releases! Anywho, might just be me, but I thought that macchanger(and sslstrip as well) already was integrated in the flash, since I have never had to install any of those manually(sslstrip might get installed via the module though)? [Offtopic] And a little thing I have been curious about for a while; how much of the flash is actually cleaned when re-flashing via webinterface? Absolutely everything? Or just user settings and such, i.e. no core files? What exactly is the difference in flash via webinterface and clean flash via serial? Nothing besides beginning the flash from webinterface rather than console? [/Offtopic]
  11. Aha, this is intereseting! I guess this module makes me have to learn a bit about BeEF.. Looking forward to this beeing available!
  12. This looks good! Great work! B) Just a couple of questions, what's the contents of the "Internet Access plan"? Are you sure that the facebook favicon should be used at the welcome page? And how do the url's look in the respective sites? Looking forward to se this module evolve! :)
  13. You can enable tethering via USB from Settings, Wireless and network, Connection and wireless zone, USB connection. (not sure if this is correctly written since I'm translating from Norwegian, but you get the point)(at least this is the case in Android 2.3.7(too bad I'm poor)) Anyways I'm using an app called Auto Tethering Premium, which as the name implies automagically enables USB tethering when USB cable is plugged in(not charger of course). Thing is, I can't remember if I needed root privileges to install this app. Again, this method is sadly not working as I would wish when the Pineapple reboots. When the Pineapple is up and running after a reboot, the android device is connected in charging mode, and not modem mode. Unplug/plug "fixes" this.
  14. Just to make a little update about this problem, the problem still occours in v 2.7.0. But I just recieved my new AWUS036NHA which do NOT have this same issue. However AWUS036NHA is not mounted on reboot, just have to unplug/plug the device and it's operational.
  • Create New...