loozr
-
Posts
134 -
Joined
-
Last visited
-
Days Won
3
Posts posted by loozr
-
-
I would love to betatest, however im going home on holidays, and the module might finish up during the holidays? ;)
Anyway, will there be a script replacing images as well?
-
How do we use the "Phishing log" at the "Logs" section? Thank you in advance :)
You just use the phishing files that is in /www/ folder. It's the error.php that saves the login data to /pineapple/logs/"something"(well something like that I guess, just have a look in the error.php, and you will see the exact location)
So when you are phishing the login data will automagically appear in the logs page(may require refreshing the page)
Edit:
Hope that's an OK description, if you have more questions about phishing, then I guess that will be off-topic for this thread..(?)
-
Not sure if you have resolved this, but this problem might be related to how you save the facebook page, or you may have to activate internet connection sharing.
It might not be best practice but I do always save the complete webpage, i.e. I will recieve both the facebook.htm and facebook_files folder. It might be enough that you activate the ICS and your page will load the image from the original server.
I guess you could also snoop around in the code, and find the address to the image, and save it locally and edit the link in your facebook.htm.
-
This is my redirect.php
<?php $ref = "http.//".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (strpos($ref, "hotmail")){header('Location: hotmail.htm');} if (strpos($ref, "facebook")){header('Location: facebook.htm');} require('error.php'); ?> -
@Sud0x3
That's absolutely true. However, for me it's faster to hack around in the existing code, than to make a similar page myself from scratch(since my knowledge in code is quite limited, I can read some, but not write).
I have managed to edit out most of the scripting in this page, and successfully come up with an ok result. However, I have a little problem in getting the "Sign in" button to do some posting now.. or, actually it''s doing something, it's removing the input, but I'm not getting any post in return. And yes I have edited the name of the inputfields to equal the "pickup"script..
Is there any app that can trace the actions in a given webpage?
-
Have anybody managed to make a functional hotmail phish yet?
I'm struggling to get it working..
The thing is that it seems M$ is trying to avoid phishing attacks by using some scripting.
I have very limited knowledge in web programming, but have been snooping around a little bit in their code, and it seems that
1. You can't avoid the scripts totally because then you will not be able to type username/password.
2. The script mbox.js is checking if a cookie is valid by checking session and pc id. If this cookie is not found to be legit, you will be redirected to https://login.live.com/cookiesDisabled.srf?..
Now I guess there is some magic happening in the 13'th line in the hotmail source code, but for a noob it's quite exhausting to make sense of..
-
This sounds great! Love the amazing work that you guys do with the pineapple!
If there should be a beta period I would love to test this out and report back any issues. The least one could do when you guys are making wonderful infusions! ;)
-
Hi there!
When you guys are posting code, please use the code brackets
[code]and the actual code
[/code]Systemcrash:
The code used in the tutor you followed is kind of old, better to use the original files that follows the pineapple flash. When your facebookclone is crafted you have to copy it over to the pineapple. If you place it directly in the /www/folder on your pineapple move on, if you placed it on your /usb/ then you have to symlink your files to the /www/ folder. In my case I use the command
ln -s /usb/phish/* /www/
but you have to enter what is true in your case.
Now, when you enter
ls -la /www/
you should see your facebook files. Since they are symlinks they may look a bit different than i.e. index.php, but the important thing is that they shows up.
Now go ahead and edit redirect.php. I myself like to use nano, just because that's the editor I'm familiar with, and it is installed in the pineapple;)
Sadly I don't have an example of that file on this computer, but originally I think it contains an example.com example. Just edit example and example.com to facebook and facebook.com. I guess you'll understand what I mean when you open the file. Remember to writeout your changes.
For the DnsSpoof part you will have to test out a little bit, but the basic understanding is that
* = anything *.facebook.com = .anything.facebook.com Personally I'm using (haha weird colors) *facebook.com
And power up DnsSpoof.
You have to remember that most computer do cache the DNS requests, meaning that if you have visited the real facebook site you may end up in the real facebook site afterall. If this is the case then in windows you will have to enter the following in commandline
ipconfig /flushdns
And make another try.
Lastly I have to say that filenames and foldernames may be different in your case, so you'll have to substitute your own.
-
Nice to see what might be up in the next releases!
Anywho, might just be me, but I thought that macchanger(and sslstrip as well) already was integrated in the flash, since I have never had to install any of those manually(sslstrip might get installed via the module though)?
[Offtopic]
And a little thing I have been curious about for a while; how much of the flash is actually cleaned when re-flashing via webinterface? Absolutely everything? Or just user settings and such, i.e. no core files?
What exactly is the difference in flash via webinterface and clean flash via serial? Nothing besides beginning the flash from webinterface rather than console?
[/Offtopic]
-
Aha, this is intereseting! I guess this module makes me have to learn a bit about BeEF..
Looking forward to this beeing available!
-
Superb Whistle Master! B)
-
This looks good! Great work! B)
Just a couple of questions, what's the contents of the "Internet Access plan"?
Are you sure that the facebook favicon should be used at the welcome page?
And how do the url's look in the respective sites?
Looking forward to se this module evolve! :)
-
You can enable tethering via USB from Settings, Wireless and network, Connection and wireless zone, USB connection. (not sure if this is correctly written since I'm translating from Norwegian, but you get the point)(at least this is the case in Android 2.3.7(too bad I'm poor))
Anyways I'm using an app called Auto Tethering Premium, which as the name implies automagically enables USB tethering when USB cable is plugged in(not charger of course). Thing is, I can't remember if I needed root privileges to install this app.
Again, this method is sadly not working as I would wish when the Pineapple reboots. When the Pineapple is up and running after a reboot, the android device is connected in charging mode, and not modem mode. Unplug/plug "fixes" this.
-
Just to make a little update about this problem, the problem still occours in v 2.7.0.
But I just recieved my new AWUS036NHA which do NOT have this same issue. However AWUS036NHA is not mounted on reboot, just have to unplug/plug the device and it's operational.
-
Perhaps it has something to do with this...
I should mention that the thread you are referring to mr. surgarat is in regards of an AWUS036H. However I have just recieved a AWUS036NHA, which do not have the problem in my previous post.
But I can verify that my new AWUS036NHA will not be mounting on reboot. However unplug/plug brings the device up.
Edit;
There is actually several messages in the log about this.
00:02:11 Pineapple user.info sysinit: Selected interface 'wlan0'
00:02:11 Pineapple user.info sysinit: PHY for wifi device radio1 not found
00:02:11 Pineapple user.info sysinit: OK
00:02:11 Pineapple user.info sysinit: /etc/rc.common: eval: line 1: can't create /sys/class/leds/alfa:blue:wan/mode: nonexistent directory
00:02:11 Pineapple user.info sysinit: /etc/rc.common: eval: line 1: can't create /sys/class/leds/alfa:blue:wan/device_name: nonexistent directory
00:02:11 Pineapple user.info sysinit: /etc/rc.common: eval: line 1: can't create /sys/class/leds/alfa:blue:lan/mode: nonexistent directory
00:02:11 Pineapple user.info sysinit: /etc/rc.common: eval: line 1: can't create /sys/class/leds/alfa:blue:lan/device_name: nonexistent directory
00:02:11 Pineapple user.err autossh[1406]: ssh exited prematurely with status 1; autossh exiting
00:02:11 Pineapple kern.info kernel: [ 131.180000] br-lan: port 2(wlan0) entered forwarding state
00:02:09 Pineapple kern.info kernel: [ 129.180000] br-lan: port 2(wlan0) entered forwarding state
00:02:09 Pineapple kern.info kernel: [ 129.180000] br-lan: port 2(wlan0) entered forwarding state
00:02:09 Pineapple kern.info kernel: [ 129.100000] device wlan0 entered promiscuous mode
00:02:08 Pineapple user.info sysinit: PHY for wifi device radio1 not found
00:02:08 Pineapple kern.info kernel: [ 128.210000] device wlan0 left promiscuous mode
00:02:08 Pineapple kern.info kernel: [ 128.210000] br-lan: port 2(wlan0) entered disabled state
00:02:07 Pineapple daemon.info dnsmasq[1797]: using nameserver 8.8.8.8#53
00:02:07 Pineapple daemon.info dnsmasq[1797]: using nameserver 192.168.1.1#53
00:02:07 Pineapple daemon.info dnsmasq[1797]: using local addresses only for domain lan
00:02:07 Pineapple daemon.info dnsmasq[1797]: using local addresses only for domain lan
00:02:07 Pineapple daemon.info dnsmasq[1797]: started, version 2.62 cachesize 150
00:02:07 Pineapple daemon.info dnsmasq[1797]: reading /tmp/resolv.conf.auto
00:02:07 Pineapple daemon.info dnsmasq[1797]: read /etc/hosts - 1 addresses
00:02:07 Pineapple daemon.info dnsmasq[1797]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack
00:02:07 Pineapple daemon.info dnsmasq-dhcp[1797]: read /etc/ethers - 0 addresses
00:02:07 Pineapple daemon.info dnsmasq-dhcp[1797]: DHCP, IP range 172.16.42.100 -- 172.16.42.249, lease time 12h
00:02:04 Pineapple user.notice dnsmasq: DNS rebinding protection is active, will discard upstream RFC1918 responses!
00:02:04 Pineapple user.notice dnsmasq: Allowing 127.0.0.0/8 responses
00:02:02 Pineapple user.notice ifup: Allowing Router Advertisements on wan (eth1)
00:02:01 Pineapple daemon.notice netifd: wan (1375): Sending select for 192.168.1.102...
00:02:01 Pineapple daemon.notice netifd: wan (1375): Sending discover...
00:02:01 Pineapple daemon.notice netifd: wan (1375): Lease of 192.168.1.102 obtained, lease time 43200
00:02:01 Pineapple daemon.notice netifd: Interface 'wan' is now up
00:02:01 Pineapple cron.info crond[1674]: crond: crond (busybox 1.19.4) started, log level 5
00:02:01 Pineapple authpriv.info dropbear[1692]: Running in background
00:02:00 Pineapple user.info sysinit: PHY for wifi device radio1 not found
00:02:00 Pineapple kern.info kernel: [ 120.370000] br-lan: port 2(wlan0) entered forwarding state
00:01:58 Pineapple kern.info kernel: [ 118.420000] eth1: link up (100Mbps/Full duplex)
00:01:58 Pineapple kern.info kernel: [ 118.370000] br-lan: port 2(wlan0) entered forwarding state
00:01:58 Pineapple kern.info kernel: [ 118.370000] br-lan: port 2(wlan0) entered forwarding state
00:01:58 Pineapple kern.info kernel: [ 118.290000] device wlan0 entered promiscuous mode
00:01:58 Pineapple daemon.notice netifd: wan (1375): Sending discover...
00:01:58 Pineapple daemon.info hostapd: wlan0: STA 00:24:d6:a2:ac:88 IEEE 802.11: authenticated
00:01:58 Pineapple daemon.info hostapd: wlan0: STA 00:24:d6:a2:ac:88 IEEE 802.11: associated (aid 1)
00:01:57 Pineapple user.notice ifup: Enabling Router Solicitations on loopback (lo)
00:01:57 Pineapple user.info sysinit: PHY for wifi device radio1 not found
00:01:56 Pineapple user.info sysinit: PHY for wifi device radio1 not found
-
Just have to ask, have you tried to put the pigtail back on to the connector? Or can you clearly see that something is broken?
In the picture you posted I think the connector seems just fine.
My guess is that the pigtail just got disconnected by the twisting, and you should be able to put it back on there. Just be careful when trying to connect it, as you have to put on some pressure to make it snap back into position.
-
That's nice, Thanx! B)
I'm going to take a look at it when I'm inspired. I think especially http://funoverip.net/2011/04/100pc-anti-virus-evasion-with-metasploit-browser-exploits-from-ms11-003/ might be interesting.
However I guess the best way to create good av evation applets is to learn coding
-
browse to 172.16.42.1:1471
This is got to be the 40th time someone has posted this issue
haha, yeah, when are people going to READ before posting??
-
So you are unable to connect to the pineapple both WLAN and POE LAN?
Have you tried accessing via WAN LAN?
If you plug the WAN interface to your wired LAN in your house, then you should be able to connect via that interface, have you tried that? If you are unsure what the IP might be, then you can i.e. make a ping sweep, and try to access the IP's in your browser.
-
Ok, I may not get the point here, but what is a Wi-drive? And is this wi-drive implemented in the Pineapple?
Are you talking about a usb harddrive connected to the pineapple? Or is this some kind of network attached storage for the pineapple?
Sorry if I'm being dumb here..
-
I'll bet that it works, but the problem as I see it is that when I was testing this, it was quite obvious that this was going to do something bad with you computer.. The AV went amok, and the "signing" of the applet was also kind of obvious, can't remember now what the name was, but didn't fool me at least.
And this test was done with an java applet I created with S.E.T. and used multiple encrypting or whatever it was called. However I did not set up a listener in BT for my simple test, so I'm not sure if it successfully can create a connection. I kind of lost the interest when my AV went amok.
However, if anyone have any idea of an applet that does not trigger AV, and may could fool the victim, then please let us know!! :)
-
First off I have to say that this is an great idea for a module.
However this is not so great for those of us that do not use english as our language. I would (most likely) still have to make my own phishing pages, and then why should I use this module?
And how often do various sites change? Would there have to be continuous updates to keep the phishing files "valid"?
Just being curious about this though, I think this would be a good module. And I will surely look into the coding you choose to use, and perhaps this will make the post-script evolve, and maybe add some features to the phishing, like sending the victims to the real site afterwards, preferably logged in.
(sorry if my text is hard to understand..)
-
Will this do the trick?
Some old version I had lying in my dropbox. Test and report if it works or not.
<?php
$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
$skipInclude = 0;
if (strpos($ref, "facebook")) { $phishFile = "facebook.htm";
} elseif (strpos($ref, "example")) { $phishFile = "example.htm";
} elseif (strpos($ref, "tricks")) { $phishFile = "tricks.htm";
} elseif (strpos($ref, "noname")) { $phishFile = "noname.htm";
} elseif (strpos($ref, "dork")) { $phishFile = "dork.htm";
} else { require('redirect.php');
$skipInclude = 1;
}
if ($skipInclude == 0) {
include($phishFile);
}
?>
[/CODE] -
Why would you use that Milwakee battery to power your setup?
I may be very wrong here, but that Milwakee battery is 4 Amps, while your Anker Astro is 10 Amps, and although the Milwakee battery is 18v it would not last as long as your Anker Astro.
This is because I think 1 Amp is 1 Amp regardless of the voltage. But you or others may very well correct me on this, because I'm not sure myself.
Regarding the cabling you should use a powered USB hub that doesn't backfeed power. Have a look in this thread http://forums.hak5.org/index.php?/topic/27837-bad-luck-with-powered-hubs/ It's recommended a hub there.
And as far as I know your tablet should be able to do anything a laptop could do, as far as the web interface on the Pineapple is concerned at least.
ICS through 2nd WIFI Card?
in WiFi Pineapple Mark IV
Posted
Yes, that should be possible with the Network Module. Have you checked it out already?