TylerCPU

I know. It was a dumb question, but thank you for talking about the rules on phishing pages.

Thanks for the quick response. ^_^

What do you mean exactly by,"please only share them cautiously on these forums" and why. Thanks.

Hesitated to share what kind of pages? I have created many how to videos on the pineapple. Should I remove all the phishing pages that I created and shared on youtube?4shared,blogger,box,dropbox,eharmony,facebook,gmail,googleplus,hotmail,instagram,linkedin,netflix,outlook,twitter,ustream,vimeo, and youtube. Doing more research I don't believe that making phishing pages it illegal. What is your personal opinion?

If Sebkinne Shushes people then you know it's the next big thing.(Samsung commercial)

I know. I was on the 2.7.0 firmware and in the middle of this process I upgraded to 2.7.7. I totally forgot until I was looking at that script and a light bulb went off(in my brain). Thanks for your help. I can finally redirect users to the mobile or desktop sites depending on their browser. Phew, it took a lot of work to get that running. Heres's the php script again. Share it with everybody if you want. It makes facebook phishing more slick. I'll start working on other sites using this code. By the way how do I mark your answer "Well, yeah. http://www.php.net/m...ion.stripos.php PHP5 only. Use strpos() instead -- make sure to make all string to lowercase before." as the answer to this topic?

Uhhhh, should have seen that. PHP5 only. Anyways the code strtolower() apparently lowers the text of the browsers user agent. I swapped out the stripos with strpos and it works on my server, but still not on the pineapple. This is what my facebookchecker.php looks like now. When I test this on my server it works and on my android phone and iphone 4, but when I do this on my pineapple it just stays on the facebookchecker.php page. It displays what I put in the file. Why does it not redirect? I'm running the firmware version 2.7.7. EDIT FIXED: I didn't add the "header('Status: 302 Found');" for the if(strpos($ua,'linux') !== false) part. It works now. Yay! New facebookchecker.php

I found this tutorial on youtube. This might help you out for OS X.

I have another problem. I scrapped that project and started my own php checker that does not use preg_match. The php code is from here that I hacked together. So I have all facebook requests(from the redirect.php file) go to facebookchecker.php and checks if the browser is a mobile one or desktop one which looks like this. My problem now is that I get this error. It works great on my webhosting server, but not on the pineapple. Whats going on?

It's back up.

How much are you asking for now? Is it sold yet? Is this the real deal, legit signatures? Thanks.

The site is back down again.

Thank you so much! So does this come in a new firmware update, or is it just a module in the repo that I install? Thanks again.

I tried to run opkg install php4-mod-pcre and this is what I get. root@Pineapple:~# opkg install php4-mod-pcre Unknown package 'php4-mod-pcre'. Collected errors: * opkg_install_cmd: Cannot install package php4-mod-pcre. root@Pineapple:~#

After more research it looks like I have to recompile php. Beginning with PHP 4.2.0 these functions are enabled by default. I guess someone used the --without-pcre-regex when compiling. The pineapple is running php version 4.4.9. Even if I could recompile it I can't find php 4.4.9 source. The only ones I can see is php 5.3, 5.4,5.5. It looks like if I follow this tutorial on phps website here. I can recompile php, but even if I could do that how do I configure it properly for the pineapple and install it? I know that's a lot to ask. By the way why does the pineapple run on such old versions of php?

It looks like php-mod-pcre is not in your pineapple repository. When I run opkg install php-mod-pcre I get this root@Pineapple:~# opkg install php-mod-pcre Unknown package 'php-mod-pcre'. Collected errors: * opkg_install_cmd: Cannot install package php-mod-pcre. root@Pineapple:~# How do I install this package on the pineapple?

I am creating phishing pages for websites which includes making m.facebook.com for the mobile site and facebook.com for desktop users. Now it works good, but most users don't go to m.facebook.com they go to facebook.com and let php do the redirection for them on mobile sites. Now I got it working mostly. This is my setup. Redirect.php has a line that points facebook to facebookredirect.php. The facebookredirect.php file looks like this That code is from here. The code "mobile_device_detect.php" is for checking if the request for the site is from a mobile web browser or from a desktop which is here The facebookredirect.php says that if it is a mobile web browser go here or if it is a normal page go here. Now it works on my web hosting server but not on the pineapple. The error I get is this Apparently this function is looking for strings in the browsers User-Agent. The pineapple should be able to run this included function. It is included in php 4 and 5. If you put these files (click here) in a web directory on a web server like hostgator or dreamhost and go the the facebookredirect.php page and depending on your browser you should go to the correct page. facebookmobile.htm for phones and facebook.htm for desktops. If I could figure out this error and get it working it would be pretty slick for any users that go to facebook.com on the pineapple to seamlessly go to the mobile site for mobile users and the normal site for desktop users.

I asked @Sebkinne why you have to add the 'header('Status: 302 Found');' for the phishing to work. He said,"For some reason we are having issues with the header that is being sent back. The location header gets sent but the status header gets sent as 200 instead of 302.That means that your browser sees that it has a location to redirect to but it wont unless the status is 302." I think I will start working on the phishing pages for mobile browsers. You can check out the mobile facebook website redacted and more to come. To make this work add this to the redirect.php file. and this to the dnsspoof file Go to m.facebook.com and have fun.

Well that's good. Whenever I run into problems like this I usually reflash and start over again. That fixes the problem. Sometimes not. Anyways I glad the issue is sorted out too. :D

Thanks for the input. What I mean by "unstable" is problems with configuration. In the 2.7.5 firmware it had a redirect.php problem and USB 3G connections problem which was fixed in the 2.7.6 firmware. Which was never a problem for me at least in the 2.7.0 firmware. I can't vouch USB 3G, but that's what I mean by, "unstable". I never said that the permissions problem was the pineapple or the usbs fault. I just stated that it looked like a permissions problem and that I saw it was fixed by chmod. You can't deny that there are problems with beta versions. You can see that in the change logs with 2.7.1,2,3,4,5,6,7. I just like to stay with the Latest Stable Version. Anyways I'm so glad you guys are working hard to smash these bugs. Keep up the good work! ^_^

Oh sorry. The way you worded your sentence sounded like that. Anyways I only use stable versions of the firmware. Go back to 2.7.0 , but since you got it fixed you don't need too. This is why I don't use bleeding edge firmware. It has problems. Again I'm glad you got it fixed.

Yes, that looks like a permissions problem. That's one of the reasons I don't use bleeding edge firmware. I stay on the stable versions which right now is 2.7.0.It's less hassle. I'm glad you got it working.

You put symbolic links in the /usb folder? What you need to do is put all the phishing files on the /usb folder and make links in the /www/ folder that are pointing to the /usb folder. Not the other way around. Leave the redirect.php, error.php, and index.php files in the /www/ folder. There should be no rapid oscillation between redirect.php and the page your trying to go to. The easiest way to fix this is to start fresh. Re-flash the pineapple and follow this. And clear out your browsers cache before using the phishing files. You can use ccleaner if you want.

@SystemCrash86 I got it figured out. I know why you are getting this problem.I wanted to see if I did something different than you. So I reflashed my pineapple and followed my tutorial to the tee and it worked fine just as usual. Then it hits me! You type in www.facebook.com but I only type in facebook.com. I never use the www and when I try and go to www.facebook.com. I go to the real site. Just like your problem. So I went and eddied the DNS Spoof Config. So with 172.16.42.1 facebook I also include 172.16.42.1 *.facebook.com. Now when you go to "www.facebook.com" you go to the phishing site. Go redownload my dnsspoof.txt file in the description of my youtube video, "Advanced Phishing on the Wi-Fi Pineapple IV ". Your problem like mine should be gone. Now you can target sites like facebook.com without forcing all dns traffic to go to the pineapple.

Yes, thanks for all your hard work. @Mr-Protocol and @digininja. You Guys are awesome. Keep up the good work. :)