hfam

I had a feeling that it was something along these lines. For my part, I carefully and intentionally worded my post so I never indicated a "bug", but that something was introduced, and perhaps expected behavior. This was an upgrade after all with improvements at the security level, and I had a suspicion this was the side effect of an improvement pushed in the new update and not unexpected. I'm glad to know what the issue is, fix it up, and get on with it, thanks again for taking such good care of us seb! We love you brother! :)

Could be, but consider this: Target #2 is prompting me to actually log into the network when choosing the Karma SSID, using the same pineapple login page, with root already populated. This is before attempting to open a browser and actually get a redirected request. Even though both ask for auth when opening a site, it seems it's the network asking for authentication, not a faulty redirect because once you log in, the request is redirected and you get the payload. Also, confirmed there are no rogue chars in the spoofhost file. It'll be interesting to find out what's going on though. Can't do anymore fussing with it til tomorrow though. eta: clarity

Thanks for all your hard work seb! Upgrade went fine, but unfortunately it looks like something else was introduced? On Android devices (the same ones that worked yesterday flawlessly with the MKV), in order to access the network, i have to actually log into the pineapple before the payload shows up? Target #1, HTC DNA: Before 1.0.1, Karma and RR worked flawlessly. Now, I can connect to Karma SSID the same way (select it and it connects), but when opening a browser, any page presents me with the Pineapple Login, root is already in the username dialog box. if I login, I then get the RandomRoll payload. Target #2 Kindle HD: Before 1.0.1, Karma and RR worked flawlessly. Now, when I connect to Karma SSID, after the "open network" warning, I get another warning indicating I must log into the network before use. I choose OK, and I am presented with the Pineapple Login Page, root is already in the username dialog box. I choose to cancel, shows me as connected to the Karma SSID, and then I open Firefox. Any attempted page presents me with the Pineapple Login, root is already in the dialog box. If I login, I then get the RandomRoll payload. What changed that would cause this? If it's expected behavior, the target rich environment just became target barren. :( Any help would be greatly appreciated, thanks! eta: clarity

Very sweet, thanks! Been waiting for a complete all break downs list from 1-300 for what seems like forever.

LOLOCOPTERS!!!! I was having a completely shitty day up to now, THAT was what I needed!! Thanks for the huge laugh brother!! :lol:

Spot on! I see one there for $1200 BIN. Damn it, I just dropped a bunch of cash on a new 7 string or I'd add that to my arsenal. In the meantime, I can dream about Kismet on Android :) :)

mmmmmmmmmmmmmm....Flooooooooook God I love Fluke gear

The travel kit battery is 8800mAh

WOW!!! The travel kit arrived today and the extra goodies are awesome, thanks Darren and the entire Hak5 crew!!! LOVE the coins and stickers!! Some lucky bastard is gonna get an AWESOME geocache coin on their next outing, gotta share! :) The NSA stickers are high style!! The travel case looks to be of excellent quality and even better than I'd imagined! Charging the battery right now. Thanks again to the Hak5 crew for taking such good care of us!!

There's a problem for everyone, as indicated in the *other* DNSspoof is broken thread: https://forums.hak5.org/index.php?/topic/30580-dns-spoof-not-spoofing-the-dnses/ ...where Seb indicated "there is a fix on the way".

Sleep is for the weak!

Thanks seb, I knew you'd bring the code!! :)

Bumpity bump. Seb? Darren? Can either of you weigh in on this issue? It seems there is definitely something amiss with DNSspoof beyond fixing the built-in editor (a la the MKIV issue) to stop inserting ^M at the end of each line when saving an edited .conf file. I'm out of ideas on this one.

You got a bad Anker. I ran the MKIV with my Anker 10000mAh on 12v and it would run for 12 hours, easy. I never ran it down to the bottom, but it would run seemingly endlessly. I'd return that Anker and get a new one.

There is already an entire thread on this issue. Please search the forums before starting another thread: https://forums.hak5.org/index.php?/topic/30580-dns-spoof-not-spoofing-the-dnses/

No worries Darren, thanks for handling it, and good luck!!

I'm not sure how a MKV is going to "mimic" what the NSA does with regard to personal privacy, or how you position a demonstration based on those parameters to relate in any way to what the NSA is doing. A couple of salient points: - I would have to hunt far and wide to find anyone who still actually believes that a warrant is a crucial requirement for data spying and acquisition, your mileage may vary. - The "warrant" is a legal issue and has nothing to do with technical capabilities. The definition of "spying" belies any sort of notion that a "warrant" is required. - The NSA is able to achieve their warrantless spying because they not only have the ability to capture packets on the internet backbones, but the other crucial issue is that they have padded the bank accounts of private sector tech giants millions and millions of OUR taxpayer dollars, in secret, so they will provide the ability to violate your privacy through back doors, and unmitigated access to decrypted data. Microsoft, Apple, Skype, YouTube, Box, Twitter, Google...you name it, the NSA has paid them off with OUR money, in secret...and these companies took the money, in secret...and let them in the back door, giving the NSA complete, unmitigated access to the data AND the identifying data, in secret...so they can save it all and pin whatever the witch hunt du jour is at the FedGov on you, your friends, neighbors, and loved ones at their leisure. Every one of these corporations happily obliged the NSA in their quest to violate your 4th amendment rights. I suppose at an almost unrelated level you can attempt to show...something...regarding the issue of eavesdropping on what most assume is a private data stream, but I assure you that PRISM doesn't incorporate SSLStrip, pineapples, or warrants, to achieve their goal of making sure they can prove everyone is a criminal. It would be very hard to equate the two aside from the base issue of obtaining data in secret. Good luck on your presentation though :)

Darren indicated in another thread there was a last minute delay with the supplier, and thought they'd go out on the 25th. I too am awaiting the shipment, same deal. I'm sure everything is under control. :)

That *is* evil! ;) Sounds like something is flaky anyhow. I didn't use any wild cards in my entries and at least the redirect happened, so maybe there's a clue there, but yeah, looking forward to seb solving the mystery for sure. :)

**cough**YAGI**cough** ;)

I did as I indicated above, cleaned up the file and entered 2 test domains using VI, made sure there were only the 2 lines containing the domains, restarted DNSspoof, and I get the redirect.php as advertised for those 2 domains. I haven't dug into it any further to see if there are further bugs, but DNSspoof went from not answering the call, to answering based on the above actions. The issue appears to be the GUI editor, not DNSspoof, but again, I stopped there because I had other shit to get done. :) Looking forward to seeing what seb & Darren have to say.

;) anytime brother

1. dat manual, page 6. 2. Go reread the thread, you can address the issue manually in the meantime until the devs can answer as to what to be done about the GUI editor.

<html> <head> <meta http-equiv="REFRESH" content="0;url=redirect.php"> </head> <body> </body> </html>

<?php //ini_set('display_errors',1); if(file_exists('/pineapple/includes/welcome/')){include('/pineapple/includes/welcome/welcome.php'); exit(0);} include_once('/pineapple/includes/api/auth.php'); if(isset($_GET['noJS'])){echo "You need to have JavaScript enabled to use this UI.";die();} ?> <html> <head> <title>WiFi Pineapple - Management</title> <meta http-equiv="cache-control" content="max-age=0" /> <meta http-equiv="cache-control" content="no-cache" /> <meta http-equiv="expires" content="0" /> <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" /> <meta http-equiv="pragma" content="no-cache" /> <link rel="stylesheet" type="text/css" href="includes/css/styles.php" /> <script src="includes/js/jquery.min.js"></script> <script src="includes/js/functions.js" type="text/javascript" ></script> <noscript><meta http-equiv="refresh" content="0;url=index.php?noJS" /></noscript> </head> <body onload="init()"> <div class="statusBar"><div class="statusBar_content"></div><div class="logout"><a href="/?logout"><img src="/includes/img/exit.png"></a></div></div> <div class='popup'> <a id='close' href='JAVASCRIPT: close_popup()'>[X]</a> <div class='popup_content'></div> </div> <div class="tiles"><div class="tiles_wrapper"><div class="tile_expanded"></div></div></div> </body> </html> <?php if(!function_exists("check_login")){ function check_login(){ if (session_status() == PHP_SESSION_NONE) { session_start(); } if(!isset($_SESSION['logged_in'])){ include('/pineapple/includes/api/login.php'); exit(); } } } ?> that what youre looking for?