Pacmandu

Yeah I did a hard refresh cause I also thought it was the browser. I'm glad I'm on the same page as you with that fix. What's the new feature you are working on? love all the hard work you have put into this. Thanks Pacmandu

Ok, I rebooted and it worked. Thanks. Weird that it needed a reboot. On another note I had a chance this weekend to start messing with the code and I believe I have a fix for allowing spaces when changing the non-karma ssid in case you didn't come up with a fix yet. change the line that changes the ssid to say: exec("hostapd_cli -p /var/run/hostapd-phy0 karma_change_ssid "."\"$_POST[newSSID]\"");

Can anyone else confirm that the change blacklist to whitelist button is not working in 2.1.2? I hit the change button but it just stays on black list mode but it works when I manually type the command via ssh.

Yeah I have seen the video. Yeah, it's not the php files of facebook and google, you have to clone the entire site your are trying to spoof and change the input form fields to point to the pineapples error.php. The landing page redirects to redirect.php and then based on the URL the target came from the redirect.php serves up that spoofed site. Then, once the target enters in their credentials it will send it to error.php and dump what they typed in to /www/pineapple/phish.log and display whatever html is in error.php. Hope that answers your questions. Pacmandu

I guess I'm not seeing what the issue is. What is your end goal? What are you expecting the pineapple to do? Are you trying get around the spoof yourself or are you trying to get your clients around the spoof once they accept? dnsspoof will never let you go past your landing page as everything is redirected to the pineapple and the phishing pages will not forward you either. So what you are describing is normal use. If you want to actually go to google.com then you will have to stop spoofing yourself. Pacmandu

Hi TheKingUnderTheHill It depends. If the memorized network is secured with a password then it will connect to the memorized network instead of the pineapple because even though karma is looking at the probe request it can only replicate an open network because it doesn't know the key for the secure network. But if the computer remembered an open network then karma should kick in and grab that client before it can connect to the legit router if you are the stronger signal. Can elaborate more on what you mean? When you dnsspoof, you are spoofing everyone including yourself if you are not providing internet to your captured clients. So if the pineapple is standalone in terms of just the pineapple and no route to the internet then no you can't go any further which is kind of the point for this type of phishing. Now if you are talking about dnsspoof'ing and providing internet then you will have to come up some type of iptables rule and allow the client out once they hit accept (or whatever your phishing page is). Take a look at g0tm1lk's fakeAP_pwn script (Link) for that kind of stuff. Airdrop for sure, from a laptop. It is easy to setup and there is some good documentation out there so I won't go into detail. Hope this helps Pacmandu

Sweet. Thanks telot for responding to my inquiry about PoE. This looks great. I was tired of the battery pack or when there was not any wall outlets around. Thanks.

Hi everyone I saw in tech specs of the AP51 that it supports PoE (Power over Ethernet) and was wondering if anyone has tried that route yet? I saw a PoE adapter made by Alfa for $24.99 Link and would this be the right thing to get for this device? and would there be a way to get this to power off of my laptop's ethernet port or do laptop ethernet ports not support pins 4,5 and 7,8 for power and return? Just thought it would be smart to power and use the pineapple off of one port and use what alfa gave us. Thanks Pacmandu

Nevermind. got it working. changing HTTP_REFERER to HTTP_HOST fixed it

Hi Everyone I have facebook.html setup correctly and error.php is working great and can confirm that when I navigate to facebook.html manually and check phish.log but for some reason redirect.php is coming up with a blank page and not forwarding to facebook.html. I changed the files and rebooted the pineapple but still no dice. I dont know much about php and any assistance is much appreciated. And I am doing some research but coming up short with the search results. Thanks Pacmandu

Yeah sorry. I just saw that earlier today. Thanks for the reply.

Hi everyone Quick question, what script or feature uses the phishing net/phish.log on the pineapple. I have firmware 1.9 version 1.02 and was just wondering why phishing net and phish.log never got used when using all the features of the pineapple. Thanks Pacmandu