Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by NotTheFed

  1. it is hardcoded in the module .js file: $scope.refreshLivePreview = function () { window.frames['livePreviewIframe'].src = ""; At least the preview is. NTF
  2. There was a mention in some post that the Tetra in client mode has some features that do not work correctly. Not sure where I saw that. NTF
  3. so.. I was thinking that if a db was installed to the usb, then you could customize the various scripts. examples: *every new association is logged, and MAC\IP device name\type added to a row in the db. *DNS spoof gets modified to check the data in the db FIRST. IF set to 'one time' then only redirect if it is the first time. IF device type (bb, iphone, android, ect) redirect one time to a malicious page (iphone.php, ect..) with specific exploits. (copy contacts, sms,photos, ect to USB) IF browser type (info from dnsfpoof or urlsnarf?) IE, Safari, ect.. then different phish pages are shown..ect *nmap.php script to use the DB to determine OS, and open ports. That would feed an autopwn script. With a DB.. you could autopwn devices (once or periodically based on last pwnage) OR do nothing since you have them already. You could have a table in the DB that has updated exploit information per target version. granted.. this would require multiple mods to various tools.. but could really take the mark4 to a new level of offensive auto attack. just dreaming.. NTF
  4. 10.8.0 Darwin Kernel Version 10.8.0 using built in wireless. NTF
  5. I have a similar setup. internet via en1 (wireless - with dhcp from wap\router) connected the mark4 to the ethernet (not macair, just macbook pro) via the POE on the mark4 and en0 I MANUALLY set the ip for the en0 interface to be I then setup sharing (via network settings) to bridge the two. works great. en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 00:16:cb:8b:95:52 inet netmask 0xffffff00 broadcast inet6 fe80::216:cbff:fe8b:9552%en0 prefixlen 64 scopeid 0x4 inet netmask 0xffffff00 broadcast media: autoselect (100baseTX <full-duplex,flow-control>) status: active en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 00:14:51:ed:cf:38 inet6 fe80::214:51ff:feed:cf38%en1 prefixlen 64 scopeid 0x5 inet netmask 0xffffff00 broadcast media: autoselect status: active
  6. what would be really cool.. is a menu add to start\stop sslstrip like the other key services of the mark 4. One that would set all the IPtable settings needed, ect. NTF
  7. yes.. I see that as well.. sometimes it effects the code, often it does not. the editor is leave a hard return from the best I can see. I routinely remove them. I get these when editing on the MAC and moving the files over to the M1V NTF
  8. installed works ... awesome. thanks. NTF
  9. very nice pics... what battery and cable are you using? NTF
  10. by default if you have not moved them.. /www/pineapple/logs/urlsnarf.log NTF
  11. You can download it from here: https://github.com/sebkinne/wifipineapple then jus scp it over to the device. NTF
  12. Ok.. right out of the box looks great. Comes with a TON of adapters. Plus it has the correct barrel cable needed. http://www.doevil.com/pinebat2.jpg very thin compared to the incredicharge, but a bit bigger foot print. Hard to tell in the pic, but is about half the height of the pineapple. (very flat) bottom line, works. 12v 4a direct, PLUS the additional USB if needed for another device.16000mAh capacity. this one will surely run the pineapple with any modem. **update** so a test run with this.. without a modem (just the usb drive)....and it looks like the battery pack stopped after 2 hours. I wonder if it thought the device was full charged? unplug, plugged back in... pineapple started up. Might not be enough draw from just the pineapple\usb to keep it running. NTF
  13. it is possible if the realsite you wish has child domains.. http://forums.hak5.org/index.php?showtopic=25892&st=0 look into that... I have many pages that work. SOME times the DNS spoof loops if the target refers back to the parent domain for content..ect NTF
  14. google (video) for wifi pineapple phish you will find a few tutuorial types of videos. NTF
  15. what client are you using? if windows...find an dl winscp that should work for you. if Mac.. I like FUGU. NTF
  16. ssh to the device and at the prompt type: passwd (follow the prompts) NTF
  17. I picked up this connector: http://www.amazon.com/gp/product/B006MWXZM0/ref=oh_o02_s00_i00_details fits nicely. I do not know about 3g. I do have a second battery coming in the mail as well that does the 12v output. I will post review on that once it arrives. NTF
  18. http://www.hackersarepeopletoo.com/ this one is ok... NTF
  19. yes it does... prompt for a pw. Are you trying to find a way to move files to the device without having to provide a password? I image in you generate the ssh keys, you can then configure rsync over ssh. NTF
  20. is SFTP turned on? download and use FUGU to scp any files you need over to the device. thats how I get files over on it. NTF
  21. pricey is right. but interesting none the less. NTF
  22. ok.. so it works. right out of the box (came with 79% charge) configuration is mark4\usbfit4g. Obviously without the lan tether, there is no internet to bridge.. but it serves up the rickroll and the phish pages with no issues. swap is still on the usb, and ssh to the device works as expect. I will test how long I can have it up later, after I charge it full. here is a pic: http://www.doevil.com/pinebat.jpg NTF
  23. here are the ones I use for netflix http://www.filefactory.com/file/7i14ry677cud/n/Archive_zip I use the net for all the .jpg with this site I use the main landing page (netflix.html) then the user clicks on (member sign in) that opens NetflixLogin.html the login.php then writes the name\pass to /usb/logs/phish.log and redirects to the real netflix site. NTF *edit* you will have to change the part for the redirect for netflix. didnt get that copied over to the login.php should be:
  24. THIS works.. and can be built up... redirection for the known sites that work, back\refresh for others. getting closer.. now if I can do the post portion. NTF
  25. edited.. not changed up. one phish page I have is like this: www.target.com (line in dnspoof) since this site has a follow up signon of: https://online.target.com/signon I can use: header('Location: https://online.target.com/signon"); and the user is presented with the REAL logon page. (after params are written to phish.log) not perfect, but I am still working on this. does NOT work if you are redirecting back to the same url you are spoofing. *wish I new how to write PHP..but googling my way along* NTF
  • Create New...