Jump to content

tom564

Active Members
  • Posts

    95
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

tom564's Achievements

Newbie

Newbie (1/14)

  1. I am sure you will be able to find an expert on Google who will build you a fourum for a reasonable rate... or you could find one of the hundreds of guides that are already out there
  2. Some clients that have connected to an open wireless AP in the past will connect, however newer devices may not.
  3. No, The pineapple also does not work with any encrypted networks as the clients will not connect to an open AP when it is expecting a WPA one. Even if it did the way WPA works does not involve sending the pass phrase over the network IIRC.
  4. I don't know exactly what you are asking but i will attempt to give you an answer. Everything (i think) that is done on the pineapple can already be done with a computer and a wireless radio that is capable of packet injection etc. If you are asking if a RTL_SDR radio dongle could be used to perform pineapple like functions it can't as it is locked to receive only and is incapable of the 2.4Ghz band in any usable form.
  5. I played around with veil using a reverse meterpreter payload and py2exe and was able to make an undetected file. I also read somewhere to not use virus total as it may result in quicker detection as they share signatures but i don't currently remember the alternative.
  6. HTTPS is not that simple to decrypt, you can't just share a decryption table as a new symmetric key is derived for each session AFAIK. You need to either attack an application that does not check the validity of the SSL cert and use one that you sign or somehow obtain a trusted certificate signed by a CA for the site you wish to impersonate.
  7. Maybe hardcoded IP's into the app? or cached DNS?
  8. The DNS querys are still done unencrypted with HTTPS so i think DNSspoof should still work. the problem i think you would have is the browser moaning about the cert not matching etc.
  9. The biggest delay is the initial one for it to install drivers IIRC, most of the other ones are not really a problem
  10. Maybe look into DNS spoof and running your own phishing pages?
  11. I just did the same thing, i bought a domain name from domain.com and pointed the name servers to namecheaps free DNS service as they have a capability for dynamic updates.
  12. I like it :P, would it be possible to make it so it is not every post and have it increase in frequency over time?
  13. Yeh i think that is the way i will have to go. After thinking about it i don't really need real time results and can play back capture files every x minutes
  14. Sorry i should of stated. I need it to be passive and to not have to be connected to the network.
×
×
  • Create New...