Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


About mondrianaire

  • Rank
    Hak5 Fan +

Recent Profile Visitors

1,536 profile views
  1. I love it when people actually come back to post solutions to problems they start threads on.
  2. I'm sorry guys, ill get back on this in a day or so. Black Ops came out.
  3. I am finished with the first review of my project, I have started another thread on it. You can see screenshots as well as give me some feedback and download the module as soon as it comes available there. Thanks.
  4. I am almost finished with v0.1 of my offline phishing module. The premise of this module is simple. You set the ssid of an open wireless network (Free Public Wifi, etc.) When enabled, all requests will be forwarded to a 'walled garden' splash page. This will inform the viewer that they have limited access to only certain pages, and will give links to these pages. Every one of these pages are phishing pages that you can upload to the module (even your own!). Since all phishing pages are hosted locally, this module is intended to work all of the time, without internet access. It gives the user
  5. I have been working on a module extremely similar to this. The only difference is that there is no reason this sort of module should not be able to work offline. The idea is simple. Change SSID to "Free Public Wifi". Reroute (dnsspoof) all traffic to Default landing page is a walled garden page explaining that free internet access is limited to a certain number of websites, and give links to all websites (all of these websites are phishing pages). Perhaps even put in a clause about unlimited internet access for 'Premium Members'. You have to modify most phishing pages by downloadi
  6. That worked Seb. Upgraded and everything is fine. Having some monitor mode problems now but Ill save that for a new thread. Thanks for everything
  7. I may be misunderstanding the entire process behind this, but I do not understand how an ettercap filter would be the best way to do this. If I am correct, it is javascript that is doing the keylogging and reporting, and an iframe just displays the rest of the pages. If this is the case, would it not be easier to redirect all dns queries to a landing page that loads the javascript and then referral page in an iframe? This would not be a 'true' keylogger as it would only work while in a browser on a box connected to the pineapple, but it is far more than a 'credentials grabber' as some are su
  8. Browsing downloads.openwrt.org shows that the snapshots trunk is cut off (pun intended)? http://downloads.openwrt.org/snapshots/
  9. Pineapple Hardware Version (ex: Mark III, Mark IV, etc.): Mark4 Pineapple Software Version (ex: 2.5.0, 2.6.4): 2.6.3 OS used to connect to the pineapple: Win7 Network layout of how your setup is connected (including IP information): Pineapple gets internet from LAN/POE port connected to laptop. Can resolve domains from ssh interface of pineapple. (ping www.google.com resolves and responds) EDIT: this also happens when using an external adapter to supply wireless internet (wlan1 - AWUS036NH). All the tools/options that are running on the pineapple when the issue happened: Wireles
  10. What issues with USB passthrough? in VMware? I have no issues with USB passthrough with either adapter, if I plug them in after VM has started and with USB filters.
  11. yes, not only do os's handle dns caching differently, so do browsers. Trying a different browser (winkey + R, iexplore.exe :() This is mostly correct. It is true that the DNS is set by DHCP, but this is the case weather DNSspoof is running or not. The trick is that the pineapple is also a DNS forwarder. The way DNS works is by a series of redirects until the query finds the correct (authoritative) server. DNSspoof works by not forwarding dns queries for specific sites (the ones you configure in the settings). All other queries going through the pineapple are forwarded to the next DNS server
  12. Absolutely true. However a dns flush should take care of the problem for troubleshooting. Also, the easiest way to test this is with a simple ping. If you ping the domain from commandline, you can see what ip it resolves to. This takes a whole lot of variables out of the equation (i.e. browsers. etc.)
  13. the NH is definitely oob & monitor/injection capable. The NHR will need some configuration to work, but it is verified working. http://store.rokland.com/blogs/news/3821712-alfa-awus036nhr-is-backtrack-5-linux-compatible
  14. You could create a shell script to start reaver on a given access point (reaver -i mon0 -b [bssid]) and then execute the script when the button is pushed. You would just need to preconfigure the correct bssid in your script.
  • Create New...