Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

415 profile views

cristianbl's Achievements


Newbie (1/14)

  1. So I have a proof of concept which anyone can find at https://github.com/crblanaru/dnsmasq_i . My experience with php is (< beginner) but if someone could give me a hand it would be amazing. And if it could be included in the base image instead of dnsspoof it would be even more awesome. (I am yet to do the whole php redirect thing the dnsspoof is doing and logging the requests seems a little pointless to me, but it could be an option). Hoping for a reply, Cristian
  2. Dear Hak5 Community, Whilst playing around with the Wifi Pineapple MK5 -> dnsspoof and I noticed that whilst I would receive the spoofed reply, dnsmasq would also send the correct record. I then started investigating dnsmasq and I noticed that it is possible to use it in order to spoof hosts directly. The problem I have with dnsspoof is that sometimes the browser would get the correct reply thus making this module less useful. When using dnsmasq the success rate is 100%. Do any of you know why we are not dropping dnsspoof and use dnsmasq instead? I have a proof of concept infusion, but before I work on it any more I would like to know if anyone could foresee any issues with using dnsmasq instead of dnsspoof. Kind regards, Cristian
  3. Why don't we use the innate ability of dnsmasq to spoof hosts instead of dnsspoof? I noticed that the pineapple would reply to my queries twice when using dnsspoof (instead of once as I expected). After some research http://blog.philippheckel.com/2013/07/18/how-to-dns-spoofing-with-a-simple-dns-server-using-dnsmasq/ I noticed that is it 1. entirely possible thus moving away from the hit and miss of dnsspoof and 2. would make it much neater. Should we look into creating an infusion maybe? Wishing you all well, Cristian
  4. That is the case. After one day of running urlsnarf with no issues (everyone in the house was connected to the pineapple), I did a nmap scan, and it immediately restarted. So at least now I know that it does not do well under stress. Now the second issue still stands. SSLStrip is not acting right. Somehow it will restart the pineapple. I plan to start sslstrip, ask everyone to access as many sites that redirect to https and then I will ask everyone to close everything. I should not see established connection when everyone is out. My theory is that somehow the connections are not terminated, and this causes the pineapple to crash under load. The only thing I cannot tell (as I am not that well versed in programming) is if sslstrip is handling the termination of initialized sessions or Python. If someone could shed some light over this it would be great.
  5. I have experienced the same issue. I am unable to pinpoint it as the logs tell nothing (logwatch -f). It happenst of the blue, or when I open the urlsnarf log (in pineapple web gui with a big file), or when I start sslstrip (I was never able to run sslstrip for more then an hour without a restart!!!). I plan to try the following: 1. reflash 2.8.0 2. run urlsnarf until restart (take note of avg time - I do not believe that there will be issues with urlsnarf) 3. run sslstrip until restart (take note of avg time) The only thing I have noticed is that sslstrip does not close any of the connections to the server it connects to.... so I am thinking.... Last time I checked I noticed that I had > 30 connections opened. If anyone has any ideea please comment. Pineapple MK4, 2.8.0
  • Create New...