Skipper
-
Posts
75 -
Joined
-
Last visited
Posts posted by Skipper
-
-
Thank you so much for addressing this Darren, I received my order yesterday with the Cruzer Fit and I have the same problem, and it's not often you see people people concerned about a product issue and give a solution that everyone will be happy with :D
*EDIT* Just received my email about it being sent, thank you :D
-Skipper
-
Hey guys :)
Here i have:
2x 5dbi Antennas (HakShop)
2x RP-SMA male to female Right Angle RF Connector Adapter (Ebay)
2x DC Power Plug Connector 90 Degree Right Angle 5.5X2.1mm (Ebay)
1x Mini USB 5P Left Angle Male Cord to USB A Male Right Angle (Ebay)
1x Alfa Usb WiFi AWUS036NHA (HakShop)
1x WiFi Pineapple Mark IV (HakShop)
1x Anker 10000mah Battery (UK Amazon)
The setup goes like this:
And all goes in here :
Sorry for the long post
what is the name of the bag you are putting your pineapple in? it looks the perfect size to keep everything in.
-
I'm more looking for a case that looks like the one that came with the travel bundle but a bit bigger, does anyone know of any?
-Skipper
-
I know this isn't strictly about the pineapple itself so if this thread needs moving please do so.
I purchased the travel edition on the pineapple and it arrived today, should be able to use it fully when I get my q200e laptop, and I will be travelling around a lot (henceforth the travel edition being bought :P) and the hard case that comes with the bundle seems a bit too small for my liking, and I was looking for an external hard drive case to store the pineapple and the juice pack in, but I'm going to ordering a ALFA NHA wifi card, can anyone recommend a case such as a external hard drive case that can fit:
The pineapple
Juice pack
ALFA card
and a little wiggle room for a few wires and maybe put my ducky in there.
If you can help it would be most appreciated :)
-Skipper
-
send me the index.html, the gif and the sounds in a zip and i'll send it back coded an ready to go :)
-
Sorry for gravedigging but can this be used alongside sslstrip?
-
Finally got my order in!
Turns out that my bank had blocked the card because they thought that someone had access to my account so i phoned them and they unblocked it and it worked straight away!
-Skipper
-
I'll keep trying, if I do get it to work then i'll report back on how so if it ever happens to anyone else
-
It still won't let me after using hotspot shield elite and changing to a usa IP, any other ideas?
-
It's not looking good, i've tried 5 different browser/os combinations and it still doesn't work.
any other suggestions?
-Skipper
-
The address that i'm wanting it to go to is my billing address, any other reasons why it could be not working?
-
Sorry for posting this here, I don't know where else to post it.
I recently tried to purchase a pineapple, a ducky and a cruzer fit for the pineapple.
When i got to the checkout the site had declined my card, but it works on every other site?
I'm from the UK and using a VISA debit card, i've contacted my bank and they said that there is nothing wrong with my card, is there a shop issue?
-Skipper
-
I think your smart phone would work for this also, not sure why this would be needed?
It would be used for quickly checking the logs, and I won't always have my phone with me but the Zipit will stay with the pineapple
-
I've been watching the Hak5 videos on the Zipit Z2 linux install, and since it is a very cheap device i'm thinking about picking one or two up tommorow, and it got me thinking could I use this to monitor my pineapple logs?
So the scenario would be if i'm around with my pineapple in my bag Pineapple'ing(?) away I could just open this device up, and check the logs of what people have been on? or some kind of integration with the pineapple in any way?
What do you think?
-Skipper
-
From what I understand facebook uses https for login but isn't secure once you're in... So that's probably not going to get you any credentials. I don't know about the others offhand. Just go to the login webpage for each and look. You don't actually need to login or even have an account. If the webpage for login has a padlock icon on the browser or uses https it's a no go.
I think there is also a post specifically for Phising Pages, more specifically it's a page about not asking for them or posting them. But, a theoretical question about how they work and/or how others have implemented credential harvesting to a log file from a phising page could probably be answered.
Ok, thanks for all of your help :)
I'll just have to look on the web for pages that they are most likely to go to during the demo and if they are a https page for the login, i'll make a copy of the page and send them to that and the rest i'll leave for them to use normally.
i'll mark the thread as solved.
-Skipper
-
I think they're currenlty working through a bug... but the Keystroke Logger infusion may be what you're lookging for. Won't work for https sites but could be fun to ask people to go to a page you know will work.
Ok thanks, do you know if sites such as facebook, twitter, youtube etc. use https? I know that banking sites will use it or some sort of higher protection.
-
I've ordered my Pineapple, and I need to know if there is a redirect.php script for letting people login to something, but instead of redirecting them to a 503 let them login and use the site? but leaving me with the username and password?
So instead of redirecting, just "monitoring" their logins etc.?
Nothing malicious will be done with this, just want to give the best demonstration i can to my school in a few weeks, i will have full permission to use the pineapple for demonstration purposes only.
-
Phising page.... Landing page.... whatever it is you want them to see can be stored local and will pop up when you have the redirect setup properly. If you call out specific sites in DNS Spoofing it will only redierct those sites. You can set it to redirect all, which is what Random Roll is set to by default, but that doesn't seem to be what you want. If you don't set it specifically they will just surf normally unless you choose to mess with them some other way...
For example...
www.facebook.com might redirect to www.myspace.com or internal \usb\www\landingpage.php
www.youtube.com might redirect to www.nsa.gov
www.yahoo.com might redirect www.gmail.com or a specific Rick Roll youtube video
Ok thanks, got what I need to know for my demonstration now :) marked as solved.
- Skipper
-
Yes, ICS and DNS Spoofing will accomplish the first part... but you're going to have to define "monitor" for the second part. For example, Do you want to redirect only certain websites to a Phishing Page that you've created, and stored on the pineapple, for credential harvesting? You are essentially the Man In the Middle so the list of what you can do to the people who are redirected is pretty large.
It won't be for phishing page as it is for a demo for my school and illegal anyway, but I would want it to go to a page that I will make in HTML, because part of the demo will consist of the pineapple being around, and they will connect through it without them knowing (I will have them know BEFORE they enter any sensitive info) and then when they goto facebook or something that I create and store on the pineapple or the sandisk usb then it will bring up a page describing what the pineapple can do and how to prevent it.
By monitoring I meant redirecting to pages that i set in the redirect.php and any pages that are not in that file they can access as normal, can this be done?
-
Have a look at the DNS Spoofing page... The examples in there are what you are looking to do. Or install the RandomRoll infusion and note the changes it makes to enable it. Typing in one address and getting redirected to a different one is what it does...
Have a look at the DNS Spoofing page... The examples in there are what you are looking to do. Or install the RandomRoll infusion and note the changes it makes to enable it. Typing in one address and getting redirected to a different one is what it does...
I know how to redirect people, but can I make it so they can use the internet as normal while connected through my pineapple? would enabling ICS or something do it? I want it so they can use the internet how they would normally, but for any site i set and they go to it, i can monitor it, possible?
-
I know i've asked this already but I still don't understand, but can I use the pineapple to monitor or redirect to certain sites that i set but if nothing has been set for a site can they go to it and use it normally?
as I am doing a demo for my school on network maintenance and security in a few days.
example:
REDIRECTS SET IN CONFIGS OF THE PINEAPPLE:
http://www.facebook.com/ -------> CUSTOM PAGE FOR DEMO
CLIENT WANTS TO GO TO: http://www.google.com
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
can he use this and other sites that are not set normally?
But if he goes to:
can it redirect him to a page that i make for the demo?
Sorry if it is hard to explain, but if you know what i mean, can this be done?
ALSO: I heard that you can only use the pineapple on open networks (btopenzone, btfon etc.)
is this true? if so is there a way to use it on networks with passwords that i will know?
Thanks
- Skipper
-
I'm looking into buying a pineapple, but i need to know a few things before i buy one for my demonstration at school.
1. How do people go about connecting to the pineapple eg. does the network name appear to be one that their computer has remembered?
2. If they are connected to the internet through my pineapple, can they still access facebook and use it? or can they play youtube videos or use the internet as normal? but i can monitor sites that i set?
3. is there any way of using the pineapple on encrypted networks? ones that i know the details to?
Thanks.
- Skipper
What is this box? (or something similar?)
in Questions
Posted
I was watching the interview between Darren and the developer of reaver, and he showed a demo of the program on a dedicated box which had reaver pro installed, does anyone know what the box was called or what is something similar to this box?
Thanks
-Skipper