Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by King_Hrothgar

  1. No other infusions running but I have a ton of them. So you might be right on that. I'll just wipe the thing, if others aren't having any issues that should fix it.
  2. Ok, got it and something went horribly wrong. It basically blocks all internet access. Turning SSLsplit off doesn't solve the problem either, a full reboot of the pineapple is the only way to correct the issue. I tried reinstalling it all and it didn't help. I didn't touch any of the configuration settings on it, simple install infusion --> install dependencies (via the tile or in the SSLsplit page, tried both ways) --> generate key --> start. I ran SSLsplit on Kali maybe a week ago with no issue. Well, tons of security warnings on the victim machine of course, but it didn't block anything. I looked through the configuration section and the iptables all look pretty much the same as what I used on Kali successfully. Not sure what's going on here. I installed to the microSD rather than internal storage but I don't see why that would be an issue. Might try the other way in a bit.
  3. Many thanks Whistle Master. Will grab it a little later tonight. Cheeto, that's how it works. It isn't like SSLstrip where it tries to simply remove SSL. Instead it has the attacker pretend to be the end user to the actual website and then applies its own encryption before passing on the data to the victim machine. This new encryption has a different set of keys and a different certificate. Unless you work for a real certificate authority (CA), you can't create automatically trusted certificates. As such, you have to make your own CA that obviously, no one even knows exists by default. To avoid messages like the one you got, you must add your new CA to the list of trusted CA's in your browser. It's fairly simple to do. Here's a link on how to do it (as well as use SSLsplit in general): http://blog.philippheckel.com/2013/08/04/use-sslsplit-to-transparently-sniff-tls-ssl-connections/#Create-and-install-root-CA-certificate Edited for typo's
  4. Didn't even know these existed, learn something new every day. I too am curious as to how well these things work. I'd be more interested in one of the smaller, cheaper 2W versions. 4W is just overkill, I'm not trying to get internets on Mars.
  5. So I'm trying to bypass the rather crappy wlan0 on my Pineapple. Using SSH, I tried setting up wlan2 (an alpha card) to be the AP while keeping wlan1 as the client card. Unfortunately, this isn't working. After putting wlan2 into monitor mode, I tried to launch an AP on it with airbase. Although it looked like everything worked fine on the ssh terminal, a quick scan revealed no AP was ever actually created. I kept this initial test simple, not actually having it forward anything. It was only airmon and airbase run in isolation. I shut down wlan0 as well just to be sure. Exact commands used: ifconfig wlan2 up airmon-ng start wlan2 ifconfig //to confirm previous 2 steps worked airbase-ng -c 11 --essid powertest mon0 Result looks like this: root@Pineapple:~# airbase-ng -c 11 --essid powertest mon0 18:37:10 Created tap interface at0 18:37:10 Trying to set MTU on at0 to 1500 18:37:10 Trying to set MTU on mon0 to 1800 18:37:10 Access Point with BSSID 00:C0:CA:65:F2:DF started. Looks normal to me, these steps create an AP (that does nothing, but that's not the point) in Kali. But as said, no AP actually shows up when searching for it with another device. The LED on the alpha card does light up though, so it is active. Anyone have any thoughts? I shut down wlan0 prior to doing this test so that shouldn't be interfering.
  6. Pay close attention to what the browser actually looks up when you try to spoof a site. If you're using firefox or chrome, I promise you it's sticking in https regardless of what you enter into the address bar if you are going to a common site (twitter, youtube and so on). Assuming the browser hasn't cached the IP already, this often results in simply blocking the website. DNSspoof is primarily effective against outdated browsers or when spoofing less common sites, like this one. If you are looking for a more reliable spoofing method, I suspect Darren's method would be very effective though I've never tried it.
  7. 100% here on IE and Firefox for Windows 7, Chrome on Android and Iceweasel on Kali. However, there is a very serious limitation in the way DNSspoof works. When a browser (doesn't matter which as far as I can tell) tries to locate a site, it will make a DNS request but only if it hasn't already connected to that site previously that session. If it has already connected to that site, then the DNS info is cached from the previous visit. This results in some "odd" things such as: 1) If I DNS spoof a client to visit fake.com instead of real.com, after I cease DNS spoofing, they will still go to fake.com until they end their browser session (typically requires a reboot of the device, not simply closing the browser). 2) If they have visited that site prior to me engaging in DNS spoofing, they will still visit the real site since the IP address for it is already cached. DNS spoofing is completely ineffective as no DNS requests are made for the target site. 3) Changing to a different browser will fix either problem without restarting since each browser caches the DNS info seperately. Other than somehow deleting the victim machine's cache remotely or causing their device to restart, I don't know of a way to overcome these limitations.
  8. The power really is restricted atm sadly. I've tried adjusting it but it never changes according to iwconfig. I also get lower signal strength on my tablet while sitting 2 feet from the pineapple than I do from outside the house to my real wifi router. So it isn't just an interface glitch, it really is running super low power. It does seem to be a new issue however. I bought my pineapple back in January, never had these problems till now. I did set it aside for a couple months though, so when the change came I do not know. But I noticed it immediately after doing the firmware update.
  9. I've had problems with this as well. One thing I noticed is out of the box with updates, my Mk.V DNS spoofs just fine assuming the target doesn't have the spoofed site cached. However installing and running nodogsplash breaks DNSspoof. Not sure the exact reason, but I suspect it's due to the tutorial having you change a setting from port 80 to 8080. I nailed this down after reflashing the pineapple twice after having this happen. The second time around I tested to see if it worked, which it did, then installed and ran nodogsplash and from that point on, even with nodogsplash disabled, it fails. It will either not spoof or spoof but not load the test page on the pineapple. Also, hi, been lurking a while but first post.
  • Create New...