Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Posts posted by daniboy92

  1. DNS Spoofing doesn't work for me if the website is using https not even using sslstrip works haven't looked much into ways around https i've been slacking bad in my infosec

    Yes, success of dnsspoof it's very limited, hope Mitm proxy get release soon.

  2. Sort of answering my question, but i still see a problem.

    Solution to the question above.

    To deauth in PinAP i had to turn on the whole suite. Turing on PineAP only didn't do it for me.

    Where i see a little problem however is that once the client is booted from the AP. The Client could reconnect after a minute or so.

    Is there a possibility of sending a continuous deauth?


    Even the harvester?
  3. Hello guys,

    First of all sorry for bad english.

    This is another noob question, i'm trying to make a ssh connection but not in a local net rather internet. I'm trying to ssh to my pineapple using this configuration:

    Host: root@MyPublicIp

    Port: 2222

    Listen Port: 22

    Then i generate my public key....

    Public Key - Generate

    At the end i go to my android and set:

    root@MyPublicIP:22 and click in Quick Connection but then y get: CONNECTION REFUSED...

    This is the app i use:

    [Juice SSH]


    Hope you can help me!

  4. This issue has nothing to do with Evil Portal or Portal Auth. If you can't get the portal to redirect it is a problem with your HTML or JavaScript code.

    Nope, now is working fine and before too. I say this for help a make a best infusion, i like so much your infusion so that is my report... Sorry for give any proof of that but now is working fine after a factory reset :D

    Edit: and i don't change anything in my html and php code, i thought was that.


  5. Whoa! There is no need to factory reset. PortalAuth will allow you to clone a captive portal on an access point before authenticating with it. The cloned portal will be stored in your Evil Portal library to be used as your own. You can also attempt auto authentication with PortalAuth but the version currently released is unreliable. The next version will be better.

    Yeah, i know but yesterday making that tests running evilportal and portalauth together my EvilPortal was working bad, even after a reboot so i thougth there is conflict between these two because when i make a login into the portal my captive portal doesn't redirect to the internet, reloads itself again and it's neccesary to make a second login and it is very annoying.

    Now i don't know if can get both infusions together... Maybe was only my problem...

  6. I need some more details. Where is your captive portal? Is it on the Pineapple? If so, you shouldn't see it there. The point of the portal tab is to show you a captive portal on the AP that your client radio is connected to so you can authenticate if the auto authentication feature fails.

    EDIT: I'm thinking that maybe you thought the Portal tab was supposed to show you your own portal as it would appear to a victim?

    I thought Portal Auth can be tested with my own captive portal running via evilportal. After run portalauth my captive portal doesn't work properly. I will make a factory reset onto my pineapple and summit here...

  7. Relax guys... Be patience.

    The point of a captive portal is to make a web that requires credentials to submit there and save into pineapple (credentials like 'enter your name' or 'email and password' it depends on you). When someone grab their credentials into your web you let that person surf normally on internet.

    I think i'm not forgetting nothing.

    Sorry for my bad english.

  8. Yeah, you did. Our website isn't pineapple.com though, it's wifipineapple.com.

    Edit: http://www.isup.me/cloud.wifipineapple.com

    Best Regards,


    Lol, what a retard i am...

    Thanks a lot Seb.

    About new firmware...

    Is there any good news about sslstrip, better dnsspoof or better stuff for pentest?

    Edit: congratulations for this update! It's amazing how works PineAP Suite. More speed and stability, thanks guys!!!

  9. Sslstrip sólo funciona con navegadores viejos y desactualizados, también con algunos dispositivos móviles con el navegador por defecto que trae el móvil.

    Contra HSTS se puede usar la nueva versión de sslstrip+ o sslstrip2 más un dnsproxy pero en la piña no hay nada efectivo aún. Seb hace muchas semanas dijo que estaba trabajando en una nueva versión de sslstrip pero aún no hay nada nuevo.

  10. Than you very much Whistle Master.

    I know you don't have many time but maybe you can see why with the new firmware ettercap (command and infusion) doesn't work properly... I think new firmware it's the cause. Or maybe you can make a guide for get a good function for infusion.

  11. I am having many bugs with this infusion:

    Bug 1) I can't scroll down and can't see the log file.

    a) Before turn on the infusion


    b) After run it, when i get my victim's credentials. I can see it partially on home.


    c) At this point when i go to inside the infusion, I can't scroll down and see the log with details and even I can't activate the refresh button.


    Bug 2) After start and stop the infusion i need to type this: echo 1 > /proc/sys/net/ipv4/ip_forward, if not i lose my internet connection.


    Bug(?) 3) Need to change and uncomment the ip_tables rules in /etc/etter.conf. Also change the owner from 65 534 to 0 and i think this will be automatically, not manual. All this changes are to prevent the error: SSL dissection needs a valid ‘redir_command_on’ script in the file etter.conf

    Bug 4) When i run sslstrip i can navigate without problems, a little bit slower but fine. Can get credentials on facebook, gmail, twitter, ebay... But when i run ettercap at same time with sslstrip this infusions make the connection very very slow.

    My browser it's completely clean (cookies, cache...) and my pineapple it's recently restored.

    I think you can help me.

  • Create New...