daniboy92

I'm a little more near from my goal... With your modifications i get a email and created the file perfectly!! The only thing i need it's to make this html send the password fields and register in the same txt.... Because the password information it's not sending... I don't know why. So... there is something wrong in the part of sending password information.

Thanks man. Now this two are fixing... And what about this script? I don't know if i am sending and collecting fine the information from that two fields "email" "password. This is how my web looks:

Can you help me with this html? It's another html web, and i have all in order: capture.php in /www folder, 'post' method aiming to http://172.16.42.1/capture.php, but i can't get a working phishing web... This is the thread: https://forums.hak5.org/index.php?/topic/33553-help-me-with-this-html-code/ Thanks a lot for all your support newbi3.

Hi, I have problems with a html web. I want a html for summit a loggin information with Evil Portal infusion. Now this html can redirect normally but it doesn't save email and password. I think i'm missing something in this code because i don't have many knowledge about html programming... This is my html code: this is my capture.php: The location for this file is in /www folder. I don't know if its's a code problem or just a location problem from my capture.php. Hope someone can help me.

And what's the correct place to this file? /www folder?

Thanks newbi3. 'Capture' it's an url in the same folder of my splash.html, it's aiming to capture.php in my SD.

About Evilportal's notifications newbi3 says it's a infusion problem, soon he will be fix that javascript code in the notifications.

Someone?

I don't know it ,thanks! I will search it and summit here if i have it or notn

Hi everyone, Just a quick answer: how can i sniff a password an email with a portal with authentication?

Can you post your 'process-form-data.php' for me? I want it for a Captive Portal.

Have you tried using a iptable rule for redirect the http traffic to pineapple?

Here: https://forums.hak5.org/index.php?/topic/33499-tut-how-to-get-a-working-dnsspoof/?view=getnewpost

It's done Kerry!

I create a little tutorial with few tips, maybe you can search there and try that tutorial.

I'll try to make a little tutorial for dnsspoof, maybe it will be ready today. Just a personal tips to get a working dnsspoof.

Contact me vía PM

And... We can not falsificate a valid cert? (Stupid question, sorry)

Yes, sometimes when I tether my android with the pineapple ?, it's disconnects from pineapple, but the USB cable it's plugged...

Yes, pineapple ? do it, but generate a cert that it's detect like fake cert... Tried that other method but it doesn't work... And... What about WhatsApp sniffing? Someone knows how to get a working sslsplit for this?

I was testing it with my phone ? just for sniff WhatsApp's conversations, but it doesn't show anything. Maybe you can do it with your stuff.

Unfortunately these logs are very hard to explore. When I was browsing 10 minutes, many lines with ininteligible characters appears and a few appears readable... Sslsplit it's more recently than sslstrip, but like the other it seems than the actual browsers detects it and doesn't let the victim navigate more... Also, I can't see what's the utility with WhatsApp, that have a command line in configuration of this infusion. Maybe we need more tests. I am very newbie with this infusion, but it seems uneffective with new and upgrade browsers. Sorry for bad English.

Hello everyone, I was playing with sslsplit, trying to get some passwords with my phone as a victim. I have two little problems... 1) How to generate a valid ssl cert to avoid Browser's warning... 2) How can i sniff my whatsapp? I've read that sslsplit can do something with Whatsapp, but i was trying and nothing happends. Sorry if i am doing stupids questions. Thanks for advance. One more thing... 3) Webs doesn't show properly, it only shows words, but not images,

Just go to "History" into Sslsplit infusion and select "View" or "Download" and search carefully for an email and pass... If you don't find anything just nothing put or use their email and pass, maybe people only navigate without a login. And thesugarat is rigth, but we can't control what people do with their own Pineapples.

If i run sslstrip alone it doesn't show webs correctly, but if i run sslstrip+ettercap both, in ettercap's GUI i can show email and passwords perfectly and webs load fine. Maybe you should try this.