Jump to content

daniboy92

Active Members
  • Posts

    192
  • Joined

  • Last visited

Everything posted by daniboy92

  1. This is a great idea ?, it's more effective for the community.
  2. Yes, maybe. I don't know why we can choose wlan0 for doing that things.
  3. Thanks for tip. I'm really confuse about how works PineAP, maybe someone can do a little tutorial or explanation while Darren uploads a videotutorial for this...
  4. If I am right, wlan0 only can use like an AP, of course and as you say wlan1 and wlan2 (if you have an another wireless antenna) should be use to be client or use for deauth and similar actions, no matter if the infusion offers you wlan0 for that, probably you will get bad results if you use wlan0 like AP and to perform attacks. You must use wlan1 or wlan2.
  5. I can install infusions in my MicroSD without problems. I don't know what it can be.
  6. I proving it now and this is awesome! It works perfectly, thanks @Smarty for your help and your ideas! Now i can spoof any web what i want!
  7. Just broke my MicroSD... F*ck shit of MicroSD :@ I'll replace it tomorrow... ¬¬
  8. Wow Smarty, that's amazing man! Thanks for sharing this with me. I will try this now!
  9. Thanks all! Yes, that was what i tried, looking into the html code. I get post-login action redirects to error.php, all I need is modify that fields... Actually I locate it, I proof changing it but it doesn't show in log... I need to try some different variables in these fields... I'll post the results. If anyone can give me more details about that words I need... It will be awesome.
  10. Yes, yes.. I know, but i'm here to learn, that's why i ask to people who can give me ideas... I'm not a professional, i'm a newbie triying to learn something. Thanks for your answer.
  11. That's the question... I'm trying to find that code but I can't, simply I was looking for it but I can't see it... Any clue to get websites doesn't hide email and passwords?
  12. Hi, I'm a little more near from my goal... Now i can spoof all webs, no matter if it's ssl or not... Or if they are previously hard cached (that webs i mean). Now, my question is: how can i get all emails and passwords from dnsspoof? I edit the hmtl from facebook.com that i have stored and i can see all emails and passwords from victim, but other webs that actually i'm spoofing, when i fill email and passwords it doesn't show in /tmp/pineapple-phish.log... Only works with facebook.com because i modify from this tutorial (go to 3:55 in the video to see that modifications...)For example, i want to spoof paypal.com: turn on dnsspoof, victim connects to my AP... He goes to paypal.com, put his email and password... But, i can't see it in my pineapple-phish.log... How can we get the email and passwords? This is my questions. Actually i only see this fields with facebook.com... Sorry for bad english. Regards.
  13. Yes!!! It works perfectly!!! Now i can redirect all webs i want! Thanks you guys.
  14. This is the results of: I can't set the IPTables rule...
  15. Thanks for your quick answer KiatoGS, i will try this and summit here.
  16. I'm investigating many ways to spoof a web, but unfortunately dnsspoof it's outdated... It only works with an old browser or webs that i don't have any interest to spoof... One day, Darren writes this: This is the link: https://forums.hak5.org/index.php?/topic/33101-dnsspoof-success-rate/#entry247268 I don't know how to do this, i'm am a noob with IP Tables, i don't have how to do this... Hope someone can help me. Sorry for bad english.
  17. @King_Hrothgar and what about sites with ssl protocol? Can you spoof webs like Gmail, Hotmail, Twitter...? I'm asking you because I can't spoof sites with ssl except Facebook.
  18. I mean browser's victim. Your own browser doesn't matter.
  19. @factgasm: this is not realistic, but if you want to set a valid test, you need to clean it because webs previously visited has the ssl connection established, if you don't do this, you won't spoof this webs. So... If the victim has his browser completely empty is another history. The theory is that you are using this for a spoiled hacking, with knowledge from your victim. If he don't have knowledge, obviously it's very difficult to hack them.
  20. You're welcome cheeto. Factgasm, it's very logical what are you saying... I think there is a little problem with dnsspoof functionality. I want to see a video from Darren spoofing sites like Gmail, Hotmail, Yahoo... (I don't know why I can spoof facebook.com that uses ssl but not this webs)... And spoofing multiple sites at same time, this will be interesting.
  21. @cheeto I had your issue two weeks ago... Just set a Factory Reboot from Configuration menu and do all things cleanly... Even delete the DNS from the dhcp.conf file from Darren's answer. And I recommend you probe it without dnsspoof infusion. It's important that you use a browser without data like cookies, cache, history... I hope this can help you.
  22. Cheeto, do have installed captive files in dnsspoof infusion? If it's installed you need to change in /etc/nginx/nginx.conf To: Try this and if it doesn't work I recommend reboot to factory settings and do all this steps again.
  23. Thanks cheeto, but i can't spoof webs with ssl protection. I want to remove ssl with sslstrip and try to spoof them. Personally I can't spoof webs like Gmail, Hotmail, PayPal, Ebay... Only Facebook that use ssl. Tell me if you can.
  24. Ok, but there is a little problem with this... It seems ssl's websites doesn't work with dnsspoof... If you read my latest post, i can spoof webs without ssl protocol, with ssl protocol only can spoof facebook.com... That is why i want to use sslstrip and dnsspoof together, because I want to remove ssl protection and then spoof the Web (yes, I try it with Gmail, Hotmail and webs like these and can't spoof it). Maybe for you works fine, probe it and summit here, I'm enjoying with these reports.
  25. Can someone make a tutorial for use dnsspoof and sslstrip at same time?
×
×
  • Create New...