Jump to content

daniboy92

Active Members
  • Posts

    192
  • Joined

  • Last visited

Posts posted by daniboy92

  1. If I am right, wlan0 only can use like an AP, of course and as you say wlan1 and wlan2 (if you have an another wireless antenna) should be use to be client or use for deauth and similar actions, no matter if the infusion offers you wlan0 for that, probably you will get bad results if you use wlan0 like AP and to perform attacks. You must use wlan1 or wlan2.

  2. Thanks all! Yes, that was what i tried, looking into the html code. I get post-login action redirects to error.php, all I need is modify that fields... Actually I locate it, I proof changing it but it doesn't show in log... I need to try some different variables in these fields...

    I'll post the results.

    If anyone can give me more details about that words I need... It will be awesome.

  3. Hi,

    I'm a little more near from my goal...

    Now i can spoof all webs, no matter if it's ssl or not... Or if they are previously hard cached (that webs i mean).

    Now, my question is: how can i get all emails and passwords from dnsspoof?

    I edit the hmtl from facebook.com that i have stored and i can see all emails and passwords from victim, but other webs that actually i'm spoofing, when i fill email and passwords it doesn't show in /tmp/pineapple-phish.log... Only works with facebook.com because i modify from this tutorial

    (go to 3:55 in the video to see that modifications...)

    For example, i want to spoof paypal.com: turn on dnsspoof, victim connects to my AP... He goes to paypal.com, put his email and password... But, i can't see it in my pineapple-phish.log... How can we get the email and passwords? This is my questions.

    Actually i only see this fields with facebook.com...

    Sorry for bad english.

    Regards.

  4. root@Pineapple:~# iptables -t nat -A PREROUTING -p tcp -dport 80 -j DNAT to-dest

    ination 172.16.42.1

    Bad argument `80'

    Try `iptables -h' or 'iptables --help' for more information.

    This is the results of:

    iptables -t nat -A PREROUTING -p tcp -dport 80 -j DNAT to-destination 172.16.42.1

    I can't set the IPTables rule...

  5. I'm investigating many ways to spoof a web, but unfortunately dnsspoof it's outdated... It only works with an old browser or webs that i don't have any interest to spoof...

    One day, Darren writes this:

    These limitations could potentially be overcome with iptables rules to redirect the IP traffic rather than the DNS queries. Meaning if example.com is cached as 93.184.216.119 and you reroute that IP to 172.16.42.1 it wouldn't matter if the browser has DNS cached or not.


    This is the link:
    https://forums.hak5.org/index.php?/topic/33101-dnsspoof-success-rate/#entry247268

    I don't know how to do this, i'm am a noob with IP Tables, i don't have how to do this...

    Hope someone can help me.

    Sorry for bad english.

  6. @factgasm: this is not realistic, but if you want to set a valid test, you need to clean it because webs previously visited has the ssl connection established, if you don't do this, you won't spoof this webs.

    So... If the victim has his browser completely empty is another history. The theory is that you are using this for a spoiled hacking, with knowledge from your victim. If he don't have knowledge, obviously it's very difficult to hack them.

  7. You're welcome cheeto.

    Factgasm, it's very logical what are you saying... I think there is a little problem with dnsspoof functionality. I want to see a video from Darren spoofing sites like Gmail, Hotmail, Yahoo... (I don't know why I can spoof facebook.com that uses ssl but not this webs)... And spoofing multiple sites at same time, this will be interesting.

  8. @cheeto I had your issue two weeks ago... Just set a Factory Reboot from Configuration menu and do all things cleanly... Even delete the DNS from the dhcp.conf file from Darren's answer. And I recommend you probe it without dnsspoof infusion. It's important that you use a browser without data like cookies, cache, history... I hope this can help you.

  9. Ok guys I followed the instructions and still can't get it to go.

    Please check out my video.

    https://mega.co.nz/#!2ddFHQSS!-v-LFs3GfZ2u-7CpbvuYhKFp_XC2t1UBnsoip9aJZoA

    Thanks again!!!,

    cheeto

    Cheeto, do have installed captive files in dnsspoof infusion? If it's installed you need to change in /etc/nginx/nginx.conf

    server { # php/fastcgi

    listen 8080;

    To:

    server { # php/fastcgi

    listen 80;

    Try this and if it doesn't work I recommend reboot to factory settings and do all this steps again.

  10. THANK you guys SOOOO MUCH!

    I'm at work at the moment but as soon as I get home, I'm going to apply these changes.

    Regarding the index.html I don't recall my Mkv coming with it. The index.html in the www directory was put there by me. I guess I could always re-flash it to make sure everything is set to stock mode.

    Here's my objective:

    I want to make a fake gmail / facebook login screens and have the victim enter the credentials and have the information saved in a file. Sort of like Ghost Phisher (amazing script!!!)

    Of course, this easier said than done. I assume that I will need a php script to save the credentials onto a file. Is there an easy way around this?

    Given the sslstrip limitations, I think this would be the best alternative.

    I'll get back to you with the results.

    Thanks again guys!!!

    cheeto

    Ok, but there is a little problem with this... It seems ssl's websites doesn't work with dnsspoof... If you read my latest post, i can spoof webs without ssl protocol, with ssl protocol only can spoof facebook.com... That is why i want to use sslstrip and dnsspoof together, because I want to remove ssl protection and then spoof the Web (yes, I try it with Gmail, Hotmail and webs like these and can't spoof it). Maybe for you works fine, probe it and summit here, I'm enjoying with these reports.
×
×
  • Create New...