Jump to content

daniboy92

Active Members
  • Posts

    192
  • Joined

  • Last visited

Posts posted by daniboy92

  1. Don't touch the index.php file, it's not necessary.

    In redirect.php you need to set this values:

    <?php

    $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];

    if (strpos($ref, "zombo")){

    header('Status: 302 Found');

    header('Location: index.html');

    }

    require('error.php');

    ?>

    You need to changes this parameters and add a new rule for every Web you want to spoof.

    Try with this and see what's happening...

  2. What about your redirect.php?

    Instead... I think dnsspoof doesn't work with Google Chrome... I try with Chrome in my smartphone and doesn't redirect... I try it with default browser and it works fine...

    You can try with Chrome but cleaning cookies, history, and all... And see what's happening.

    Also you can try with dhcp file in /etc/conf and nginx.conf file mentioned before...

  3. Hi,

    After try and try to have a dnsspoof working service i have it.

    Now i'm trying to spoof multiple webs (facebook, twitter, gmail, hotmail, ebay... etc), but only i can spoof one web, only works with Facebook...

    Is there a code on browsers or OS that block spoofing web pages?

    This is my dnsspoof's hosts file:

    172.16.42.1 example.com

    172.16.42.1 *.facebook.*
    172.16.42.1 *.gmail.*
    172.16.42.1 *.hotmail.*
    172.16.42.1 *.twitter.*

    And this is my redirect file:

    <?php

    $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    if (strpos($ref, "example")){
    header('Status: 302 Found');
    header('Location: example.html');
    }
    if (strpos($ref, "facebook")){
    header('Status: 302 Found');
    header('Location: facebookES');
    }
    if (strpos($ref, "gmail")){
    header('Status: 302 Found');
    header('Location: gmailES');
    }
    if (strpos($ref, "hotmail")){
    header('Status: 302 Found');
    header('Location: hotmailES');
    }
    if (strpos($ref, "twitter")){
    header('Status: 302 Found');
    header('Location: twitterES');
    }
    require('error.php');
    ?>

    The files aren't htm or html, there are shorcuts to the real htm files... But this is not the problem.

    I don't know if there is something wrong in my Redirect.php file, my hosts file or it's a problem to prevents pineapple spoof varius webs at same time...

  4. SSLStrip requires traffic to be redirected to it. The only way that you can make this work is by chaining the programs via iptables. I haven't tried it, but technically that works.

    Best Regards,

    Sebkinne

    Can you do a tutorial doing this? This would be awesome use both at same time...

  5. The SSLStrip infusion seemed to bypass the DNSSpoof and by looking at teh IP tables I am guessing that is correct. However stopping the infusion it still hangs onto the routing and so you need to delete it for DNSSpoof to work correctly.

    So... What we need to work with dnspoof and sslstrip simultaneously without problems?

  6. Ok, all it's OK. I find the pineapple-phish.log in /tmp folder. Now set this to my custom log.

    Now my pineapple it's working fine and without problems...

    All was problems with DNS (thank you Darren) and the nginx.conf file (thanks midnitesnake)

    Thank you!!!.

  7. /etc/config/dhcp

            list 'dhcp_option' '6,172.16.42.1,8.8.8.8'
            list 'dhcp_option' '6,172.16.42.1,208.67.222.222'
    
    

    Try removing the ",8.8.8.8" and ",208.67.222.222" parts. Reboot, try again. Wondering if clients are using those DNS servers rather than the preferred 172.16.42.1

    Thank you Darren... It works fine for me..

    But now i have a issue... Yes, one more time..

    Now i can spoof example.com and facebook.com. On facebook.com when i put my username and my password the web redirects correctly to same spoofed web, but in dnsspoof logs i can't see the user and password... What's the piece of this puzzle?

  8. But that is not my case...

    Even when i do a Factory Reset dnsspoof DOESN'T work for me... I only access to my fake webs via IP (172.16.42.1/example.html)... But not putting the domain (www.example.com)...

    It's when i install infusions when even doesn't work via IP...

  9. I had this issue...

    When you are formating your MicroSD via pineapple, you are creating two partitions... One for storage and the other one for swap (If i'm not wrong)... The storage partition was formating badly by the pineapple, so what i did is formating via PC with gparted... Storage to ext4 and other to swap...

    This fixed my problem. Probably your pineapple are formating badly your SD and you need to do this via PC.

  10. I changed the /etc/nginx/nginx.conf file from:

    server { # php/fastcgi
    listen 8080;
    
    to

    server { # php/fastcgi
    listen 80;
    
    Now it works fine. However, beware this may interfere with any other httpd daemons like the captive portal.
    Thank you so much... I will try this. But, we need a valid and definitive configuration for work with this tool without problems with other infusions...

    Darren, Seb, please let us know a solution for this...

  11. Yes, of course Darren:


    test@test-VirtualBox:~$ ifconfig

    eth0 Link encap:Ethernet dirección HW 08:00:27:6c:42:32

    ACTIVO DIFUSIÓN MULTICAST MTU:1500 Métrica:1

    Paquetes RX:0 errores:0 perdidos:0 overruns:0 frame:0

    Paquetes RX:0 errores:0 perdidos:0 overruns:0 frame:0 carrier:0

    colisiones:0 long.colaTX:1000

    Bytes RX:0 80.0 B) TEX bytes:0 (0.0 B)

    wlan0 Link encap:Ethernet direcciónHW 00:e0:4c:38:26:20

    Direc. inet:192.168.0.5 Difus.:192.168.0.255 Másc:255.255.255.0

    Direccón inet6: fe09::ef3:eff4:fe38_2620/64 Alcance:Enlace

    ACTIVO DIFUSIÓN MULTICAST MTU:1500 Métrica:1

    Paquetes RX:5822 errores:0 perdidos:0 overruns:0 frame:0

    Paquetes RX:1222 errores:0 perdidos:0 overruns:0 frame:0 carrier:0

    colisiones:0 long.colaTX:1000

    Bytes RX:1370711 (1.4 MB) TEX bytes:150480 (150.4 KB)

    And this is what shows iwconfig:

    test@test-VirtualBox:~$ iwconfig

    wlan0 IEEE 802.11bgn ESSID:"Pineapple5_133B"

    Mode:Managed Frequency:2.462 GHz Access Point: 00:45:33:B5:13:BB

    Bit Rate=72.2 Mb/s Tx-Power20 dBm

    Retry long limit:7 RTS thr:off Fragment thr:off

    Encryption key:off

    Power Management:on

    Link Quality=70/70 Signal level=-17 dBm

    Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0

    Tx excessive retries:0 Invalid misc:51 Missed beacon:0

    When i navigate into my Ubuntu searching for example.com:

    OJ0YQ0n.jpg

    But at same time in my pineapple (today is showing something, yesterday showed nothing)

    mojh1ZX.jpg

    No matter what device i choose: a virtual machine, a real computer, my Android... I have internet conecction except on webs that i want to spoof...

    EDIT: When i start ping to example.com it shows the real example.com's IP... Not pineapple's IP.

  12. Are you saying it's working before you install infusions then not afterwards? If so which infusion is breaking it?

    No darren. It doesn't work after or before... It's just a partial working before install any infusion.

    Before install it can redirect to my example.hmtl (with dnspoof running or without it) browsing to 172.16.42.1/example.html, but doesn't work if i type example.com with dnsspoof activating..

    Anyway i need a complete redirection from dnsspoof.

    So the conclusion is: it doesn't work before or after install pineapple infusion. Even after a Factory Reset.

  13. This is ridiculous...

    After install my normal infusions (sslstrip, nmap, ettercap, randomroll (this doesn't work...), deauth, evilportal, opkgmanager) i lose completely the option to view via pineapples's IP my test.php and other test for dnsspoof...

    It's absolutely annoying and frustrating...

    I don't know how to set a validate configuration...

  14. Seems to be a problem with dnsspoof on 1.4.1. Verified and send a potential patch to Seb. We'll push an update asap.

    Edit: My issue was isolated. Couldn't reproduce. It wasn't a bug with 1.4.1 as tested with fresh fruit. Nor an incompatibility with an installed infusion.

    What do you get when you issue the following directly via SSH?

    dnsspoof -i br-lan -f /etc/pineapple/spoofhost
    

    Thanks for your answer Darren,

    I tried this command via SSH and it is the same... Doesn't redirect and doesn't spoof...

    What i do is:

    /etc/php.ini

    ; UNIX: "/path1:/path2"
    ;include_path = ".:/php/includes"
    doc_root = ""
    user_dir =
    extension_dir = "/usr/lib/php"
    enable_dl = On
    ;cgi.force_redirect = 0---> Change this two and set it to 0, before was 1.
    cgi.force_redirect = 0---->
    ;cgi.nph = 1
    ;cgi.redirect_status_env = ;
    cgi.fix_pathinfo=1
    ;fastcgi.impersonate = 1;
    ;fastcgi.logging = 0
    ;cgi.rfc2616_headers = 0

    Create a test.php in /www with: <?php phpinfo(); ?> written ---> To test a php info web.

    Then, type 172.16.42.1/test.php---> shows the web perfectly.

    Then: touch /www/example.html

    echo "Hello Mundo!" > example.html

    Then on my Chrome: 172.16.42.1/example.html

    Shows my web perfectly...

    Then i start via SSH or UI dnsspoof: and doesn't redirect me...

  15. Hello,

    When i set ON DNSSpoof and i type example.com (i have this file created with a "Hello World" inside) but it doesn't redirect me...

    When i type 172.16.42.1/example.html it shows me my fake web page... With or without DNSSpoof activate... But when i activate DNSSpoof doesn't redirect me to my fake page...

    I have lastest update firmware...

    Internet connection... i don't know why this is failing all time

×
×
  • Create New...