-
Posts
192 -
Joined
-
Last visited
Posts posted by daniboy92
-
-
What about your redirect.php?
Instead... I think dnsspoof doesn't work with Google Chrome... I try with Chrome in my smartphone and doesn't redirect... I try it with default browser and it works fine...
You can try with Chrome but cleaning cookies, history, and all... And see what's happening.
Also you can try with dhcp file in /etc/conf and nginx.conf file mentioned before...
-
Ok, tried to do this:
It doesn't work with gmail, but works fine with marca.com...I think it's because gmail use SSL, someone knows how to use sslstrip with dnsspoof?
-
Try to clean the browser cache of the victim machine and try again. Some times happens to me when the SSL connection is already stablished before I start dnsspoof.
Good luck~
I deleted all: cookies, cache, history, downloads... All i can clean in the browser...
But only can spoof Facebook.com and example.com
-
Hi,
After try and try to have a dnsspoof working service i have it.
Now i'm trying to spoof multiple webs (facebook, twitter, gmail, hotmail, ebay... etc), but only i can spoof one web, only works with Facebook...
Is there a code on browsers or OS that block spoofing web pages?
This is my dnsspoof's hosts file:
172.16.42.1 example.com
172.16.42.1 *.facebook.*172.16.42.1 *.gmail.*172.16.42.1 *.hotmail.*172.16.42.1 *.twitter.*And this is my redirect file:
<?php
$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];if (strpos($ref, "example")){header('Status: 302 Found');header('Location: example.html');}if (strpos($ref, "facebook")){header('Status: 302 Found');header('Location: facebookES');}if (strpos($ref, "gmail")){header('Status: 302 Found');header('Location: gmailES');}if (strpos($ref, "hotmail")){header('Status: 302 Found');header('Location: hotmailES');}if (strpos($ref, "twitter")){header('Status: 302 Found');header('Location: twitterES');}require('error.php');?>The files aren't htm or html, there are shorcuts to the real htm files... But this is not the problem.
I don't know if there is something wrong in my Redirect.php file, my hosts file or it's a problem to prevents pineapple spoof varius webs at same time...
-
SSLStrip requires traffic to be redirected to it. The only way that you can make this work is by chaining the programs via iptables. I haven't tried it, but technically that works.
Best Regards,
Sebkinne
Can you do a tutorial doing this? This would be awesome use both at same time...
-
The SSLStrip infusion seemed to bypass the DNSSpoof and by looking at teh IP tables I am guessing that is correct. However stopping the infusion it still hangs onto the routing and so you need to delete it for DNSSpoof to work correctly.
So... What we need to work with dnspoof and sslstrip simultaneously without problems?
-
Ok, all it's OK. I find the pineapple-phish.log in /tmp folder. Now set this to my custom log.
Now my pineapple it's working fine and without problems...
All was problems with DNS (thank you Darren) and the nginx.conf file (thanks midnitesnake)
Thank you!!!.
-
/etc/config/dhcp
list 'dhcp_option' '6,172.16.42.1,8.8.8.8' list 'dhcp_option' '6,172.16.42.1,208.67.222.222'
Try removing the ",8.8.8.8" and ",208.67.222.222" parts. Reboot, try again. Wondering if clients are using those DNS servers rather than the preferred 172.16.42.1
Thank you Darren... It works fine for me..
But now i have a issue... Yes, one more time..
Now i can spoof example.com and facebook.com. On facebook.com when i put my username and my password the web redirects correctly to same spoofed web, but in dnsspoof logs i can't see the user and password... What's the piece of this puzzle?
-
I try to change:
server { # php/fastcgi
listen 8080;to
server { # php/fastcgi
listen 80;Even with this doesn't work.
This isn't a USER issue... It's a pineapple issue... Mine pineapple.
-
But that is not my case...
Even when i do a Factory Reset dnsspoof DOESN'T work for me... I only access to my fake webs via IP (172.16.42.1/example.html)... But not putting the domain (www.example.com)...
It's when i install infusions when even doesn't work via IP...
-
I had this issue...
When you are formating your MicroSD via pineapple, you are creating two partitions... One for storage and the other one for swap (If i'm not wrong)... The storage partition was formating badly by the pineapple, so what i did is formating via PC with gparted... Storage to ext4 and other to swap...
This fixed my problem. Probably your pineapple are formating badly your SD and you need to do this via PC.
-
Thank you so much... I will try this. But, we need a valid and definitive configuration for work with this tool without problems with other infusions...I changed the /etc/nginx/nginx.conf file from:
server { # php/fastcgi listen 8080;
toserver { # php/fastcgi listen 80;
Now it works fine. However, beware this may interfere with any other httpd daemons like the captive portal.Darren, Seb, please let us know a solution for this...
-
I was watching your tutorial Darren, it's great, but unfortunately i have all that steps complete without problems...
-
Yes, of course Darren:
test@test-VirtualBox:~$ ifconfig
eth0 Link encap:Ethernet dirección HW 08:00:27:6c:42:32
ACTIVO DIFUSIÓN MULTICAST MTU:1500 Métrica:1
Paquetes RX:0 errores:0 perdidos:0 overruns:0 frame:0
Paquetes RX:0 errores:0 perdidos:0 overruns:0 frame:0 carrier:0
colisiones:0 long.colaTX:1000
Bytes RX:0 80.0 B) TEX bytes:0 (0.0 B)
wlan0 Link encap:Ethernet direcciónHW 00:e0:4c:38:26:20
Direc. inet:192.168.0.5 Difus.:192.168.0.255 Másc:255.255.255.0
Direccón inet6: fe09::ef3:eff4:fe38_2620/64 Alcance:Enlace
ACTIVO DIFUSIÓN MULTICAST MTU:1500 Métrica:1
Paquetes RX:5822 errores:0 perdidos:0 overruns:0 frame:0
Paquetes RX:1222 errores:0 perdidos:0 overruns:0 frame:0 carrier:0
colisiones:0 long.colaTX:1000
Bytes RX:1370711 (1.4 MB) TEX bytes:150480 (150.4 KB)
And this is what shows iwconfig:
test@test-VirtualBox:~$ iwconfig
wlan0 IEEE 802.11bgn ESSID:"Pineapple5_133B"
Mode:Managed Frequency:2.462 GHz Access Point: 00:45:33:B5:13:BB
Bit Rate=72.2 Mb/s Tx-Power20 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:on
Link Quality=70/70 Signal level=-17 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:51 Missed beacon:0
When i navigate into my Ubuntu searching for example.com:
But at same time in my pineapple (today is showing something, yesterday showed nothing)
No matter what device i choose: a virtual machine, a real computer, my Android... I have internet conecction except on webs that i want to spoof...
EDIT: When i start ping to example.com it shows the real example.com's IP... Not pineapple's IP.
-
No darren. It doesn't work after or before... It's just a partial working before install any infusion.Are you saying it's working before you install infusions then not afterwards? If so which infusion is breaking it?
Before install it can redirect to my example.hmtl (with dnspoof running or without it) browsing to 172.16.42.1/example.html, but doesn't work if i type example.com with dnsspoof activating..
Anyway i need a complete redirection from dnsspoof.
So the conclusion is: it doesn't work before or after install pineapple infusion. Even after a Factory Reset.
-
This is ridiculous...
After install my normal infusions (sslstrip, nmap, ettercap, randomroll (this doesn't work...), deauth, evilportal, opkgmanager) i lose completely the option to view via pineapples's IP my test.php and other test for dnsspoof...
It's absolutely annoying and frustrating...
I don't know how to set a validate configuration...
-
One more thing...
When i install DNS UI my capacity for view my own test.php web disappear... After install dnsspoof UI it doesn't redirect me to 172.16.42.1/test.php and can't see test web.
-
Ok, thank you guys!
I'll try this and summit here!
-
Seems to be a problem with dnsspoof on 1.4.1. Verified and send a potential patch to Seb. We'll push an update asap.
Edit: My issue was isolated. Couldn't reproduce. It wasn't a bug with 1.4.1 as tested with fresh fruit. Nor an incompatibility with an installed infusion.
What do you get when you issue the following directly via SSH?
dnsspoof -i br-lan -f /etc/pineapple/spoofhost
Thanks for your answer Darren,
I tried this command via SSH and it is the same... Doesn't redirect and doesn't spoof...
What i do is:
/etc/php.ini
; UNIX: "/path1:/path2";include_path = ".:/php/includes"doc_root = ""user_dir =extension_dir = "/usr/lib/php"enable_dl = On;cgi.force_redirect = 0---> Change this two and set it to 0, before was 1.cgi.force_redirect = 0---->;cgi.nph = 1;cgi.redirect_status_env = ;cgi.fix_pathinfo=1;fastcgi.impersonate = 1;;fastcgi.logging = 0;cgi.rfc2616_headers = 0Create a test.php in /www with: <?php phpinfo(); ?> written ---> To test a php info web.
Then, type 172.16.42.1/test.php---> shows the web perfectly.
Then: touch /www/example.html
echo "Hello Mundo!" > example.html
Then on my Chrome: 172.16.42.1/example.html
Shows my web perfectly...
Then i start via SSH or UI dnsspoof: and doesn't redirect me...
-
Hello,
When i set ON DNSSpoof and i type example.com (i have this file created with a "Hello World" inside) but it doesn't redirect me...
When i type 172.16.42.1/example.html it shows me my fake web page... With or without DNSSpoof activate... But when i activate DNSSpoof doesn't redirect me to my fake page...
I have lastest update firmware...
Internet connection... i don't know why this is failing all time
-
Karma and sslstrip works, but ettercap doesn't start with that command...
-
Thank you Marty! I will test it and will summit here!
-
Hello,
I want to configuring DIP Switches... I want to star Karma, Ettercap and SSLstrip on boot, but i don't know what commands put in pineapple... Hope you can help me.
Thanks! -
Thank you fringes, that was the problem :D
DNSSpoof Doesn't redirect
in WiFi Pineapple Mark V
Posted
Don't touch the index.php file, it's not necessary.
In redirect.php you need to set this values:
<?php
$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($ref, "zombo")){
header('Status: 302 Found');
header('Location: index.html');
}
require('error.php');
?>
You need to changes this parameters and add a new rule for every Web you want to spoof.
Try with this and see what's happening...