Jump to content

johnsteiner

Active Members
  • Posts

    21
  • Joined

  • Last visited

Recent Profile Visitors

519 profile views

johnsteiner's Achievements

Newbie

Newbie (1/14)

  1. To be honest python on the mk5 is a pain in the a** ;-) So to get dns2proxy and sslstrip+ (or as they call it now sslstrip2) running i think the pineapple supergods have to jump in....;-)
  2. to be honest i never ever used the lan connection - the whole internet sharing thing - in my opinion a nightmare ;-) - so i 100% agree with barry99705
  3. ...tested it with mk5. works without nodogsplash. even more stable and top likes it also. now the most hungry process is pinejector. be aware, if you remove index.php out of nginx.conf, you have to explicitly open http://172.16.42.1:1471/index.php when you want to access admin ui. the other way (i am testing this now) is to leave index.php in place in nginx.conf (in parallel with splash.html or whatever your splash is) and remove index.php from within /www. don´t forget to /etc/init.d/nginx restart every time you touch this file.
  4. Got it. I KNEW it was something with the landing page ;-) The splash thinga somehow has a problem with php, so i edited the uhttpd (i used a mk 4 for testing, didn´t want to screw up my working mk5, i guess this will work on the mk 5 using nginx config as well, will test the next days) and told him the *only* landing page is my splash.html (i created a splash.html inside /www). i removed the index.php and also all the other alternative landing pages in the web server config file. so in the splash.html i did not used any php. i also noticed this pseudo browser popping up on ios devices seems to have a problem not only with php but also with images located in other directories and also images which are referenced just as their name directly. the solution was to embed the image like this: img src="http://172.16.42.1/bla.jpg" width="505" height="562" border="0" That worked for me. dnsspoof was not necessary. What WAS necessary was your nat rules (i used the 80 and also the 53 udp+tcp - have to try if the 80 only is enough - was too lazy ;-)) Also what was essential is the modification with dnsmasq so the pineapple itsself thinks everything is located outside his scope. So - WOW - i guess we have found a way a) splashing without nodogsplash and b) without internet connection ;-)
  5. Hmmmm, that sounds very interesting. a very simplistic approach - i like that very much ;-) It seems to work (IOS) at first (it opens the pseudo browser) but then says 502 bad gateway. What is your landing page in /www ? I located an index.html and also a splash.html in /www but it seems the client is "looking" for something else.
  6. a) yes, Android/IOS captive portal detection. b) correct. try that. bring everything on, wait about 5 mins, refresh your dns cache on client and browser cache, try it out. works for me. many times reproduced now. If it says bad gateway, give it some time, leave network and rejoin, try again. i don´t know by now why that behaviour occurs (maybe a performance thing or a race condition between dnsmasq and dnsspoof) but after about 5 mins it does the trick.
  7. OK i did a few tests - it totally works - as crazy as this "construct" is - yay ;-)
  8. you are right - but nodogsplash will appear whatever happens when joining the network - even if the user does nothing. btw. i think i found a way to get nodogsplash working WITHOUT internet connection. The technique its totally crazy - i will do a few tests.... the main idea is this: somehow nodogsplash doesn´t care about standard gateway or dns in general. WHAT it cares about seems to be if dns responses point to 172.16.42.1 (he himself) or somewhere else on the internet (e.g. 1.2.3.4). SO the network of the pineapple has to say....hey...whatever dns request comes in...i will forward to 1.2.3.4. That is enough for nodogsplash to be happy. Now on the other hand, you want your clients to get dns replies pointing to 172.16.42.1. Hmmmm - how to do THAT? The secret is using dnsmasq and dns spoofing at the same time together in parallel. Dnsmasq has to be configured to forward anything you give him to 1.2.3.4 (or whatever you like on the internet). At the same time, dns spoofing has to be configured to 172.16.42.1, so the clients will be served by the pineapple. in parallel, the nat rules you gave me must be in place. That way - nodogsplash will slash - even when NOT connected to the internet
  9. Hi, yep, thanks, i will also give this a try (i will give your idea a try, no splasher but direct, but i assume, the browser will drop ssl connections and will not use default pages located in www when client forces ssl, because of hsts) My other question - autostart pineap, dogma, beacon response, harvester - any idea how to do that - is there a script located somewhere which we simply can trigger (e.g. via dip switches)? best, John
  10. yeah me too ;-) but one question: did you actually test this with your own pineapple or did you just use theory? because if you managed nodogsplash WITHOUT internet connection - that would be something new - i found NO ONE (i googled a lot) who did the trick.....
  11. yep. only when i direct access an ip like http://1.2.3.4 the splash opens at once.
  12. aah /etc/config/dhcp config 'dnsmasq' option 'domainneeded' '1' option 'boguspriv' '1' option 'filterwin2k' '0' option 'localise_queries' '1' option 'rebind_protection' '1' option 'rebind_localhost' '1' option 'local' '/lan/' option 'domain' 'lan' option 'expandhosts' '1' option 'nonegcache' '0' option 'authoritative' '1' option 'readethers' '1' option 'leasefile' '/tmp/dhcp.leases' option 'resolvfile' '/tmp/resolv.conf.auto' config 'dhcp' 'lan' option 'interface' 'lan' option 'start' '100' option 'limit' '150' option 'leasetime' '12h' option 'ignore' '0' list 'dhcp_option' '3,172.16.42.1' list 'dhcp_option' '3,172.16.42.1' list 'dhcp_option' '6,172.16.42.1' list 'dhcp_option' '6,172.16.42.1'
  13. hu? there is no /etc/dhcp what do you mean by my dnsmasq.conf - what is missing? the dnsmasq works. from within ssh i could ping asldfgksdf.sdfgsdfg and it resolves 172.16.42.1 quite ok.
  14. i think it has to do with the standard gateway. if connected to internet, a standard gateway is in place and working. if not, there is not. i tried using standardgateways of NONE, 172.16.42.1 - all with no luck.
×
×
  • Create New...