Jump to content

Search the Community

Showing results for tags 'Dnsspoof'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

  1. Module: DNSspoof Version: 1.3 Features: Manage dependencies Configure hosts file Live output Run History Change log: 1.3 Bug fixes
  2. Hi all, I'm trying to spoof dns in a static network based on the original script. So far, I've spent hours on it without any results - and I don't know why... From my understanding, I would have to do it as such: Let's say I have a network in 192.168.1.0/24 with one router in 192.168.1.1 and my host is 192.168.1.50. 1) set a static IP on eth0 which mimics the router (example: 192.168.1.1) --> uci set network.lan.ipaddr="192.168.1.1" 2) set a static IP on eth1 which mimics my host on the network (example: 192.168.1.50) --> uci set network.wan.ipaddr="192.168.1.5
  3. having a few problems with the wifi pineapple nano. I have set it all up and it seems to be okay with regards to scanning as it is pulling networks back as it should. However there are a couple problems I am encountering which I am loosing the will to live over! 1) I have downloaded the DNSspoof module. I am trying to make it so that I can direct a specific host trying to get to a specific website redirected to a webpage of my choice, or even better a website that I have created (knocked up for educational purposes) however I cannot seem to update any of the details on the module.
  4. Just curious if its possible to use the Social Engineering Toolkit with the Wifi Pineapple. Here is what i am thinking about but due to my hardware limitations at the moment and my friend who i test this stuff with is on holiday with his family i can not test this legally and i would never break the law so right now i am unable to test this out and i keep thinking about it and the more i think about it the more i want to know if its possible. I have say a Wifi Pineapple Nano or Tetra as it doesn't matter which one and a laptop running Kali Linux with the Social Engineering toolkit in
  5. Hi, I did a pentest in a LAN, some weird things happened. This LAN is a little unusual, there are two routers, say A and B, A is directly connected to an optical fiber, doing PPPoE, to the WAN, it has a gateway of 192.168.1.1, B is connected to A, wireless router, with a gateway of 192.168.0.1. All the clients and my Kali machine are connected to B. Target has an IP of 192.168.0.104 Here is what I did with Kali, I use the following to arp spoof the target and router B arpsoof -i eth0 -t 192.168.0.1 192.168.0.104 arpsoof -i eth0 -t 192.168.0.104 192.168.0.1 sysctl -w ne
  6. Hi, I m new to pentesting. I have got my pineapple nano last month. i have been learning by watching tutorials available on internet since then. Most of the material available is related to the nano's predecessors. And i have found that some of them dont work anymore or i m not being guided appropriately. Modules like SSLsplit, DNSspoof, DNSMasq Spoof, Evil portal etc dont seem to work anymore. Like SSLsplit and DNSMasq dont seem to work in case of https sites. On browsers like chrome, firefox etc. the sites like facebook, gmail, etc. dont even open when i try to dnsspoof, and secondly the da
  7. just got the nano it works great i have had many pineapple but this one is the best Love The Phone app however when do we get the modules it says coming soon i cant use any of the other cool functions outside the old modules standalone ssl strip and the many cool apps just want to know when this will be updated so i can have more fun Thanks !
  8. Hi pineapple people. So I'm using dnsspoof in my mark 5 and after lots of beginner trial and error I managed to build a nice looking fully functioning phishing site that is designed to log wifi creds. So now that I have this site working and loaded into the pnpl web server I'm trying to figure out how to force a specific AP into client mode so that I can run this phishing site against said specific AP. Hypothetically i would like network A to link with the pineapple in client mode but exclude networks C, D, E, F.... ect. I understand that you can do something like this with karma whitelis
  9. Why don't we use the innate ability of dnsmasq to spoof hosts instead of dnsspoof? I noticed that the pineapple would reply to my queries twice when using dnsspoof (instead of once as I expected). After some research http://blog.philippheckel.com/2013/07/18/how-to-dns-spoofing-with-a-simple-dns-server-using-dnsmasq/ I noticed that is it 1. entirely possible thus moving away from the hit and miss of dnsspoof and 2. would make it much neater. Should we look into creating an infusion maybe? Wishing you all well, Cristian
  10. Dear Hak5 Community, Whilst playing around with the Wifi Pineapple MK5 -> dnsspoof and I noticed that whilst I would receive the spoofed reply, dnsmasq would also send the correct record. I then started investigating dnsmasq and I noticed that it is possible to use it in order to spoof hosts directly. The problem I have with dnsspoof is that sometimes the browser would get the correct reply thus making this module less useful. When using dnsmasq the success rate is 100%. Do any of you know why we are not dropping dnsspoof and use dnsmasq instead? I have a proof of concept infusion, but bef
  11. Hello everyone, I have create a very simple html which is the only page i want my clients to see. Like a captive portal but not intrested in giving them internet connection. I am having problems with nodogsplash which does not redirect any traffic when my pineapple is not connected to the internet. I know i can use "Evil Portal" but i am trying to make this manual. I also noticed that nodogsplash is at 0.9_beta9.9.9 but opkg brings 0.9_beta9.9.6 (not only pineapple, openwrt too) Does the pineapple have to be connected to the internet for nodogsplash to work? Is there a way to replicate the i
  12. Hello pineapple community. I'm having trouble with my mark v dnsspoof. I wrote my own html that pulls credentials from a form and posts them up to a PHP function located in a separate file. Flow looks like this: Index.html redirect >> main.html >> form >> login.php(data logged) >> redirect >> back to main.html. The idea is that the page loads, which once spoofed it does very nicely. But then I push the submit button, the information posts to the PHP and I get a 404E. Everything is there in html but once directed at any .PHP it 404E's. I fallowed the phishi
  13. Hi everyone, As I just recieved my pineapple mark IV, some questions come to me... With the implementation of hsts, sslstrip became a little bit inefficient... (even if I can harvest some of my credentials). I'd like to know a few things : Does someone already test dns2proxy with sslstrip2 from Leonardo Nve ? https://github.com/LeonardoNve How does it works? Cause i'm quite new to this, and i wasn't able to make them work together on my computer. It's ok for the dns which redirect sites to a fake adress when i do a nslookup (like facebook pointing to 192.168.0.123) but sslstrip didn't ret
  14. I am attempting to perform a MitM-style attack from my machine (MacBook Pro running 64-Bit Kali), by means of ARP-poisoning the communication between my router and my targetted machine (a MacBook Air running OSX Mavericks) on my WLAN (WPA2-secured network). In addition, I would like to employ a dns_spoof. I am using a combination of the following: - SSLStrip - Ettercap (with the dns_spoof plugin enabled). - urlsnarf - Wireshark (for examining post-test PCAP results) The commands I perform are as follows: iptables --flush iptables --table nat --flush iptables --delete-chain iptables --tab
  15. Hi there.. I am wondering if i can run dnsspoof and deauth to make any clients that they are already connected to a network to disconnect and connect to my karma pineapple. I am using MacOS and Mark V. Thank you for your help!
  16. Hi, I'm trying to set up the Pineapple (firmware 2.0.3) as an access point (no Karma at all, just a single SSID) and display a simple page when wireless clients look for some specific websites. This sounds pretty easy to do. I first have to make the Pineapple connect to an access point with wlan1 to route all the traffic. Then use dnsspoof and make a few host entries (eg: 172.16.42.1 website.com) for the websites I want clients to be redirected to and finally, modifying redirect.php to what I want to display. The routing/forwarding part works, it's a bit slow but it works (I guess due to th
  17. Hello , i am currently working on MITM attacks and i am trying to redirect websites to my computer through dnsspoof and the problem is that ,although it is picking up traffic and i can see it registers all sites the victim is visiting , it is still letting the victim connect to the website instead of redirecting it to me. Here is a my procedure: -firstly i created a mon0 interface form wlan0 wireless card -i started up my access point [ airbase-ng --essid mitm -c 11 mon0 ] -then i created a bridge between at0 and eth0 : brctl addbr mitm-bridge brctl addif mitm-bridge eth0 brctl addif
  18. Hi there, is there anyone can help me with a spey by step guide for using dnsspoof with the mark V? i tried few tutorials but i have not idea, is not really working! thank you in advance
  19. Hey guys, I just received my new Mark V a few days ago (upgraded from the Mark IV) and I was wondering if anyone else was having issues with DNSSpoof working? The 2GB sd card that shipped with the MK V was corrupt, so I had to download the latest (at the time it was 1.1.0) firmware to my own 8GB sd card. After that it flashed without a hitch. When I SSHed into the pineapple I noticed there was no redirect.php or error.php in /www/, or anywhere else on the MK V for that matter. So I checked the index.html and compared it to the one from the MK IV and they're completely different. Is the M
  20. Apologies for the newbie question: What's the solution for allowing the user to be directed to their desired site once sslstrip has captured credentails? Currently it's just reloading the log in screen rather than allowing login.
  21. Hey! The page that is used is not created by me , its made by the maker of <snip>! i have only made it work for the pineapple!! Requirements: 1.Evil Portal infusion 2.putty or an other way to ssh into your pineapple 3.win scp or an other way to scp into your pineapple 4. internet connection on your pc and pineapple Installation: 1. Download: <snip - link removed> 2. Scp install.sh into the root ("/") directory on your pineapple. 3. Ssh into your pineapple and navigate to your root folder : cd / 4. type : bash install.sh and then hit enter. 5. when it says "installed ,
  22. Hi everyone, I posted this question in /WifiPineapple/Mark IV section, but this section feels more suitable, so sorry for repost. Last few days I have been working on connecting metasploit and wifipineapple, but I got stuck. :( The idea was that when an user connects to my wifi pineapple, every page he would like to visit would be redirection to "security check" with java_signed_applet. Once the meterpreter session is created, it would add his IP to whitelist and he would be able to surf the web freely. I created a little script which is autoruned after the meterpreter
  23. Hi everyone, last few days I have been working on connecting metasploit and wifipineapple, but I got stuck. The idea was that when an user connects to my wifi pineapple, every page he would like to visit would be redirection to "security check" with java_signed_applet. Once the meterpreter is created, it would add a user to whitelist and he would be able to surf the web freely. I created a little script which is autoruned after the meterpreter is created and this script opens up victim's browser's new tab with address "http://172.16.42.1/allow.php?theIPadress". Then their IP is added to txt
  24. I know this has been mentioned in prior threads (quote/link below) but it never seems to have been resolved. To make a long story short my Mark IV works fine with dnsspoof when being run through a tether to my BT5 machine but does not work when I use my alfa in client mode hooked to an access point. (Mark IV is latest firmware, latest build of dnsspoof, adapter is NHA) ICS works fine for anything connecting to the pineapple's wlan0/access point interface, but they just get passed through to the standard internet page. Poking around in the code shown that dnsspoof is hooked to br-lan, a
  25. Pineapple Hardware Version (ex: Mark III, Mark IV, etc.): Mark IV Pineapple Software Version (ex: 2.5.0, 2.6.4): 2.8.0 OS used to connect to the pineapple: CentOS 6 Network layout of how your setup is connected (including IP information): Pineapple is connected to laptop, Laptop is connected to wireless Internet. ICS is set up. The pineapple uses the standard 172.16.42.1 address while the PC is on the 192.168.25.x network Is the problem repeatable (Yes/No): yes Steps taken which created the problem: Pasted custom HTML into the landing page box. If I browse to 172.16.42.1, I see the page.
×
×
  • Create New...