Jump to content

Search the Community

Showing results for tags 'Spoof'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 20 results

  1. Hi all, Can a Ubertooth One be used to impersonate a BT device? lock, speaker, headset, etc.? Spoofing the MAC should be trivial, I'm just wondering about if it can present itself as the above devices/services. It doesn't have to do the job, just claim to for the pairing. TIA
  2. I'm trying to spoof my Surface 4 Pro's WiFi MAC address. It's running Win10, and the stock Marvel driver mrvlpcie8897 circa 2016. Using Powershell, like Darren shows in his video here: MAC Spoofing for Free in-flight Wi-Fi (and monkeys) - Hack Across The Planet - Hak5 2208 https://youtu.be/vuY-u-HfSMs?t=478 ...it appears my driver doesn't permit changing MAC address. My question is- what driver is recommended (what driver is Darren using on his W10 platform?) and where can I get a hold of it? I also tried using an Alfa AWUS036H, USB-WiFi adaptor...but its driver also prohibits MAC spoofing. Any ideas? Thanks.
  3. Hello all Total newb here. Have done some small hacks in the past but no real knowledge. Recently had a friend spoofed from the email address @emkei.cz would like to know using the source if it can be traced back to the sender? reason this is important is this is a political issue. I have seen a lot of no's on forums but i thought this place might know more than the standard fare that comes up in google searches. Regards
  4. Hello everyone, Today I have been playing with the SpoofDNS feature of the Packet Squirrel (payload 2). I noticed the following: > Redirection of spoofed URL works fine > Internet works fine > Internal resources by DNS name are not accessible (but can be pinged) This almost never causes problems on a private PC but might cause problems on a company network. The user is able to access the internet but can no longer access internal websites. For example, we host a ticket system on the network (tickets.company.nl) which, for example, was no longer accessible. All other internet DNS queries where resolved ok. SpoofDNS is standard on NAT network mode. This is fine. The client thus receives an IP address from the Packet Squirrel. The client first performs a DNS lookup at the Packet Squirrel and the Packet Squirrel routes it to the Spoofed IP if the requested DNS name is on the spoof list. If the name does not appear on the spoof list, I assume that the Packet Squirrel routes the client traffic through the company's DNS server. But I do not think that is the case because the internal resources are no longer available. Which DNS server does the Packet Squirrel use? And is there a fix so that internal resources can be reached. I have already tried to change the network mode to BRIDGE. Then internal resources can be reached again but logically the spoofing does not work because the client make the DNS request at the company DNS server and not at the Packet Squirrel anymore. I am very curious how this works. Hopefully you can help me? Thank you! Sincerely, Jarno
  5. Hi, I am using asterisk and gotrunk as voip service provider to achieve call spoofing. The 'set CallerID' feature of asterisk is used to modify the callerID and then call is forwarded to voip trunk. But Go Trunk blocked spoofing caller ID feature probably because of scamming. Are there any alternatives that i can use to achieve the same functionality??
  6. Works like a charm if Bunny detects as 2Gb adapter (takes precedence over host's NIC) https://github.com/pojebus/bashbunny-payloads/tree/master/payloads/library/dns_spoofer
  7. I have a pineapple tetra and am currently interning with an I.T. admin. We decided to see how the Cisco AP's would react to the tetra. I booted up Kali and the pineapple on my laptop (which was connected to the guest network) and immediately, the admin received texts and emails that a rogue AP had been detected. When I tried to deauth the AP's for the guest network, they blocked it and sent another email saying the attacks were "contained." As I come to understand wireless networks, I assume being on the guest wifi helped detect the tetra, but I also assume that a wifi adapter in monitor mode could pick up devices without the Cisco AP's flagging it... The goal is to get to the hidden wlan- pineapple or not, any suggestions would be great for accessing the wlan. Cheers
  8. Hi I'm experimenting with Ettercap to perform MiTM attacks, and DNS-spoof. My setup exists out of two laptops. Laptop A running Kali Linux 2.0 and is the 'attacker' machine (IP:, and Laptop B running Windows 7 as 'victim' (IP: I'm encountering a few problems when I try this, first of all, the command 'route' doesn't find my actual default gateway. It says the default is '', but Ettercap and the Windows machine say it is '' which is the correct one. But that ain't he biggest problem, the biggest problem is, that my DNS-spoof attack is working when performing it using the Ettercap-GUI. But as soon as I try to do it by using the terminal it fails; it doesn't even intercept the requests made from the victim. My command: ettercap -T -q -i wlan0 -M arp:remote -P dns_spoof // What is wrong with this command, because the attack works in graphical mode there is something wrong with the command, not with my network setup. I also made a video showing the problem: https://sendvid.com/8o8p2ssz like you can see there it is working graphical, but not from terminal using the command. And than my second question Can someone point me in the right direction/tutorial on how to use this attack with SSLstrip? This to perform a downgrade attack to also be able to DNS-spoof SSL-protected (HTTPS) websites. Of course I have searched myself, but none tutorial or video found showing it with Ettercap etc. Thanks!
  9. So here are the facts i am working with kali sana trying to spoof dns with ethercap 1.internal network 2.I can spoof dns ===> when pinging facebook.com from victim machine i get my internal IP ( 3.but when i try to browse with edge, chrome to facebook.com it says no connection 4.when i spoof a different url i get the index page of the server of the attacker 5.tried to spoof dns on xp and on windows 10 same results how can i solve this problem and what is the cause Thank you in advance
  10. hiii i have make some fake pages for known pages like Facebook etc i have also install dnsmasq in Kali and setup Apache server and every thing is okay now when the victim visit Facebook in chrome for example it will told him that this is unsecured cuz of https is there any way or tools in Kali to avoid that or any other thing would be greet thanks :)
  11. Why don't we use the innate ability of dnsmasq to spoof hosts instead of dnsspoof? I noticed that the pineapple would reply to my queries twice when using dnsspoof (instead of once as I expected). After some research http://blog.philippheckel.com/2013/07/18/how-to-dns-spoofing-with-a-simple-dns-server-using-dnsmasq/ I noticed that is it 1. entirely possible thus moving away from the hit and miss of dnsspoof and 2. would make it much neater. Should we look into creating an infusion maybe? Wishing you all well, Cristian
  12. Dear Hak5 Community, Whilst playing around with the Wifi Pineapple MK5 -> dnsspoof and I noticed that whilst I would receive the spoofed reply, dnsmasq would also send the correct record. I then started investigating dnsmasq and I noticed that it is possible to use it in order to spoof hosts directly. The problem I have with dnsspoof is that sometimes the browser would get the correct reply thus making this module less useful. When using dnsmasq the success rate is 100%. Do any of you know why we are not dropping dnsspoof and use dnsmasq instead? I have a proof of concept infusion, but before I work on it any more I would like to know if anyone could foresee any issues with using dnsmasq instead of dnsspoof. Kind regards, Cristian
  13. I currently need information as how to spoof my DHCP Name I am already spoofing my MAC address but the name appears as my computer name and the admin (parents) reset it. If I continue with it I will have multiple duplicates of my computers name. Which will end in extreme suspicion. I only need to make the name be "Network Device" for we already have 3 of those and won't look suspicious at all. I am full admin of my computer I do have it password protected so no one but me will access it. I only need the spoof for random occurrences. Simply for the fact if I used it too often I would get caught. Thanks for any help.
  14. Hi, I'm trying to set up the Pineapple (firmware 2.0.3) as an access point (no Karma at all, just a single SSID) and display a simple page when wireless clients look for some specific websites. This sounds pretty easy to do. I first have to make the Pineapple connect to an access point with wlan1 to route all the traffic. Then use dnsspoof and make a few host entries (eg: website.com) for the websites I want clients to be redirected to and finally, modifying redirect.php to what I want to display. The routing/forwarding part works, it's a bit slow but it works (I guess due to the forwarding to another AP). However, I can't get dnsspoof to work. When I do dns lookup for one of the domains from a connected client, I get the legitimate IP address and not the IP address I entered in dnsspoof. It worked at some point but all I got was a page that kept trying to load (like when you try to reach the pineapple on port 80; even though I changed the index to go to redirect.php) but it stopped working as soon as I rebooted the pineapple. I also tried removing the infusions and reinstalling them, reflashing the pineapple, removing all unnecessary infusions but it is still not working. Am I doing anything wrong? Or is that scenario not doable on the pineapple?
  15. Question: If i clone a web page that contains links to other web pages will they still work? -For example, i clone an index.html. -the real index.html has links to other pages on the site. - i am redirecting my network's taffic to my clone of index.html that is on my pc - if a machine on my network clicks a link on my cloned page will the machine still resort to public dns and go to the speficif web page online?
  16. I had an issue where after starting dnsspoof through the infusions it would simply not work. pinging example.com would show as going to the pineapple on the victim PC, and best case scenario i would see www.example.com/example.html in the address bar however the page was blank and would not load. going straight to loaded the page properly though after lots of different configurations and hours of messing around with the settings i found two main issues: 1. i found no way for dnsspoof to work through the pineapple GUI/by clicking on "start" in the infusions. I finally managed to get it to work by running this through PuTTY dnsspoof -i br-lan -f /etc/pineapple/spoofhost you can also run it without the -f expression, in that case it would simply redirect all traffic, rather than only what is specified in the host file. you can also specify an expression at the end to point to where you want a log file to be created. syntax: dnsspoof [-i interface] [-f hostsfile] [expression] 2. after doing this, it worked in IE and firefox (which i have installed for testing purposes). Chrome is my default browser however, and i had an add-on installed i completely forgot about which forces https whenever possible. so when i was typing facebook.com, it was changing it to the https version and thus, automatic failure. my pages: index.php redirect.php error.php spoofhost file: *facebook.com so far i only have this configured to work with facebook for demo purposes, however ill be testing out some other websites. feels so good to see something load properly after investing so much time into trying to make it work! anyway just wanted to post my solution because this would've saved me so much time if i had known this earlier
  17. Dear friends, How to spoof the TTL(Time to Live) value in backtrack. I have no idea about that. I search this topic with Google. But i have not a good result. So please tell me how to do this ? if you think TTL value is most important to hide my ID?
  18. /etc/sysctl.conf ##############################################################3 # Functions previously found in netbase # # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1 This is in the backtrack "/etc/sysctl.conf" So why this option give to us? what is the reverse-path filter? Are you think This option is most important to hide my ID? Help me...
  19. Hello all, I am having an issue with DNS spoofing in backtrack 5 r3 ove rmy wireless interface. My attacking computer is a hp pavilion laptop with 2 gigs of ram, x64 processor, backtrack 5 r3, and my wireless card is a Atheros AR2425 with driver ath5k. My victim computer is a windows 7 serv pack 1 box with kasperski antivirus (turned off) and firewall down. I first modified my set_config file to set ETTERCAP=ON and the ETTERCAP_INTERFACE=wlan0. I then ran SET and chose >Social-Engineering Attacks>Website Attack Vectors>Java Applet Attack Method>Site Cloner>Nat/protforwarding NO>Ip addy for reverse connection"">url to clone: http://www.google.com>Windows'>http://www.google.com>Windows Reverse_TCP Meterpreter>Backdoored Executable>Port 443>It tells me Arp Cache Poisoning is ON>Site to redirect: http://www.google.com>Says'>http://www.google.com>Says its launching attack,loads up metasploit and starts two listners. At this point when I browse to http://www.google.com on my victim computer using ie it simply loads the real google website. Now if I type my subnet ip for the attackign computer SET is hosting the server on it will take me to the fake page and the java applet will appear and work when clicked. My problem is it does not seem to be redirectiong traffic on my wifi network to the fake site when i try to go to the real one. I have tried doing this the old way as well and turning off ETTERCAP inside the SET_config file. I then would launch my fake site in SET and then edit the ETTER.dns file wif the website connect info and my attacker ip. This did not work either. I have also apt-get updated and upgraded backtrack, as well as msfupdate for metasploit and svn updates for set and ettercap. What could I be missing about getting Ettercap to redirect my network traffic? Thank you for your help and let me know if there is any more information you need to help you trouble shoot this issue!
  20. Guys, Here's a quick script for changing your mac address. Simply run the script and enter the network card you would like to change. You will see your new mac address as well as your original mac. Enjoy! ~skysploit #!/bin/sh # This script will change your MAC address" # Usage: ./mac-me.sh # Script by skysploit clear echo "What interface would you like to change. Example; eth0" echo "" read ADAPTER; clear echo "Entering stealth mode " echo "" ifconfig $ADAPTER down macchanger -r $ADAPTER ifconfig $ADAPTER up echo "" echo "Your MAC Adrress has been changed, it will reset upon reboot"; echo "If this script failed: <apt-get install macchanger> and run as root"
  • Create New...