TheKingUnderTheHill Posted January 6, 2012 Share Posted January 6, 2012 Right, so im testing the pineapple and its all going great, i can get the client to connect, admittedly not automatically, but its a start, and ive got the phishing nearly figured out! However, just a few things i bumped into and would like to clarify... - Instead of the target connecting to the pineapple automatically, it connects to its memorized network, is this normal? - When i go to any of the phishing sites (such as google.com) i get the Peetz Café landing page, but i can go no further, any ideas how? - Best options to deauth all clients in area on any network except the pineapple? Cheers Guys! :D Quote Link to comment Share on other sites More sharing options...
Pacmandu Posted January 6, 2012 Share Posted January 6, 2012 (edited) Hi TheKingUnderTheHill - Instead of the target connecting to the pineapple automatically, it connects toits memorized network, is this normal? It depends. If the memorized network is secured with a password then it will connect to the memorized network instead of the pineapple because even though karma is looking at the probe request it can only replicate an open network because it doesn't know the key for the secure network. But if the computer remembered an open network then karma should kick in and grab that client before it can connect to the legit router if you are the stronger signal. - When i go to any of the phishing sites (such as google.com) i get the Peetz Cafélanding page, but i can go no further, any ideas how? Can elaborate more on what you mean? When you dnsspoof, you are spoofing everyone including yourself if you are not providing internet to your captured clients. So if the pineapple is standalone in terms of just the pineapple and no route to the internet then no you can't go any further which is kind of the point for this type of phishing. Now if you are talking about dnsspoof'ing and providing internet then you will have to come up some type of iptables rule and allow the client out once they hit accept (or whatever your phishing page is). Take a look at g0tm1lk's fakeAP_pwn script (Link) for that kind of stuff. Best options to deauth all clients in area on any network except the pineapple? Airdrop for sure, from a laptop. It is easy to setup and there is some good documentation out there so I won't go into detail. Hope this helps Pacmandu Edited January 6, 2012 by Pacmandu Quote Link to comment Share on other sites More sharing options...
TheKingUnderTheHill Posted January 6, 2012 Author Share Posted January 6, 2012 In terms of the dnsspoofing, im just following the way darren did it on this site everything is set up fine, but whenever i go to google.com or any other site that is set to spoof, i cant advance past the cafe page, despite having the html/php files for the phising, which wouldnt need access to the internet since theyre in the /www folder on the pineapple. Thanks for your help! Quote Link to comment Share on other sites More sharing options...
Pacmandu Posted January 7, 2012 Share Posted January 7, 2012 (edited) In terms of the dnsspoofing, im just following the way darren did it on this site everything is set up fine, but whenever i go to google.com or any other site that is set to spoof, i cant advance past the cafe page, despite having the html/php files for the phising, which wouldnt need access to the internet since theyre in the /www folder on the pineapple. Thanks for your help! I guess I'm not seeing what the issue is. What is your end goal? What are you expecting the pineapple to do? Are you trying get around the spoof yourself or are you trying to get your clients around the spoof once they accept? dnsspoof will never let you go past your landing page as everything is redirected to the pineapple and the phishing pages will not forward you either. So what you are describing is normal use. If you want to actually go to google.com then you will have to stop spoofing yourself. Pacmandu Edited January 7, 2012 by Pacmandu Quote Link to comment Share on other sites More sharing options...
TheKingUnderTheHill Posted January 8, 2012 Author Share Posted January 8, 2012 I guess I'm not seeing what the issue is. What is your end goal? What are you expecting the pineapple to do? Are you trying get around the spoof yourself or are you trying to get your clients around the spoof once they accept? dnsspoof will never let you go past your landing page as everything is redirected to the pineapple and the phishing pages will not forward you either. So what you are describing is normal use. If you want to actually go to google.com then you will have to stop spoofing yourself. Pacmandu Right, im with you now. I thought that if i had the .PHP files for Facebook.com, or Google.com, it would redirect the target to the stored .PHP copies of the spoofed websites, like in this video, instead of all of the listed sites going to the single landing page. HAK5 LINK: http://www.youtube.com/watch?v=3uNdu9TM3HM Quote Link to comment Share on other sites More sharing options...
Pacmandu Posted January 8, 2012 Share Posted January 8, 2012 (edited) Right, im with you now. I thought that if i had the .PHP files for Facebook.com, or Google.com, it would redirect the target to the stored .PHP copies of the spoofed websites, like in this video, instead of all of the listed sites going to the single landing page. HAK5 LINK: http://www.youtube.com/watch?v=3uNdu9TM3HM Yeah I have seen the video. Yeah, it's not the php files of facebook and google, you have to clone the entire site your are trying to spoof and change the input form fields to point to the pineapples error.php. The landing page redirects to redirect.php and then based on the URL the target came from the redirect.php serves up that spoofed site. Then, once the target enters in their credentials it will send it to error.php and dump what they typed in to /www/pineapple/phish.log and display whatever html is in error.php. Hope that answers your questions. Pacmandu Edited January 8, 2012 by Pacmandu Quote Link to comment Share on other sites More sharing options...
TheKingUnderTheHill Posted January 12, 2012 Author Share Posted January 12, 2012 Awesome cheers, do i remember Darren doing a video on how to clone the sites? cant seem to find it? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.