Advance Phisihing Help

[kurtm]

hi, ive successfully made phising inside the pineapple but is just a basic phishing with just 10 sites. Which just save login and passwords and shows an error. but this kind of phising is very obvious. my question is

Has any one have any idea how to setup internet --> pineapple---> users then when users login for example to facebook it will capture login and passwords at the same time submits it to the real FaceBook site instead of an error so that users will not have an idea they are being phished.

[Mr-Protocol]

That is more of a redirect than forwarding the traffic on. Maybe you can do something with redirect.php? I'm not familiar with php.

[PineDominator]

Has any one have any idea how to setup internet --> pineapple---> users then when users login for example to facebook it will capture login and passwords at the same time submits it to the real FaceBook site instead of an error so that users will not have an idea they are being phished.

The tool built into the newer mark3 firmware is called "ngrep" but I have not played around with it because there seems to be lots of bugs with ngrep.

Can any one report if ngrep works as it should or is there a workaround/search string that works?

http://wifipineapple.com/doku.php?id=quick_start_guide shows how to set up internet connection sharing. I would prefer linux

because you can run sslstrip witch by the way will collect logins, for pen testing of course.

but it seems that a new header protocol in http has made it so far impossible to strip ssl from websites that send a header specifying that ssl is required.

seems firefox and chrome both make use of this..

[kurtm]

can any body share a code for a redirect which will save the login and password and after it forward to legitimate site