PineDominator Posted April 2, 2012 Share Posted April 2, 2012 (edited) OK so thanks to Shadowmmm I convinced myself to look for a better way to randomize the roll pages EDIT April 16 2012 ____________________________ NEW VERSION 2.0 _______________________________ So I was tinkering around and have made a revised random.php setup. this time backup /www/index.php or the code in the landing page, /www/index.php is the landing page. then insert the below code in the landing page, with nothing else. <?php $mypages = array("web/nyan/index.html", "web/pbj/index.html", "web/rickroll/index.html", "web/rainbow-chicken/index.html"); $myrandompage = $mypages[mt_rand(0, count($mypages) -1)]; include($myrandompage); /* Random roll php version 2.0 by petertfm Instructions found on forums: http://forums.hak5.org/index.php?/topic/26036-random-roll-page-php-version/ Original landing page backed up: /www/index.php.bak */ ?> what's different is we are now loading the index.html page into the current so you get a link that looks like "www.google.com/" and not "www.google.com/web/rickroll/index.html", also I took the /'s in the beginning of the links, causes error. as a plus when you refresh it randomizes again and a new page is displayed:-D PLEASE NOTE: I had to go into all my index.html files and put the exact links to images/mp3's/videos IE /web/rickroll/NGGUP.mp3 Edit DNSSpoof Host (under config) to capture all hosts 172.16.42.1 * and remember to enable dnsspoof Here are the modified files to make this work http://www.mediafire...h17993t/web.zip remember to put these onto a usb drive and sym link it like this: ln -s /usb/web/ /www/web DNSSpoof autostart, add this to Execute on boot script "under scripts in UI": echo '' > /www/pineapple/logs/dnsspoof.log /www/pineapple/dnsspoof/dnsspoof.sh & Edited August 26, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
shadowmmm Posted April 2, 2012 Share Posted April 2, 2012 Appreciate the Effort you put into this petertfm. will be setting this up straight away Quote Link to comment Share on other sites More sharing options...
shadowmmm Posted April 2, 2012 Share Posted April 2, 2012 confirmed working.Thank you. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 2, 2012 Author Share Posted April 2, 2012 confirmed working.Thank you. Thank you Glad to here It is working and if anyone is knowledgeable in php? the only thing I would like to change at the moment is how do I get a new random page by refreshing the victims browser it always gets the same page. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted April 2, 2012 Share Posted April 2, 2012 Thank you Glad to here It is working and if anyone is knowledgeable in php? the only thing I would like to change at the moment is how do I get a new random page by refreshing the victims browser it always gets the same page. You could use sessions. random.php <?php session_start(); $mypages = array("web/nyan/index.html", "web/pbj/index.html", "web/rickroll/index.html"); $myrandompage = $mypages[mt_rand(0, count($mypages) -1)]; $_SESSION = $myrandompage; header("Location: $myrandompage"); ?> Now, your pages can't be html but have to be php. Then redirect them to whatever is in that session variable. Do some check: "If page != page in sessions, redirect there. Otherwise stay" You can get the current page with this: "$_SERVER[php_SELF];" Or better: htmlentities($_SERVER['PHP_SELF']) (strips any "injected" scripts etc) Maybe that helps a bit. Best, Seb Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 2, 2012 Author Share Posted April 2, 2012 You could use sessions. random.php <?php session_start(); $mypages = array("web/nyan/index.html", "web/pbj/index.html", "web/rickroll/index.html"); $myrandompage = $mypages[mt_rand(0, count($mypages) -1)]; $_SESSION Now, your pages can't be html but have to be php. Then redirect them to whatever is in that session variable. Do some check: "If page != page in sessions, redirect there. Otherwise stay" You can get the current page with this: "$_SERVER[php_SELF];" Or better: htmlentities($_SERVER['PHP_SELF']) (strips any "injected" scripts etc) Maybe that helps a bit. Best, Seb = $myrandompage; header("Location: $myrandompage"); ?> session_start() gives a fatal error, call to undefined function Quote Link to comment Share on other sites More sharing options...
shadowmmm Posted April 2, 2012 Share Posted April 2, 2012 /* set the cache expire to 5 minutes */ session_cache_expire(5); $cache_expire = session_cache_expire(); would something like this maybe work? Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 3, 2012 Author Share Posted April 3, 2012 /* set the cache expire to 5 minutes */ session_cache_expire(5); $cache_expire = session_cache_expire(); would something like this maybe work? tried a bit of stuff and can't get the page to refresh to another random index.html I originally used "include('web/nyan/index.html');" you get the html just not any of the other files, need a way to include the html as well as setting the relative path to the content? Quote Link to comment Share on other sites More sharing options...
telot Posted April 3, 2012 Share Posted April 3, 2012 Excellent work petertfm! I'm foreseeing a module that comes with all the popular rick rolls (call it the prank pack or something) with a guy that lets you choose which roll you want, and also gives the option to randomize! What do you think? telot Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 3, 2012 Author Share Posted April 3, 2012 Excellent work petertfm! I'm foreseeing a module that comes with all the popular rick rolls (call it the prank pack or something) with a guy that lets you choose which roll you want, and also gives the option to randomize! What do you think? telot I would love It!! I was thinking some kind of file browser for the pineapple embedded in the module php, In my looking around I could not find what I wanted, was thinking being able to select multiple .html files then when finished it would compile it into the random.php script and change the landing page. I have given up on that for now so your welcome to run with it or similar. It looks like we might have an official firmware release soon:-D thanks again:-) Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted April 3, 2012 Share Posted April 3, 2012 It looks like we might have an official firmware release soon:-D Says who? ;) Just waiting on a few things and it will be out.. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 5, 2012 Author Share Posted April 5, 2012 BTW I auto run dnsspoof by adding this to the cron script under the jobs tab 1 * * * * php /www/pineapple/dnsspoof/startdnsspoof.php after 1 minute the startdnsspoof.php is run. Quote Link to comment Share on other sites More sharing options...
shadowmmm Posted April 5, 2012 Share Posted April 5, 2012 thx petertfm was looking for something like this.no how would we setup to have the phish.log and urlspoof.log files be saved on the /usb/www/ folder instead of the root/www/pineapple folder. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 5, 2012 Author Share Posted April 5, 2012 (edited) thx petertfm was looking for something like this.no how would we setup to have the phish.log and urlspoof.log files be saved on the /usb/www/ folder instead of the root/www/pineapple folder. I never gave it thought but I did a bit of digging and came up with something that seems to be working. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! use at own risk !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! usb drive must be inserted all the time after this mod and do not rename or remove the files/folders on the usb IE /usb/logs/ ok so ssh into pineapple with your confirmed working usb drive and issue mv /www/pineapple/logs/ /usb/ that moves the logs folder to the usb drive root as logs/ then issue ln -s /usb/logs/ /www/pineapple/logs sim links the moved logs folder to the original place in /www/pineapple/ please note the above commands may need tweeking because I don't remember if I used some of the /'s I did have a preconception that the logs were stored in ram not flash, just because all those writes to ram would be a safer bet and every reboot would give you a fresh log, does anyone else agree? I personally would like it in ram and every say 5 minutes write them to usb. I am more concerned for constant flash writes? with all the added stuff you can log and that is being logged Edited April 6, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
shadowmmm Posted April 6, 2012 Share Posted April 6, 2012 thank you.have you thought about using telot ssmtp to get the logs from your usb sent to you every 30min or something to your email account. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 7, 2012 Author Share Posted April 7, 2012 (edited) I am but not as far as how I use the pineapple at the moment. I do believe It would be a good idea that when sending logs through whatever medium is implemented It might be a good idea to let other scripts/modules add to those logs and be able to flag how important/urgent what was just logged. that way you could have the logging built-in and the modules could just reference it like such: logger -l logfileName --urgency 10 --importance 10 "credentials collected facebook.com user:someUser pass:lamePass" logfileName could be the module name or better yet a general credential log, logging to both would be ideal that way if you just wanted to see all the credentials any program/module collected you could see it all on one list and also see everything that went down for just that module? and if it was high urgency then send the e-mail immediately. does anyone agree that making this a standard is a good idea? Edited April 7, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 17, 2012 Author Share Posted April 17, 2012 I have made a new version to the way random.php works. It is easier to set up and shows the redirected url as www.google.com and not www.google.com/web/rickroll/index.html and as a bonus when refreshed it reloads a random page Please see the updated version in the original post at the top. Quote Link to comment Share on other sites More sharing options...
shadowmmm Posted April 17, 2012 Share Posted April 17, 2012 yet again great job petertfm.updating mine straightaway. Quote Link to comment Share on other sites More sharing options...
shadowmmm Posted April 30, 2012 Share Posted April 30, 2012 did you have to chmod +m anything? Quote Link to comment Share on other sites More sharing options...
Arch_Angel Posted May 1, 2012 Share Posted May 1, 2012 (edited) i myself made a small adjustment to the cron job and currently use 1-59/1 * * * * php /www/pineapple/dnsspoof/startdnsspoof.php I loved having the logs on my USB though, thanks petertfm! +1 Edited May 1, 2012 by Arch_Angel Quote Link to comment Share on other sites More sharing options...
PineDominator Posted May 5, 2012 Author Share Posted May 5, 2012 i myself made a small adjustment to the cron job and currently use 1-59/1 * * * * php /www/pineapple/dnsspoof/startdnsspoof.php I loved having the logs on my USB though, thanks petertfm! +1 your welcome:-) Im away but wondered what the 1-59/1 does? Quote Link to comment Share on other sites More sharing options...
BigFanOHak5 Posted July 8, 2012 Share Posted July 8, 2012 (edited) Thanks for this. It works like a charm. Only question I had: When I disable dns spoof, it doesn't go back to normal webpages- any page I to go to times out. Do you think the pineapple has to be rebooted every time to go back to normal? I've tried to clear the cache on the pineapple. I also noticed the Wlan light blinking constantly as if it was still reading one of the roll pages. Edited July 8, 2012 by BigFanOHak5 Quote Link to comment Share on other sites More sharing options...
PineDominator Posted July 8, 2012 Author Share Posted July 8, 2012 Thanks for this. It works like a charm. Only question I had: When I disable dns spoof, it doesn't go back to normal webpages- any page I to go to times out. Do you think the pineapple has to be rebooted every time to go back to normal? I've tried to clear the cache on the pineapple. I also noticed the Wlan light blinking constantly as if it was still reading one of the roll pages. BigFanOHak5 I think what is happening is when you get dnsspoofed most devices like I've experienced with my android phone remember the ip addres after the initial dns lookup, can you try visiting a page that you have not tried while the dnsspoof was running. the wlan led flashing might be normal, what I use for android to reset my cashes is an app called 1tap cleaner free Quote Link to comment Share on other sites More sharing options...
potato Posted August 16, 2012 Share Posted August 16, 2012 Bump git hub link is dead Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 17, 2012 Author Share Posted August 17, 2012 I was lazy and did not remove the link to github, instructions are in this topic;-) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.