thestudent Posted April 13, 2012 Posted April 13, 2012 Let's say that I have a dns spoof running that is redirecting traffic to my facebook.com phishing page. Is it possible once I've grabbed my intended data(username and password) that instead of redirecting to an error page or something like that, that I can use the actual IP address and redirect traffic back to the real website? Or would my dns spoof continuously catch request to that page? I don't think it would because I wouldn't be using a dns server if using the actual IP. Thanks in advance :D . Quote
Technoprenerd Posted April 13, 2012 Posted April 13, 2012 (edited) Hi thestudent, I already wondered about that too. I think you will need to edit the error.php page, at the last part where there is javascript saying go back 1 page. That needs to be than the real page. Client --> Pineapple --> DNS on pineapple --> Redirect to real page after credential grabbing. I don't know about putting the grabbed credentials into the real page and log the clients in automatically. Ps: The module Keylogger is being worked on ATM by WhistleMaster. Maybe want to check that out, with the ettercap magic. Edit: The Javascript code to go to the real page will only work for one page. So we'll need some PHP code also, to distinguish between pages (I don't know about those codes). Probably with the HTTP_REFERER, and code something around that. Edited April 13, 2012 by vlek007 Quote
NotTheFed Posted April 13, 2012 Posted April 13, 2012 it is possible if the realsite you wish has child domains.. http://forums.hak5.org/index.php?showtopic=25892&st=0 look into that... I have many pages that work. SOME times the DNS spoof loops if the target refers back to the parent domain for content..ect NTF Quote
skimpniff Posted June 29, 2012 Posted June 29, 2012 Just use the social engineering toolkit (SET) and don't re-invent the wheel. I talk bout it more in my post here: http://forums.hak5.org/index.php?showtopic=26845 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.