Jump to content

Pineapple Mobile Phish


Recommended Posts

Ive seen people doing page redirects for password harvesting, but has anyone seen/done harvesting of mobile app username/password like iphone facebook app.

Ive seen mobile site redirection , but wondered if it was possible to MITM app traffic.


Steve (New HAK5 watcher) (Old sysadmin)

Edited by sawks
Link to comment
Share on other sites

Short answer - no, unless you can create a duplicate app and install that on the victims phone.

Long answer: This is theoretically possible on Android, but not so far on Apple. (Barring the foobar this week)

There have been MITM attacks on Android devices, the most common ones being redirects and click-through insertions.

If you remember, WhatsApp was hacked last year, because details were sent in plain text.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...