Jump to content

Phish Pages

SinisterRaccoon

By SinisterRaccoon
in WiFi Pineapple Mark IV

 Share

Recommended Posts

mubix Grand Master

mubix

Posted
Posted

I would start with SET (Social Engineering Toolkit) and look at how it does things. There is also SEF (Social Engineering Framework), MetaPhish, and Spear Fishing Toolkit. I think there is also one called FBPwn but I think it's just Java Applet + Facebook.

Link to comment
Share on other sites
MDKwlan Newbie

MDKwlan

Posted
Posted

Hey Raccoon. Mubix pretty much hit the nail on the head when it comes to phishing tools.

SET

http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Social_Engineer_Toolkit_(SET)

Mainly for doing phishing attacks you need to get use to what tools you are using (Like anything else).

So there's no easy mode 1 click with this (Or haven't found one yet...)

Also FBpwn's link

http://code.google.com/p/fbpwn/

Enjoy mate.

Link to comment
Share on other sites
loozr Newbie

loozr

Posted
Posted

I would recommend you to try create your own site. Me self I have NO coding experience besides a little logic thinking, and sites like facebook is rather simple to clone. I have maybe been doing this myself for a couple of days now, and feel I have learned something already.

You just rightclick and choose save entire page, then you just edit the .htm(l) file in an editor(i.e. notepad++) and search for action. You will find a link right after action, replace that link with i.e. error.php(which is your php script that posts information to a log file). Then a little further down the code you will find something like this for the username/email


<input type="text" class="inputtext" name="email" id="email" value="" tabindex="1" />
[/CODE]

Here you replace name="email" to name="name". (at least with the error.php that I'm using.)

And for the password you really don't have to change in this example, as it should be name="pass"

[CODE]
<input type="password" class="inputtext" name="pass" id="pass" tabindex="2" />
[/CODE]

After that you just save the htm(l) file and upload it(and the folder with the files) to your pineapple and test it out.

To make it clear, this might be different with other post scripts than my error.php. But I guess you figured that out since it seems you have been coding before.

As the reason why you should try doing this yourself is that you learn a lot about the webpages while screwing around in the code, and a lot of pages is quite more difficult than FB. I would recommend you to try do it manually first, and if you are unsuccessful, THEN you can use tools like SET and others.

Hopefully you understand what I have written, and hopefully my directions are correct. ;)

Link to comment
Share on other sites
potato Newbie

potato

Posted
Posted (edited)

I might whip something up in Dreamweaver while im waiting for my pineapple to ship, Has anyone got apache and php working on the pineapple or do we need an external host?

Edited by cscash241
Link to comment
Share on other sites
mreidiv Newbie

mreidiv

Posted
Posted

hey all!

ok, so i was wondering if anyone here had some good phish pages to share? and also some direction in learning to create my own. been awhile since ive done coding, but now im looking to refresh and dig deeper. any help is appreciated!

Have you checked out this thread

Link to comment
Share on other sites
waynead Newbie

waynead

Posted
Posted (edited)

removed Here is one for Facebook[/url], the emails and passwords will be stored in facebook-logins.txt


how can i dl it without installing their dl 'manager' - i just want the bare naked zip..... Edited by Mr-Protocol
Link to comment
Share on other sites
  • 1 year later...
kdmcshane Newbie

kdmcshane

Posted
Posted

I would recommend you to try create your own site. Me self I have NO coding experience besides a little logic thinking, and sites like facebook is rather simple to clone. I have maybe been doing this myself for a couple of days now, and feel I have learned something already.

You just rightclick and choose save entire page, then you just edit the .htm(l) file in an editor(i.e. notepad++) and search for action. You will find a link right after action, replace that link with i.e. error.php(which is your php script that posts information to a log file). Then a little further down the code you will find something like this for the username/email

<input type="text" class="inputtext" name="email" id="email" value="" tabindex="1" />
Here you replace name="email" to name="name". (at least with the error.php that I'm using.)

And for the password you really don't have to change in this example, as it should be name="pass"

<input type="password" class="inputtext" name="pass" id="pass" tabindex="2" />
After that you just save the htm(l) file and upload it(and the folder with the files) to your pineapple and test it out.

To make it clear, this might be different with other post scripts than my error.php. But I guess you figured that out since it seems you have been coding before.

As the reason why you should try doing this yourself is that you learn a lot about the webpages while screwing around in the code, and a lot of pages is quite more difficult than FB. I would recommend you to try do it manually first, and if you are unsuccessful, THEN you can use tools like SET and others.

Hopefully you understand what I have written, and hopefully my directions are correct. wink.png

I attempted to follow these instructions exactly when saving other webpages such as "amazon" (sign in page) and I searched for the correct places to change by searching "tabindex" in Notepad++

For some reason, the pineapple would load my facebook.htm but not the amazon.htm?

Are there certain sites you can't copy and load up in DNS spoofing or is it because the amazon.htm and files that come with it are too large?

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...