Jump to content

Help With New Pineapple Mark Iv


Recommended Posts

i recently bought a pineapple, i can get to web interface, and karma is working, but i cant get dns spoofing to redirect to the special facebook page or anything. im using it on windows 7 and ubuntu so whichever is eaiser. im going to be using it to do a security audit, and a penetration testing class im taking.

Link to comment
Share on other sites

To get DNS spoof to work... go to the edit tab that says


172.16.42.1 example.com
[/CODE]

And change it to

[CODE]
172.16.42.1 *facebook.com
[/CODE]

Now, using winscp, go to your redirect.php under the /www/ folder.

Edit it to suit your needs.... mine looks like this

[CODE]
<?php
$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($ref, "facebook")) { header('Location: facebook.html'); }
?>
[/CODE]

Hope that helps :D

Link to comment
Share on other sites

i recently bought a pineapple, i can get to web interface, and karma is working, but i cant get dns spoofing to redirect to the special facebook page or anything. im using it on windows 7 and ubuntu so whichever is eaiser. im going to be using it to do a security audit, and a penetration testing class im taking.

I aslo having problems with dnsspoofing, try ping facebook.com a couple of times and check the results,

I get 172.16.42.1 sometimes but motley i get facebook legit ip adress, havent solved that issue yet...

amoeba

Link to comment
Share on other sites

That might be because the IP is still stored in the DNS cache..

If so you should be successful if you close your browser, and (assuming windows) run ipconfig /release, ipconfig /flushdns and ipconfig /renew

Might not need to run all of them, but I think this might help.

Link to comment
Share on other sites

Yes you can phish only specific pages and give full net access to other pages.

If you take a look at your DNS spoof page, and there you shuold enter pineapples ip, and the site you want to spoof.

ie


172.16.42.1 facebook.com
[/CODE]

Some pages I found that I needed to also add a line with www in front of the rest of the address..

Edited by loozr
Link to comment
Share on other sites

It works then running release, flushdns and renew but the "victim" wont do that so when do it really work?

And is there a whey do make it look better it adress field, not like www.google.com/google.html

if you stop internet sharing or unplug where the internet is comming that should force the victim to the right page

Link to comment
Share on other sites

yeah, but then the rest of the internet will go down for the victim

What would make an awesome tool is one that redirects based on ip and with added functionality like rules/group rules for each client connected to the pineapple and a feature so after a client browses or enters data IE http post data they would get redirected to the real page and only for that site/ip

Link to comment
Share on other sites

What would make an awesome tool is one that redirects based on ip and with added functionality like rules/group rules for each client connected to the pineapple and a feature so after a client browses or enters data IE http post data they would get redirected to the real page and only for that site/ip

Yes! I have been looking for some code that was aware of the client and if it grabbed the post data it forwarded it back to the real website. If i had to vote for a module this would be it!

Link to comment
Share on other sites

Yes! I have been looking for some code that was aware of the client and if it grabbed the post data it forwarded it back to the real website. If i had to vote for a module this would be it!

not so much a module but a program like dnsspoof, I don't have the time or know how at this point to make something function like that, even the dnsspoof source could be changed to add checking of clients against a list to allow or disallow a mac or ip to be spoofed, I have no idea how you would change dnsspoof to redirect actual traffic and not only just dns

Edited by petertfm
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...