eric_ledford Posted August 14, 2012 Share Posted August 14, 2012 i recently bought a pineapple, i can get to web interface, and karma is working, but i cant get dns spoofing to redirect to the special facebook page or anything. im using it on windows 7 and ubuntu so whichever is eaiser. im going to be using it to do a security audit, and a penetration testing class im taking. Quote Link to comment Share on other sites More sharing options...
Neworld Posted August 14, 2012 Share Posted August 14, 2012 To get DNS spoof to work... go to the edit tab that says 172.16.42.1 example.com[/CODE]And change it to[CODE]172.16.42.1 *facebook.com[/CODE]Now, using winscp, go to your redirect.php under the /www/ folder.Edit it to suit your needs.... mine looks like this[CODE]<?php$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];if (strpos($ref, "facebook")) { header('Location: facebook.html'); }?>[/CODE]Hope that helps :D Quote Link to comment Share on other sites More sharing options...
amoeba Posted August 14, 2012 Share Posted August 14, 2012 i recently bought a pineapple, i can get to web interface, and karma is working, but i cant get dns spoofing to redirect to the special facebook page or anything. im using it on windows 7 and ubuntu so whichever is eaiser. im going to be using it to do a security audit, and a penetration testing class im taking. I aslo having problems with dnsspoofing, try ping facebook.com a couple of times and check the results, I get 172.16.42.1 sometimes but motley i get facebook legit ip adress, havent solved that issue yet... amoeba Quote Link to comment Share on other sites More sharing options...
loozr Posted August 14, 2012 Share Posted August 14, 2012 That might be because the IP is still stored in the DNS cache.. If so you should be successful if you close your browser, and (assuming windows) run ipconfig /release, ipconfig /flushdns and ipconfig /renew Might not need to run all of them, but I think this might help. Quote Link to comment Share on other sites More sharing options...
Neworld Posted August 14, 2012 Share Posted August 14, 2012 If your still having trouble bringing up your html, it's probably because its pre cached... Delete your cache and try again. Quote Link to comment Share on other sites More sharing options...
eric_ledford Posted August 14, 2012 Author Share Posted August 14, 2012 thanks, problem solved, now the issue is every website other than facebook looks like a coffee shop login page. lol i followed this video before posting here. is it possable to phish people while still giving them full net access and just phish like facebook? Quote Link to comment Share on other sites More sharing options...
loozr Posted August 14, 2012 Share Posted August 14, 2012 (edited) Yes you can phish only specific pages and give full net access to other pages. If you take a look at your DNS spoof page, and there you shuold enter pineapples ip, and the site you want to spoof. ie 172.16.42.1 facebook.com[/CODE]Some pages I found that I needed to also add a line with www in front of the rest of the address.. Edited August 14, 2012 by loozr Quote Link to comment Share on other sites More sharing options...
amoeba Posted August 14, 2012 Share Posted August 14, 2012 It works then running release, flushdns and renew but the "victim" wont do that so when do it really work? And is there a whey do make it look better it adress field, not like www.google.com/google.html Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 14, 2012 Share Posted August 14, 2012 It works then running release, flushdns and renew but the "victim" wont do that so when do it really work? And is there a whey do make it look better it adress field, not like www.google.com/google.html if you stop internet sharing or unplug where the internet is comming that should force the victim to the right page Quote Link to comment Share on other sites More sharing options...
amoeba Posted August 14, 2012 Share Posted August 14, 2012 if you stop internet sharing or unplug where the internet is comming that should force the victim to the right page yeah, but then the rest of the internet will go down for the victim Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 14, 2012 Share Posted August 14, 2012 yeah, but then the rest of the internet will go down for the victim What would make an awesome tool is one that redirects based on ip and with added functionality like rules/group rules for each client connected to the pineapple and a feature so after a client browses or enters data IE http post data they would get redirected to the real page and only for that site/ip Quote Link to comment Share on other sites More sharing options...
itsm0ld Posted August 15, 2012 Share Posted August 15, 2012 What would make an awesome tool is one that redirects based on ip and with added functionality like rules/group rules for each client connected to the pineapple and a feature so after a client browses or enters data IE http post data they would get redirected to the real page and only for that site/ip Yes! I have been looking for some code that was aware of the client and if it grabbed the post data it forwarded it back to the real website. If i had to vote for a module this would be it! Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 15, 2012 Share Posted August 15, 2012 (edited) Yes! I have been looking for some code that was aware of the client and if it grabbed the post data it forwarded it back to the real website. If i had to vote for a module this would be it! not so much a module but a program like dnsspoof, I don't have the time or know how at this point to make something function like that, even the dnsspoof source could be changed to add checking of clients against a list to allow or disallow a mac or ip to be spoofed, I have no idea how you would change dnsspoof to redirect actual traffic and not only just dns Edited August 15, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
itsm0ld Posted August 15, 2012 Share Posted August 15, 2012 If only I had more time and the know how this would be awesome project, DNS is really all that is needed to capture the post data with a phishing page Quote Link to comment Share on other sites More sharing options...
potato Posted August 16, 2012 Share Posted August 16, 2012 Other than having the victim run ipconfig /flushdns Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.