Jump to content

S.e.t?


Neworld
 Share

Recommended Posts

I have had some success having the pineapple redirect to my BT5R3 box connected via ethernet w/ ICS. The problem I have faced is the persistent DNS loop when SET redirects the victim to the real site after the exploit or credential harvest has completed. I have tried until I was blue in the face to figure out away around this and haven't had any success. I decided an error message after the redirect is acceptable if I am only trying to redirect a specific site. Obviously if you were to try to redirect *, you are going to run into problems.

Edited by skimpniff
Link to comment
Share on other sites

Mr-Protocol, I completely agree, but i'm curious what type of VPS are you using and how do you connect it to your pineapple?

I typically just connect to my pineapple with a laptop directly to it. But you can do that and instead of having a meterpreter listener or anything on your laptop, just have it on a server at home that is setup for listening or use a VPS in that aspect. You can have it running and ready for connections. Then you re-direct users with your pineapple to your VPS fake site and the only load on the pineapple would be the passing of traffic through it. (In theory)

Link to comment
Share on other sites

I typically just connect to my pineapple with a laptop directly to it. But you can do that and instead of having a meterpreter listener or anything on your laptop, just have it on a server at home that is setup for listening or use a VPS in that aspect. You can have it running and ready for connections. Then you re-direct users with your pineapple to your VPS fake site and the only load on the pineapple would be the passing of traffic through it. (In theory)

This set up seems like it would take care of the DNS spoof loop as well, since the pineapple is not sharing the internet connection.
Link to comment
Share on other sites

I typically just connect to my pineapple with a laptop directly to it. But you can do that and instead of having a meterpreter listener or anything on your laptop, just have it on a server at home that is setup for listening or use a VPS in that aspect. You can have it running and ready for connections. Then you re-direct users with your pineapple to your VPS fake site and the only load on the pineapple would be the passing of traffic through it. (In theory)

Got it, kinda what I figured but figured I would ask. Sometimes someone has a crazy cool way of doing things I haven't thought of =) Thanks for the replay.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...