Just thought i would start a discussion on this. I think a drift net module would be pretty cool on the pineapple, then again i have no idea how resource intensive it would be etc. I might look into it as a module one i get some ma 1337 module dev skills! lol but i am thinking that with the use of php and html that this could be very much possible.


- Anton

Hey dustbyter its just a program/module that grabs any images passing through a network that you're monitoring, it's a pretty neat little program, u can see videos of it in action on youtube, search driftnet.

- Anton.

Ok guy's i have been thinking long and hard about this, i have come up with a method that might By using tcpdump i could strip all html from a selected client/ip and then use a really simple bit of javascript to pull the images from the html, yes there would be a couple of things like images applied via css we wouldn't see but i might be able to come up with something else for that, atm i am just concontrating on the html. Here is the script that would make it all possible.

function checkimages() {
var images = document.getElementsByTagName('img');
for (var i=0; i<images.length; i++){
var img =images[i].getAttribute('src');
//Output them to module UI

That's the easy part, the hard part will be getting javascript to communicate with tcpdump and retrieving html from a client that you would select in the module UI. Does one one have any modules that interact with tcpdump in any way that i could take a look at? Maybe javascript wouldn't even interact with tcpdump maybe i would use a shell script or something? first time doing this so i really don't know.


To make it clear what i want to do is pull all html from a selected client at time intervals of 5 seconds or something like that and then dump that html to usb, i will then read that dumped html using javascript in the module and apply the javascript snipped above to pull the images from the html and dump them in an array, i would then have another piece of javascript in my module that would loop through that array and display the images, similar to drift net :) Does this seem fee sable or am i just talking tripe lol I am not trying to do it in a roundabout way am i?

Cheer's - Anton.

I just run ettercap on the pineapple and dump everything to a pcap file....

cd /usb

ettercap -Tq -i br-lan -w filename.pcap

When done collecting open the file in NetworkMiner 1.4

Click on images tab...


PS Sometimes I just run driftnet on the host PC that the pineapple is connected to..

