Jump to content

Apps and the Pineapple/Karma


Recommended Posts

Hello all

I've been playing with my pineapple and my newly created raspberry pi running karma (all hail digininja!). Normally I test my karma'ing with my trusty "victim" laptop, but this time I decided to use my ipad instead. I couldn't help but notice that when I have sslstrip running, few apps are able to load, and when they do, there is usually some erratic behavior in the app. Either they sit and spin (loading animation) or just straight up fail (...Please check your network connection) or other bizarre behavior (facebook app on iphone says I have no friends when I goto my News Feed). This to me is quite the red flag raised to the vast majority of real world victims, who unless you're targeting a specific persons laptop with white/black lists, will no doubt be using a smartphone/tablet. With the proliferation of "post-pc" mobile devices, the lack of internet-connected-app support does not bode well for those of us who enjoy the benefits of sslstrip.

Anyone have any ideas on how I can fix this? It must be something in my sslstrip preparations/command that I can change right? Here is my usual "dump 'n strip" script that I run via wps button press.

tcpdump -i eth0 -w /usb/cap.pcap -n net &
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-ports 10000
sslstrip -w /usb/sslstrip.log &

I know, the port 80 to 10000 is weird, but thats what was in the how-to sslstrip forum post and I've been using this script for 6 months and it works fabulous otherwise. Any help is much appreciated fellas, as always!


Edited by telot
Link to comment
Share on other sites

  • 4 months later...

Sup Telot,

So, I have been dealing with this as well. It seems I can only get iOS apps to run if I turn off the port 443 prerouting rule. (Not ideal, I know). However, If you setup the Pineapple to run with Beef.. iPhone apps run and... drum roll... all credentials from apps get logged (if there are credentials to pass). It's a bit involved but that's the only way I could get it work with my Kali laptop running Easy-Creds or by modifing 911_AP from Em3rg3ncy. Downside is that other OS's such as Windows, Mac, Linux browsers will report a bad cert in this scenario but curiously the iOS apps don't complain. I still need to do more testing however. I haven't tried quite everything yet.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...