WallE Posted March 30, 2013 Share Posted March 30, 2013 Alright so I have been employed to do a job pretty simple. My client want to know if he is safe surfing at home with his wifi. Obviously he is not and here how I want to show him: First of all I want to run URLsnaff for few day, to set the attack. Listening all the best he is surfing and all. Then after this is done I would like to make phishing page for the website he is using that use HSTS (The new protection against SSLstrip) (Sorry this thread will not be about phishing page, I don't have any question about it actually just want to tell my attack in detail) The client is using WPA-PSK wireless, so I wanted to just Deauth his wifi, or jamm it. Then put everybody on my favorite fruit with karma. Once everybody is on my pineapple, I would like to run SSLstrip + DNS spoof for the page that are HSTS protected and deauth/jamm the wpa wifi every once in a while. So I was wondering if you think that was the best solution AND if you think the wifi pineapple can handle this? I heard that if you use it for too much action it will just power off. Thanks you communtiy! Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.