Jump to content

two problems: sslstrip not installing and DNSspoof not working


echosrcool

Recommended Posts

hello. i have two problems..

one, i downloaded the infusions like nmap and sslstrip.. but they aren't installing. i formatted a USB drive to ext4 and it reads the drive.. but it wont install anything from the infusions.

two, DNSspoof doesn't seem to work

this is my spoof config

172.16.42.1 facebook.com/*
172.16.42.1 facebook.com
172.16.42.1 m.facebook.com
172.16.42.1:1471 pineapplesareyummy.com
yes, its on and working when i type in 172.16.42.1 * but it doesn't seem to work otherwise. when i type in facebook.com it DOES NOT go to my spoof site. it goes to the actual facebook.com.. so i added other variations of it as you see now, and they don't work either.
Link to comment
Share on other sites

ok, there's couple of bugs here that i get.

1 - dhcp gives clinet on wlan0 (karma'd or not) two dns servers, first is 172*1 as it should be, but second is opendns address(222.something). so i had to edit dhcpd conf file in /etc/something dir to edit out the free dns. otherwise client still can/may reach freedns address and resolve the proper ip, bypassing the dnsspoof.

2 - for the love of all good things, i cannot get main traffic sslstriped with just some sites redirected to 'captive' pages on the pineapple. it either does only spoof but not passes all other traffic, or sslstrip works but spoofed sites are not being redirected to, OR pineapple reboots 1min into the experiment (ext usb powered hub, 12v into pine). i think we need some iptables magic from gurus.

Link to comment
Share on other sites

ok, there's couple of bugs here that i get.

1 - dhcp gives clinet on wlan0 (karma'd or not) two dns servers, first is 172*1 as it should be, but second is opendns address(222.something). so i had to edit dhcpd conf file in /etc/something dir to edit out the free dns. otherwise client still can/may reach freedns address and resolve the proper ip, bypassing the dnsspoof.

2 - for the love of all good things, i cannot get main traffic sslstriped with just some sites redirected to 'captive' pages on the pineapple. it either does only spoof but not passes all other traffic, or sslstrip works but spoofed sites are not being redirected to, OR pineapple reboots 1min into the experiment (ext usb powered hub, 12v into pine). i think we need some iptables magic from gurus.

https://github.com/WiFiPineapple/web-interface/wiki/mk4sslsripguide

here's the guide i found for SSLStrip.. but still, i can't install it from the infusion.

and also, i'm a total n00b when it comes to editing scripts. do you mind being more clear on what to edit?

Link to comment
Share on other sites

so, i managed to fix the SSL strip problem by installing it manually. that's a releif... but still not sure how to fix the DNSspoof

and, new problem.. its running out of room. and i've deleted several infusions (sslstrip and everything is on the usb..) but the main pineapple is running out of room still.. where are some places i can check for stuff to delete?

sslstrip is running wonderfully though :3

Edited by Nekrose483
Link to comment
Share on other sites

@Nekrose483


-Update to 3.0 if you are not allready (there are some "issues" reported about the last version of the pineapples firmware but i am sure they will be fixed)

-Run the latest Pineppple's Bar update

-Make sure your USB drive is formated like the one in this tutorial: https://forums.hak5.org/index.php?/topic/25882-how-to-enable-usb-mass-storage-with-swap-partition/ (in order to run sslstrip you need both, storage and swap)

-Sslstrip infusion should be good to go

Link to comment
Share on other sites

@Nekrose483

-Update to 3.0 if you are not allready (there are some "issues" reported about the last version of the pineapples firmware but i am sure they will be fixed)

-Run the latest Pineppple's Bar update

-Make sure your USB drive is formated like the one in this tutorial: https://forums.hak5.org/index.php?/topic/25882-how-to-enable-usb-mass-storage-with-swap-partition/ (in order to run sslstrip you need both, storage and swap)

-Sslstrip infusion should be good to go

ok.. so.. it's already on 3.0.0 and the pineapple bar is already updated.

i'll reformat my drive with swap though

For DNS spoof try using:

172.16.42.1 *facebook.com*/*

Make sure 172.16.42.1 is your dns server on your lease.

alright. i'll try that.. but idk what you mean by lease.. do i edit the dchp config?

Link to comment
Share on other sites

you know that dnsspoof is for HTTP only and not for HTTPS, right?

i didn't know that. but i'm less worried about getting the DNS spoofing to work now that i have SSLstrip working nicely. though, it exits itself sometimes and the infusion doesn't work.. but other than that, it works pretty well. maybe the infusion just needs swap. so i'm going to fix that now... but now, tbh, with sslstrip and tcpdump, the only thing i'd use dnsspoof for is rickrolling everyone.. heh just have to read the tutorial about deauth attacks so i can make everyone join my pineapple :3

Link to comment
Share on other sites

Nekrose483 (eisai mipos ellinas?)

can you describe the configuration of your system and how you use the sslstrip ?( u use karma and sslstrip? or just sslstrip? etc ... ) i install the sslstrip but not working ( i use a linux to ethering internet and the "victim" my android connect to pm4 via wlan0 ... the sslstrip not retrieve username and password just piece's of code html ... )

thnx

Link to comment
Share on other sites

Nekrose483 (eisai mipos ellinas?)

can you describe the configuration of your system and how you use the sslstrip ?( u use karma and sslstrip? or just sslstrip? etc ... ) i install the sslstrip but not working ( i use a linux to ethering internet and the "victim" my android connect to pm4 via wlan0 ... the sslstrip not retrieve username and password just piece's of code html ... )

thnx

ellada exeis mnm!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...