echosrcool Posted September 24, 2013 Share Posted September 24, 2013 hello. i have two problems.. one, i downloaded the infusions like nmap and sslstrip.. but they aren't installing. i formatted a USB drive to ext4 and it reads the drive.. but it wont install anything from the infusions. two, DNSspoof doesn't seem to work this is my spoof config 172.16.42.1 facebook.com/* 172.16.42.1 facebook.com 172.16.42.1 m.facebook.com 172.16.42.1:1471 pineapplesareyummy.com yes, its on and working when i type in 172.16.42.1 * but it doesn't seem to work otherwise. when i type in facebook.com it DOES NOT go to my spoof site. it goes to the actual facebook.com.. so i added other variations of it as you see now, and they don't work either. Quote Link to comment Share on other sites More sharing options...
crepsidro Posted September 24, 2013 Share Posted September 24, 2013 ok, there's couple of bugs here that i get. 1 - dhcp gives clinet on wlan0 (karma'd or not) two dns servers, first is 172*1 as it should be, but second is opendns address(222.something). so i had to edit dhcpd conf file in /etc/something dir to edit out the free dns. otherwise client still can/may reach freedns address and resolve the proper ip, bypassing the dnsspoof. 2 - for the love of all good things, i cannot get main traffic sslstriped with just some sites redirected to 'captive' pages on the pineapple. it either does only spoof but not passes all other traffic, or sslstrip works but spoofed sites are not being redirected to, OR pineapple reboots 1min into the experiment (ext usb powered hub, 12v into pine). i think we need some iptables magic from gurus. Quote Link to comment Share on other sites More sharing options...
echosrcool Posted September 24, 2013 Author Share Posted September 24, 2013 ok, there's couple of bugs here that i get. 1 - dhcp gives clinet on wlan0 (karma'd or not) two dns servers, first is 172*1 as it should be, but second is opendns address(222.something). so i had to edit dhcpd conf file in /etc/something dir to edit out the free dns. otherwise client still can/may reach freedns address and resolve the proper ip, bypassing the dnsspoof. 2 - for the love of all good things, i cannot get main traffic sslstriped with just some sites redirected to 'captive' pages on the pineapple. it either does only spoof but not passes all other traffic, or sslstrip works but spoofed sites are not being redirected to, OR pineapple reboots 1min into the experiment (ext usb powered hub, 12v into pine). i think we need some iptables magic from gurus. https://github.com/WiFiPineapple/web-interface/wiki/mk4sslsripguide here's the guide i found for SSLStrip.. but still, i can't install it from the infusion. and also, i'm a total n00b when it comes to editing scripts. do you mind being more clear on what to edit? Quote Link to comment Share on other sites More sharing options...
echosrcool Posted September 24, 2013 Author Share Posted September 24, 2013 (edited) so, i managed to fix the SSL strip problem by installing it manually. that's a releif... but still not sure how to fix the DNSspoof and, new problem.. its running out of room. and i've deleted several infusions (sslstrip and everything is on the usb..) but the main pineapple is running out of room still.. where are some places i can check for stuff to delete? sslstrip is running wonderfully though :3 Edited September 24, 2013 by Nekrose483 Quote Link to comment Share on other sites More sharing options...
NullNull Posted September 25, 2013 Share Posted September 25, 2013 @Nekrose483 -Update to 3.0 if you are not allready (there are some "issues" reported about the last version of the pineapples firmware but i am sure they will be fixed)-Run the latest Pineppple's Bar update-Make sure your USB drive is formated like the one in this tutorial: https://forums.hak5.org/index.php?/topic/25882-how-to-enable-usb-mass-storage-with-swap-partition/ (in order to run sslstrip you need both, storage and swap) -Sslstrip infusion should be good to go Quote Link to comment Share on other sites More sharing options...
digitalnull Posted September 25, 2013 Share Posted September 25, 2013 For DNS spoof try using: 172.16.42.1 *facebook.com*/* Make sure 172.16.42.1 is your dns server on your lease. Quote Link to comment Share on other sites More sharing options...
echosrcool Posted September 25, 2013 Author Share Posted September 25, 2013 @Nekrose483 -Update to 3.0 if you are not allready (there are some "issues" reported about the last version of the pineapples firmware but i am sure they will be fixed) -Run the latest Pineppple's Bar update -Make sure your USB drive is formated like the one in this tutorial: https://forums.hak5.org/index.php?/topic/25882-how-to-enable-usb-mass-storage-with-swap-partition/ (in order to run sslstrip you need both, storage and swap) -Sslstrip infusion should be good to go ok.. so.. it's already on 3.0.0 and the pineapple bar is already updated. i'll reformat my drive with swap though For DNS spoof try using: 172.16.42.1 *facebook.com*/* Make sure 172.16.42.1 is your dns server on your lease. alright. i'll try that.. but idk what you mean by lease.. do i edit the dchp config? Quote Link to comment Share on other sites More sharing options...
NullNull Posted September 25, 2013 Share Posted September 25, 2013 (edited) you know that dnsspoof is for HTTP only and not for HTTPS, right? Edited September 25, 2013 by KiatoGS Quote Link to comment Share on other sites More sharing options...
crepsidro Posted September 25, 2013 Share Posted September 25, 2013 mmm elaborate please. i thought it's for.... DNS... Quote Link to comment Share on other sites More sharing options...
echosrcool Posted September 25, 2013 Author Share Posted September 25, 2013 you know that dnsspoof is for HTTP only and not for HTTPS, right? i didn't know that. but i'm less worried about getting the DNS spoofing to work now that i have SSLstrip working nicely. though, it exits itself sometimes and the infusion doesn't work.. but other than that, it works pretty well. maybe the infusion just needs swap. so i'm going to fix that now... but now, tbh, with sslstrip and tcpdump, the only thing i'd use dnsspoof for is rickrolling everyone.. heh just have to read the tutorial about deauth attacks so i can make everyone join my pineapple :3 Quote Link to comment Share on other sites More sharing options...
J0nN1ck49 Posted September 27, 2013 Share Posted September 27, 2013 Nekrose483 (eisai mipos ellinas?) can you describe the configuration of your system and how you use the sslstrip ?( u use karma and sslstrip? or just sslstrip? etc ... ) i install the sslstrip but not working ( i use a linux to ethering internet and the "victim" my android connect to pm4 via wlan0 ... the sslstrip not retrieve username and password just piece's of code html ... ) thnx Quote Link to comment Share on other sites More sharing options...
NullNull Posted September 27, 2013 Share Posted September 27, 2013 Nekrose483 (eisai mipos ellinas?) can you describe the configuration of your system and how you use the sslstrip ?( u use karma and sslstrip? or just sslstrip? etc ... ) i install the sslstrip but not working ( i use a linux to ethering internet and the "victim" my android connect to pm4 via wlan0 ... the sslstrip not retrieve username and password just piece's of code html ... ) thnx ellada exeis mnm! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.