barry99705 Posted October 25, 2013 Share Posted October 25, 2013 (edited) Darren tweeted this the other day, thought I'd post it up here since not everyone follows him on twitter(though you really should). https://github.com/troyhunt/PineappleSurprise I got it working on my pineapple, but can't quite figure out the logging. It keeps dumping the logs into the www folder, no matter what I put in the index.php file. Troy's page on it here. http://www.troyhunt.com/2013/04/the-beginners-guide-to-breaking-website.html Got logging to work. $logFileName = "/sd/logs/myrandomname.log"; Edited October 26, 2013 by barry99705 Quote Link to comment Share on other sites More sharing options...
thesugarat Posted October 26, 2013 Share Posted October 26, 2013 You just copied and pasted the text into your index.php file. Added the actual log name and path, then routed all traffic to it in DNSspoof? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 26, 2013 Author Share Posted October 26, 2013 Yep. Quote Link to comment Share on other sites More sharing options...
aibohphobia Posted October 26, 2013 Share Posted October 26, 2013 Got logging to work.$logFileName = "/sd/logs/myrandomname.log"; Yes, the script has a small oddity, it has: $logFileName = "yournamehere.log"; and allows you to configure furthermore: $logFilePath = "/sd/logs/"; ... yet the actual write uses only the first variable: $handle = fopen($logFileName, 'a') or die("Can't open file"); So... a declaration of the full path and logname in $logFileName will work. I like the iOS7 workaround in this script to convince iOS devices to connect without popups. RickRolers, are you paying attention? // This is iOS' Wi-Fi connectivity test request: http://erratasec.blogspot.com.au/2010/09/apples-secret-wispr-request.html // iOS 7 added some new domains to the wispr request: // Seems the iOS 7 may have a heap of domains so also check for the "CaptiveNetworkSupport" header http://forum.daviddarts.com if($requestedUri == "www.apple.com/library/test/success.html" or $requestedHost == "www.appleiphonecell.com" or $requestedHost == "captive.apple.com" or $requestedHost == "www.ibook.info" or $requestedHost == "www.itools.info" or strpos($userAgent, "CaptiveNetworkSupport") !== false) { print_r("<HTML><HEAD><TITLE>Success</TITLE></HEAD><BODY>Success</BODY></HTML>"); exit(); } Rather elegant. Quote Link to comment Share on other sites More sharing options...
thesugarat Posted October 27, 2013 Share Posted October 27, 2013 barry99705 Did you also make changes to the redirect.php file. I'm having a hard time getting it to actually DNSspoof to the internal using the 172.16.42.1 * line in hosts. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 28, 2013 Author Share Posted October 28, 2013 Nope, I've been having issues with dnsspoof on the mark 5 since I got it. Was pleasantly surprised this worked. I still can't redirect to an external ip address though. SSH in and check the conf file with vi or nano. It seems that any edits from the gui add character returns to the lines. Quote Link to comment Share on other sites More sharing options...
thesugarat Posted October 29, 2013 Share Posted October 29, 2013 So I've got dnsspoofing working. First off a little hint for using the Pineapple Surprise... Whatever directory you choose at the very beginning for the logfile actuallly needs to exist already along with an empty myrandomname.log file $logFileName = "/sd/logs/myrandomname.log"; In other words for this line to work the /sd/logs/ directory needs to exist and to create the empty file I used nano myrandomname.log then cntrl o then cntrl x What lead me to this was the error I kept getting when turning on dnsspoof "can't get file"... After that it works like a charm but of course only for non https sites. I guess I was expecting the log file and directory to be created if it doesn't exist but that's just not in the code. Finally for dnsspoofing an outside IP, well that just worked. I didn't change the stock redirect.php but I added 204.79.197.200 * to the hosts file. Which of course routes every website it can to Bing.com. Also of note: Using the Configuration Tile's DNS Spoof tab to edit the Hosts or the Index.php will result in extra characters ^M after each line that make them invalid BUT the dnsspoof infusion does not add the extra bogus ^M characters. But it only edits the Hosts. So for now make sure you SSH in and change the index.php file. Or go in and clean up the one you edited via the gui. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 30, 2013 Author Share Posted October 30, 2013 It will create the log on it's own, at least mine does. Quote Link to comment Share on other sites More sharing options...
thesugarat Posted October 30, 2013 Share Posted October 30, 2013 (edited) Well maybe creating the empty file was overkill and only the folder needs to exist.... I've rechecked this evening after plugging my Mk5 back in, and dnsspoofing is still working internally and externally. Edited October 30, 2013 by thesugarat Quote Link to comment Share on other sites More sharing options...
thesugarat Posted November 3, 2013 Share Posted November 3, 2013 An interesting feature of the Mark 5 and leaving the Pineapple Surprise in place… Even if I have DNSspoofing turned off, the Pineapple Surprise page comes up when I go to the IP address assigned to the Client Mode of the Pineapple from within the client network. In fact nmap show that the ssh port is open along with 80. You can ssh into the Pineapple from the client IP which isn't exactly surprising but the port 80 thing seems a little strange. The funny thing is nmap didn't catch port 1471 but it works as well. I was also able to use the nmap infusion, connected to the pineapples AP with a 172 ip, to scan the client mode address range 192. But, I wasn't able to use nmap internally on my 192 network to scan the 172 range. Is that normal? I suspect it is and has everything to do with the pineapples routes that are setup that aren't set that way in my network but the Bacardi 151 rum in my brain is making things fuzzy tonight. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted February 7, 2014 Author Share Posted February 7, 2014 Have you looked at the proposed changes on the github page? I had them working briefly, then something changed on the latest update that killed them. Quote Link to comment Share on other sites More sharing options...
thesugarat Posted February 8, 2014 Share Posted February 8, 2014 No I haven't tried anything new. I was explaining it to someone and just posted the contents of the index.php file that I had edited. Now it appears that post was deleted? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted February 8, 2014 Author Share Posted February 8, 2014 No I haven't tried anything new. I was explaining it to someone and just posted the contents of the index.php file that I had edited. Now it appears that post was deleted? Yea, that's weird. I saw it, that's why I replied. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.