JesseIZ Posted December 14, 2013 Author Share Posted December 14, 2013 Ok, I was not able to get the script working, but I was able to download the zip file from the new website, and Win SCP it to the pineapple, and get it unzipped using what I learned from the install script. Here is my terminal. ######################################################################################################################### ## _______ _______ __________________ _______ _ _________ _______ _______ _______ _______ ## ##( ____ \( ____ )|\ /|\__ __/\__ __/|\ /|( ____ \( ( /|\__ __/( ____ \( ____ \( ____ \( ____ )## ##| ( \/| ( )|| ) ( | ) ( ) ( ( \ / )| ( \/| \ ( | ) ( | ( \/| ( \/| ( \/| ( )|## ##| (__ | (____)|| | | | | | | | \ (_) / | (_____ | \ | | | | | (__ | (__ | (__ | (____)|## ##| __) | __)| | | | | | | | \ / (_____ )| (\ \) | | | | __) | __) | __) | __)## ##| ( | (\ ( | | | | | | | | ) ( ) || | \ | | | | ( | ( | ( | (\ ( ## ##| ) | ) \ \__| (___) |___) (___ | | | | /\____) || ) \ |___) (___| ) | ) | (____/\| ) \ \__## ##|/ |/ \__/(_______)\_______/ )_( \_/ \_______)|/ )_)\_______/|/ |/ (_______/|/ \__/## ######################################################################################################################### Version : Alpha v1.0 Select from the following functions Hit ctrl + c at any time to quit and clean up 0 Clean up manually 1 Sniff Mails ,Messages,and URl's and files 2 DNS Spoof, Capture All Packets 3 Sniffing with Ettercap 4 Install Dependencies 5 Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 6 Exit choice : Oh ok i am going to continue trying to fix the installer.sh script and let me know what you think of FruitySniffer ! - Jesse Quote Link to comment Share on other sites More sharing options...
overwraith Posted December 14, 2013 Share Posted December 14, 2013 Oh ok i am going to continue trying to fix the installer.sh script and let me know what you think of FruitySniffer ! - Jesse Will do, thanks for helping. Quote Link to comment Share on other sites More sharing options...
overwraith Posted December 15, 2013 Share Posted December 15, 2013 Do you know where it saves the files when I tell it to sniff for them? Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted December 15, 2013 Author Share Posted December 15, 2013 Do you know where it saves the files when I tell it to sniff for them? filesnarf saves files sniffed from NFS traffic in the current working directory. - Jesse Quote Link to comment Share on other sites More sharing options...
mw3demo Posted December 17, 2013 Share Posted December 17, 2013 (edited) Hey Jessel! Just tried to do the install and encountered the same problem as overwraith. Tried to install on the SD, but something is up with the .zip Going to try your second method Configuring unzip. Install on USB or on SD? SD Archive: FruitySniffer.zip End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive. unzip: cannot find zipfile directory in one of FruitySniffer.zip or FruitySniffer.zip.zip, and cannot find FruitySniffer.zip.ZIP, period. ./Installer.sh: line 28: cd: /sd/FruitySniffer/: No such file or directory chmod: FruitySniffer.sh: No such file or directory open with : ./FruitySniffer.sh Done root@Pineapple:/sd# ls FruitySniffer.zip infusions tmp var Installer.sh lost+found usr root@Pineapple:/sd# unzip FruitySniffer.zip Archive: FruitySniffer.zip End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive. unzip: cannot find zipfile directory in one of FruitySniffer.zip or FruitySniffer.zip.zip, and cannot find FruitySniffer.zip.ZIP, period. root@Pineapple:/sd# Edited December 17, 2013 by mw3demo Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted December 17, 2013 Author Share Posted December 17, 2013 Hey Jessel! Just tried to do the install and encountered the same problem as overwraith. Tried to install on the SD, but something is up with the .zip Going to try your second method Configuring unzip. Install on USB or on SD? SD Archive: FruitySniffer.zip End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive. unzip: cannot find zipfile directory in one of FruitySniffer.zip or FruitySniffer.zip.zip, and cannot find FruitySniffer.zip.ZIP, period. ./Installer.sh: line 28: cd: /sd/FruitySniffer/: No such file or directory chmod: FruitySniffer.sh: No such file or directory open with : ./FruitySniffer.sh Done root@Pineapple:/sd# ls FruitySniffer.zip infusions tmp var Installer.sh lost+found usr root@Pineapple:/sd# unzip FruitySniffer.zip Archive: FruitySniffer.zip End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive. unzip: cannot find zipfile directory in one of FruitySniffer.zip or FruitySniffer.zip.zip, and cannot find FruitySniffer.zip.ZIP, period. root@Pineapple:/sd# Hey ! Yeah the problem is that when i upload it and download it with wget it gets corrupted and i don't know why . But let me know if the second method works ;) (that should work) - Jesse Quote Link to comment Share on other sites More sharing options...
masler77 Posted December 17, 2013 Share Posted December 17, 2013 the second method works for me!! Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted December 17, 2013 Author Share Posted December 17, 2013 the second method works for me!! Thanks for letting me know ;) I hope you enjoy the alpha version of FruitySniffer. If you have any suggestion what you would like to have added to the script please let me know. Enjoy - Jesse Quote Link to comment Share on other sites More sharing options...
mw3demo Posted December 17, 2013 Share Posted December 17, 2013 Second method works. I might have an idea why the first way doesn't work. The filehost intentionally corrupts the zip to stop wget downloads? Dependency check has a bug: Version : Alpha v1.0 Select from the following functions Hit ctrl + c at any time to quit and clean up 0 Clean up manually 1 Sniff Mails ,Messages,and URl's and files 2 DNS Spoof, Capture All Packets 3 Sniffing with Ettercap 4 Install Dependencies 5 Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 6 Exit choice : 4 Installing Dependencies ./FruitySniffer.sh: line 388: sudo: command not found ./FruitySniffer.sh: line 389: sudo: command not found ./FruitySniffer.sh: line 390: sudo: command not found ./FruitySniffer.sh: line 391: sudo: command not found ./FruitySniffer.sh: line 392: sudo: command not found Done! Press RETURN for menu Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted December 17, 2013 Author Share Posted December 17, 2013 Second method works. I might have an idea why the first way doesn't work. The filehost intentionally corrupts the zip to stop wget downloads? Dependency check has a bug: Version : Alpha v1.0 Select from the following functions Hit ctrl + c at any time to quit and clean up 0 Clean up manually 1 Sniff Mails ,Messages,and URl's and files 2 DNS Spoof, Capture All Packets 3 Sniffing with Ettercap 4 Install Dependencies 5 Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 6 Exit choice : 4 Installing Dependencies ./FruitySniffer.sh: line 388: sudo: command not found ./FruitySniffer.sh: line 389: sudo: command not found ./FruitySniffer.sh: line 390: sudo: command not found ./FruitySniffer.sh: line 391: sudo: command not found ./FruitySniffer.sh: line 392: sudo: command not found Done! Press RETURN for menu Fixing the bug right now! And thanks for the info ;) - Jesse Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted December 17, 2013 Author Share Posted December 17, 2013 Second method works. I might have an idea why the first way doesn't work. The filehost intentionally corrupts the zip to stop wget downloads? Dependency check has a bug: Version : Alpha v1.0 Select from the following functions Hit ctrl + c at any time to quit and clean up 0 Clean up manually 1 Sniff Mails ,Messages,and URl's and files 2 DNS Spoof, Capture All Packets 3 Sniffing with Ettercap 4 Install Dependencies 5 Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 6 Exit choice : 4 Installing Dependencies ./FruitySniffer.sh: line 388: sudo: command not found ./FruitySniffer.sh: line 389: sudo: command not found ./FruitySniffer.sh: line 390: sudo: command not found ./FruitySniffer.sh: line 391: sudo: command not found ./FruitySniffer.sh: line 392: sudo: command not found Done! Press RETURN for menu Fixed the bug ! You can download it right now ;) - Jesse Quote Link to comment Share on other sites More sharing options...
mw3demo Posted December 18, 2013 Share Posted December 18, 2013 Hey Jesse! Really appreciate your work! Just got home, I'll bug test this for the next couple hours/day on my network, and report back. One thing I rememeber on the way out (quickly tried the dependencies check), is sslstrip has a tendency to stay on even after CTRL + C/(0)"Clean up Manually". I had to stop SSLStrip manually via the pineapple web interface, and then rerun the script to stop errors. I'll look into it deeper, commited to bug testing this all the way through. Curiously (I am going to start with a fresh install to be sure.), when I "ls" inside /sd/ the Fruity folder is nowhere to be seen, but it is there if I use the "Go to folder" function. I have no idea if this is because of my setup or the folder gets hidden somehow? I'm going to throughly go over it over tonight. Keep it up! Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted December 18, 2013 Author Share Posted December 18, 2013 Hey Jesse! Really appreciate your work! Just got home, I'll bug test this for the next couple hours/day on my network, and report back. One thing I rememeber on the way out (quickly tried the dependencies check), is sslstrip has a tendency to stay on even after CTRL + C/(0)"Clean up Manually". I had to stop SSLStrip manually via the pineapple web interface, and then rerun the script to stop errors. I'll look into it deeper, commited to bug testing this all the way through. Curiously (I am going to start with a fresh install to be sure.), when I "ls" inside /sd/ the Fruity folder is nowhere to be seen, but it is there if I use the "Go to folder" function. I have no idea if this is because of my setup or the folder gets hidden somehow? I'm going to throughly go over it over tonight. Keep it up! Hey , No problem , many awesome things to come ;) Please let me know when you bugtested it . Enjoy - Jesse Quote Link to comment Share on other sites More sharing options...
mw3demo Posted December 20, 2013 Share Posted December 20, 2013 Hey Jesse, Still going to work on this, but last minute Christmas preps are taking full swing! Left the shopping late like millions of others, might take a few days for some feedback. :) Quote Link to comment Share on other sites More sharing options...
phibertap Posted December 21, 2013 Share Posted December 21, 2013 Hi Jesse, thanks for doing this. I wonder if you have plans to convert this into an Infusion. Most of the code you have is straight forward and having the system within the web interface goes along with the debs idea to keep things as simple as possible. I have mucked around with developing my own infusions with not bad luck. Open source is nice since we can look at how other (much better) debs do things within the interface. Anyway, keep it up, thanks for contributing. PT Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted December 21, 2013 Author Share Posted December 21, 2013 Hi Jesse, thanks for doing this. I wonder if you have plans to convert this into an Infusion. Most of the code you have is straight forward and having the system within the web interface goes along with the debs idea to keep things as simple as possible. I have mucked around with developing my own infusions with not bad luck. Open source is nice since we can look at how other (much better) debs do things within the interface. Anyway, keep it up, thanks for contributing. PT Hey, This script wont work as an infusion because it requires user interaction so i would have to make alot of scripts for each function which is possible but not easy to do and i am not good in writing php but maybe i can make it into an infusion ;) - Jesse Quote Link to comment Share on other sites More sharing options...
mw3demo Posted December 22, 2013 Share Posted December 22, 2013 Hey Jesse, Burning the midnight oil after a hectic day of shopping! Just retried the depencies check, works fine apart from mdk3: Version : Alpha v1.0 Select from the following functions Hit ctrl + c at any time to quit and clean up 0 Clean up manually 1 Sniff Mails ,Messages,and URl's and files 2 DNS Spoof, Capture All Packets 3 Sniffing with Ettercap 4 Install Dependencies 5 Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 6 Exit choice : 4 Installing Dependencies Package ettercap (NG-0.7.3-3) installed in root is up to date. Package dsniff (2.4b1-2) installed in root is up to date. Unknown package 'mdk3'. Collected errors: * opkg_install_cmd: Cannot install package mdk3. Package sslstrip (0.9-1) installed in root is up to date. Package tcpdump (4.2.1-3) installed in root is up to date. Done! Press RETURN for menu I checked out opkg list and opkg list_installed and there is no mention of mdk3. Which I know has to be wrong. I therefore did and opkg update: root@Pineapple:/sd/FruitySniffer# opkg update Downloading http://cloud.wifipineapple.com/mk5/packages/Packages.gz. Updated list of available packages in /var/opkg-lists/pineapple_packages. root@Pineapple:/sd/FruitySniffer# opkg list ---Snip--- mdadm - 3.2.5-1 - A tool for managing Linux Software RAID arrays. mdk3 - v6-1 - Tool to exploit wireless vulnerabilities mdns-utils - 214.3.2-4 - Bonjour, also known as zero-configuration networking, enables automatic discovery of computers, devices, and services on IP networks. ---Snip--- Tried the check depencies again: Installing Dependencies Package ettercap (NG-0.7.3-3) installed in root is up to date. Package dsniff (2.4b1-2) installed in root is up to date. Installing mdk3 (v6-1) to root... Downloading http://cloud.wifipineapple.com/mk5/packages/mdk3_v6-1_ar71xx.ipk. Configuring mdk3. Package sslstrip (0.9-1) installed in root is up to date. Package tcpdump (4.2.1-3) installed in root is up to date. Done! Press RETURN for menu An "opkg update" before the opkg install in FruitySniffer.sh should solve the problem. Quote Link to comment Share on other sites More sharing options...
mw3demo Posted December 22, 2013 Share Posted December 22, 2013 Found a bug with arpspoofing, I think. I went ahead with the first option: Sniff Mails ,Messages,and URl's and files Who do you want to arpspoof eg : 192.168.0.18 10.0.1.1 Where do your want to save the output? Default = /sd/FruitySniffer/logs/logs.txt arpspoof: invalid option -- r Version: 2.4 Usage: arpspoof [-i interface] [-t target] host ^C There is no -r option in arpspoof according to the man. In this case, I'm trying to arp the whole network, so I chose my router ip (Right thing to do?) arpspoof -i br-lan 10.0.1.1 I opened up vim and saw at line 101: arpspoof -i $Interface -r $gateway -t $target & I changed that to: arpspoof -i $Interface $target & Which gets things going but it just continues to arp and doesn't continue with the rest of the script: Nmap done: 256 IP addresses (9 hosts up) scanned in 9.56 seconds Who do you want to arpspoof eg : 192.168.0.18 10.0.1.1 Where do your want to save the output? Default = /sd/FruitySniffer/logs/logs.txt 0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx 0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx 0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx I hit enter to see if that would do anything for the hell of it: Write failed: Broken pipe root:~ root$ Disconnected. Might be worth checking out yamas/easy-creds and compare, my dog tired mind can't figure it out/is doing something wrong. As a request: An option to target an individual target via -t and the whole network would be nice via arpspoof. I also tried running it without arpspoof, and connected via a Karma SSID. I checked a mail via my iPhone, and sent one, browsed two sites and quit the script. I checked the logs, urlsnarf works fine, but nothing from mailsnarf. I apologise for this chaotic post, it's 4am here and it's been a hectic day, my brains burnt and so are my eyes! Will pick up on this tomorrow evening. I also quickly tried via ettercap. The wget via mediafire is a bad idea, it pulls the config file as the hmtl page for the download page, rather than the actual file. I don't think they support wget in the manner tried here. Here is my 1iQbYYX file in /etc/ It appears you are using an older browser. For a better experience when using MediaFire, we recommend you upgrade your browser. Help Questions? Submit a ticket or visit our Help Center. Additional help links: Contact Us Help with Web Help with Mobile Help with Desktop Call us at 1-877-688-0068 to speak to a live representative. YOUR SUPPORT CODE: CLOSE MediaFire Overview Share Connect Backup Trusted More etc Time to sleep! :) Quote Link to comment Share on other sites More sharing options...
phibertap Posted December 22, 2013 Share Posted December 22, 2013 Hey, This script wont work as an infusion because it requires user interaction so i would have to make alot of scripts for each function which is possible but not easy to do and i am not good in writing php but maybe i can make it into an infusion ;) - Jesse If you were to put this into an infusion, you would have the options etc at the top of each section then have a link to execute the script based upon those options. Also you should have the output of the script located within the infusion. That said, your script, your choice. Have fun with it, that's the main thing. Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted December 22, 2013 Author Share Posted December 22, 2013 Found a bug with arpspoofing, I think. I went ahead with the first option: Sniff Mails ,Messages,and URl's and files Who do you want to arpspoof eg : 192.168.0.18 10.0.1.1 Where do your want to save the output? Default = /sd/FruitySniffer/logs/logs.txt arpspoof: invalid option -- r Version: 2.4 Usage: arpspoof [-i interface] [-t target] host ^C There is no -r option in arpspoof according to the man. In this case, I'm trying to arp the whole network, so I chose my router ip (Right thing to do?) arpspoof -i br-lan 10.0.1.1 I opened up vim and saw at line 101: arpspoof -i $Interface -r $gateway -t $target & I changed that to: arpspoof -i $Interface $target & Which gets things going but it just continues to arp and doesn't continue with the rest of the script: Nmap done: 256 IP addresses (9 hosts up) scanned in 9.56 seconds Who do you want to arpspoof eg : 192.168.0.18 10.0.1.1 Where do your want to save the output? Default = /sd/FruitySniffer/logs/logs.txt 0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx 0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx 0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx I hit enter to see if that would do anything for the hell of it: Write failed: Broken pipe root:~ root$ Disconnected. Might be worth checking out yamas/easy-creds and compare, my dog tired mind can't figure it out/is doing something wrong. As a request: An option to target an individual target via -t and the whole network would be nice via arpspoof. I also tried running it without arpspoof, and connected via a Karma SSID. I checked a mail via my iPhone, and sent one, browsed two sites and quit the script. I checked the logs, urlsnarf works fine, but nothing from mailsnarf. I apologise for this chaotic post, it's 4am here and it's been a hectic day, my brains burnt and so are my eyes! Will pick up on this tomorrow evening. I also quickly tried via ettercap. The wget via mediafire is a bad idea, it pulls the config file as the hmtl page for the download page, rather than the actual file. I don't think they support wget in the manner tried here. Here is my 1iQbYYX file in /etc/ It appears you are using an older browser. For a better experience when using MediaFire, we recommend you upgrade your browser. Help Questions? Submit a ticket or visit our Help Center. Additional help links: Contact Us Help with Web Help with Mobile Help with Desktop Call us at 1-877-688-0068 to speak to a live representative. YOUR SUPPORT CODE: CLOSE MediaFire Overview Share Connect Backup Trusted More etc Time to sleep! :) Hi! Thanks for testing it ! I am trying to fix it all . i dont get arpspoof to run in the background so you need to open 2 ssh session for it to work right now srry ;( - Jesse Quote Link to comment Share on other sites More sharing options...
mw3demo Posted December 24, 2013 Share Posted December 24, 2013 Hey Jesse, Quick question, should the etter.conf be: [privs] ec_uid = 0 # nobody is the default ec_gid = 0 # nobody is the default iso [privs] ec_uid = 65534 # nobody is the default ec_gid = 65534 # nobody is the default To run as root? If anyone can tell me when it should and shouldn't be dropped to 0 that would be great! I have just been making it zero in everycase out of habit. Quote Link to comment Share on other sites More sharing options...
mw3demo Posted January 11, 2014 Share Posted January 11, 2014 Hey Jesse, Hope you enjoyed the holidays, and Happy New Year! Any update in the works? Quote Link to comment Share on other sites More sharing options...
JesseIZ Posted January 11, 2014 Author Share Posted January 11, 2014 Hey Jesse, Hope you enjoyed the holidays, and Happy New Year! Any update in the works? Hey , Hope you enjoyed your holidays too ;) I am working on a update but i dont have alot of ideas to put in the update like extra features or something . But i did post an announcement of Fruity Cracker on the forum . - Jesse Quote Link to comment Share on other sites More sharing options...
mw3demo Posted January 11, 2014 Share Posted January 11, 2014 I think it should be a feature freeze, and now focus on bug fixing! For example the arp bug, where the $gateway option is invalid. :) I've got some spare time over this weekend to take another look. Fruity Cracker sounds good! Quote Link to comment Share on other sites More sharing options...
bay7787 Posted January 13, 2014 Share Posted January 13, 2014 I get this every time that I try to install with your steps. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.