PatriceKing Posted February 4, 2014 Share Posted February 4, 2014 Hello everybody, I installed DNSSpoof infusion from the Bar, but I'm seeing there's no support (yet?) for it in the forums. I've tried porting some stuff from what I've used on the Mark IV, but no good results... I can't get no credentials captured. I'm not really good with PHP, and now everything has changed, the locations of the files and such. Been reading everything on the forums, and haven't found it... there are some guides on the net, but everything is for the Mark IV. Probably if I start diggin' deep I'll manage to get it working. But right now it's not possible, If someone has it working smoothly (thesugarat maybe?), and is willing to shoot me a PM, that'll be great. (*) (*) Not that I want an easy way out, right now I just could use the device for a greater plan, and as grandiloquent as it may sound, it could be my small contribution to make a better world (I know how it sounds, I know...) ... I'm not really THAT bad with this stuff, but my programming days go back to the 90s, ASM, C, virii on good old DOS, ... but right now I'm in other field. Anyways... I've been a great supporter of this Project since Mark III, and also bought a lot from the hak shop... but this project always seems to be on a beta stage... and the main vulnerabilities out there are being patched as we surf the forums, like HSTS, and the browsers are getting smarter... It's a great device, but it's too buggy still, nothing really work out of the box... maybe if you are professional pentester, or you can code scripts on the fly, it's good as it is... let alone I've had a defective battery juice now, and with my Mark IV (got those first dibs!) when I've got the juice pack later on, from all the different AC removable adaptors no one was the right fit for the pineapple... oh well... and, no, I'm not in the US... return the unit is not an option. ok, going to bed,... help over here! </rant> Quote Link to comment Share on other sites More sharing options...
thesugarat Posted February 4, 2014 Share Posted February 4, 2014 (edited) DAMNIT PATRICE!!! Sorry, been wanting to do that since I saw your nick. Hope you're a How I Met Your Mother fan so that it's actually funny.... It's been a while since I poked around in DNSspoof. I'll take a look and see if it's still working for me. I am by no means an expert... You're saying there is an Infusion from the pineapple bar for DNSspoof now? I'm more familiar with what is "baked" in to the pineapple. I really do need to look into it if there is a new infusion. :) Edited February 4, 2014 by thesugarat Quote Link to comment Share on other sites More sharing options...
Aprex Posted April 8, 2014 Share Posted April 8, 2014 DNSSpoof does not redirect when https is infront of the URL. A lot of browsers put this infront of the URL automaticly. Also, some websites I can just visit and other redirect to the right page? I have 172.16.42.1 * set correctly yet my victims still manage to browse some web pages? On my iPhone the pictures won't load.. It still has a lot of bugs, can ANYONE give me a status update about this? Quote Link to comment Share on other sites More sharing options...
thesugarat Posted April 9, 2014 Share Posted April 9, 2014 dnsspoof does not work on https sites. Sometimes sites are cached so that causes problems... it's not perfect but it does work. So I'm not sure what kind of update you're expecting. Quote Link to comment Share on other sites More sharing options...
Aprex Posted April 9, 2014 Share Posted April 9, 2014 dnsspoof does not work on https sites. Sometimes sites are cached so that causes problems... it's not perfect but it does work. So I'm not sure what kind of update you're expecting. An update to support https. I mean, it doesn't actually have to do anything with https itself, it just doesn't redirect when a browser puts https infront of it. Isn't this just a simple line of code to also redirect a website that has https infront of it? Also, like I said, an update where actually ALL websites get redirected to my pineapple, just half. Or 75%. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted April 11, 2014 Share Posted April 11, 2014 An update to support https. I mean, it doesn't actually have to do anything with https itself, it just doesn't redirect when a browser puts https infront of it. Isn't this just a simple line of code to also redirect a website that has https infront of it? Also, like I said, an update where actually ALL websites get redirected to my pineapple, just half. Or 75%. No. The whole point of https is to secure the site. If browsers just ignored that the site's ssl cert isn't getting passed there'd be no point of secure sites to begin with. Quote Link to comment Share on other sites More sharing options...
Aprex Posted April 11, 2014 Share Posted April 11, 2014 No. The whole point of https is to secure the site. If browsers just ignored that the site's ssl cert isn't getting passed there'd be no point of secure sites to begin with. A sites SSL certificate? My hotspot doesn't even have internet access. I just have phishing pages for most popular websites. It has nothing to do with accessing the actual website. It just needs to redirect to my phishing page if it says https infront of it. It has nothing to do with https at all.. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted April 13, 2014 Share Posted April 13, 2014 A sites SSL certificate? My hotspot doesn't even have internet access. I just have phishing pages for most popular websites. It has nothing to do with accessing the actual website. It just needs to redirect to my phishing page if it says https infront of it. It has nothing to do with https at all.. But it does. Your browser sees you're trying to go to a secure site, so it checks the site to see if it has a certificate. If it doesn't get a proper response it won't display the page. Quote Link to comment Share on other sites More sharing options...
Jerfguy2 Posted April 23, 2014 Share Posted April 23, 2014 (edited) Soo... You know how public APs make you 'log into' a network via a webpage before allowing you access to the internet? How is THAT done? Could you replace that (login) page with, say, some quick links to our "guests" favorite website (our spoofs)? Edited April 23, 2014 by Jerfguy2 Quote Link to comment Share on other sites More sharing options...
thesugarat Posted April 24, 2014 Share Posted April 24, 2014 NoDogSplash and phishing pages with DNSspoof can absolutely do this. Quote Link to comment Share on other sites More sharing options...
Jerfguy2 Posted April 24, 2014 Share Posted April 24, 2014 https://forums.hak5.org/index.php?/topic/31915-nodogsplash-redirecturl-command/?fromsearch=1 Like this but instead of a web URL it can be directed to a page that has links to our favorite spoofed pages hosted on the pineapple in the form of file paths? Quote Link to comment Share on other sites More sharing options...
NullNull Posted April 26, 2014 Share Posted April 26, 2014 https://forums.hak5.org/index.php?/topic/31915-nodogsplash-redirecturl-command/?fromsearch=1 Like this but instead of a web URL it can be directed to a page that has links to our favorite spoofed pages hosted on the pineapple in the form of file paths? No. This url is used to redirect the client to the "real internet" when has successfully loged in to the captive portal. You need to setup your phishing page at /etc/nodogsplash/splash.html 1) Do a google search on how captive portals and nodogsplash work 2) Use newbi3 infusion called Evil Portal. FIY: I guess you are using php for logging credentials. nodogsplash does not support php. again newbi3 channel on youtube an some of his topics here will help you "overcome" it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.