Jump to content

[Support] dnsspoof


PatriceKing
 Share

Recommended Posts

Hello everybody,

I installed DNSSpoof infusion from the Bar, but I'm seeing there's no support (yet?) for it in the forums. I've tried porting some stuff from what I've used on the Mark IV, but no good results...

I can't get no credentials captured. I'm not really good with PHP, and now everything has changed, the locations of the files and such. Been reading everything on the forums, and haven't found it... there are some guides on the net, but everything is for the Mark IV.

Probably if I start diggin' deep I'll manage to get it working. But right now it's not possible,

If someone has it working smoothly (thesugarat maybe?), and is willing to shoot me a PM, that'll be great. (*)

(*) Not that I want an easy way out, right now I just could use the device for a greater plan, and as grandiloquent as it may sound, it could be my small contribution to make a better world (I know how it sounds, I know...) ... I'm not really THAT bad with this stuff, but my programming days go back to the 90s, ASM, C, virii on good old DOS, ... but right now I'm in other field. Anyways... I've been a great supporter of this Project since Mark III, and also bought a lot from the hak shop... but this project always seems to be on a beta stage... and the main vulnerabilities out there are being patched as we surf the forums, like HSTS, and the browsers are getting smarter...

It's a great device, but it's too buggy still, nothing really work out of the box... maybe if you are professional pentester, or you can code scripts on the fly, it's good as it is... let alone I've had a defective battery juice now, and with my Mark IV (got those first dibs!) when I've got the juice pack later on, from all the different AC removable adaptors no one was the right fit for the pineapple... oh well... and, no, I'm not in the US... return the unit is not an option.

ok, going to bed,... help over here! </rant>

Link to comment
Share on other sites

DAMNIT PATRICE!!!

Sorry, been wanting to do that since I saw your nick. Hope you're a How I Met Your Mother fan so that it's actually funny....

It's been a while since I poked around in DNSspoof. I'll take a look and see if it's still working for me. I am by no means an expert...

You're saying there is an Infusion from the pineapple bar for DNSspoof now? I'm more familiar with what is "baked" in to the pineapple. I really do need to look into it if there is a new infusion. :)

Edited by thesugarat
Link to comment
Share on other sites

  • 2 months later...

DNSSpoof does not redirect when https is infront of the URL. A lot of browsers put this infront of the URL automaticly. Also, some websites I can just visit and other redirect to the right page? I have 172.16.42.1 * set correctly yet my victims still manage to browse some web pages? On my iPhone the pictures won't load..

It still has a lot of bugs, can ANYONE give me a status update about this?

Link to comment
Share on other sites

dnsspoof does not work on https sites. Sometimes sites are cached so that causes problems... it's not perfect but it does work. So I'm not sure what kind of update you're expecting.

Link to comment
Share on other sites

dnsspoof does not work on https sites. Sometimes sites are cached so that causes problems... it's not perfect but it does work. So I'm not sure what kind of update you're expecting.

An update to support https. I mean, it doesn't actually have to do anything with https itself, it just doesn't redirect when a browser puts https infront of it. Isn't this just a simple line of code to also redirect a website that has https infront of it?

Also, like I said, an update where actually ALL websites get redirected to my pineapple, just half. Or 75%.

Link to comment
Share on other sites

An update to support https. I mean, it doesn't actually have to do anything with https itself, it just doesn't redirect when a browser puts https infront of it. Isn't this just a simple line of code to also redirect a website that has https infront of it?

Also, like I said, an update where actually ALL websites get redirected to my pineapple, just half. Or 75%.

No. The whole point of https is to secure the site. If browsers just ignored that the site's ssl cert isn't getting passed there'd be no point of secure sites to begin with.

Link to comment
Share on other sites

No. The whole point of https is to secure the site. If browsers just ignored that the site's ssl cert isn't getting passed there'd be no point of secure sites to begin with.

A sites SSL certificate? My hotspot doesn't even have internet access. I just have phishing pages for most popular websites. It has nothing to do with accessing the actual website. It just needs to redirect to my phishing page if it says https infront of it. It has nothing to do with https at all..

Link to comment
Share on other sites

A sites SSL certificate? My hotspot doesn't even have internet access. I just have phishing pages for most popular websites. It has nothing to do with accessing the actual website. It just needs to redirect to my phishing page if it says https infront of it. It has nothing to do with https at all..

But it does. Your browser sees you're trying to go to a secure site, so it checks the site to see if it has a certificate. If it doesn't get a proper response it won't display the page.

Link to comment
Share on other sites

  • 2 weeks later...

Soo... You know how public APs make you 'log into' a network via a webpage before allowing you access to the internet? How is THAT done?

Could you replace that (login) page with, say, some quick links to our "guests" favorite website (our spoofs)?

Edited by Jerfguy2
Link to comment
Share on other sites

https://forums.hak5.org/index.php?/topic/31915-nodogsplash-redirecturl-command/?fromsearch=1

Like this but instead of a web URL it can be directed to a page that has links to our favorite spoofed pages hosted on the pineapple in the form of file paths?

No. This url is used to redirect the client to the "real internet" when has successfully loged in to the captive portal. You need to setup your phishing page at /etc/nodogsplash/splash.html

1) Do a google search on how captive portals and nodogsplash work

2) Use newbi3 infusion called Evil Portal.

FIY: I guess you are using php for logging credentials. nodogsplash does not support php. again newbi3 channel on youtube an some of his topics here will help you "overcome" it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...