Potato Jesus Posted March 7, 2014 Share Posted March 7, 2014 So I just got my pineapple, and after a fiasco with a dead SD, I have it up and running. I'm new to using a device to audit, especially one with an interface like this, but I'm pretty good at using tools on Windows and Kali to "analyze" networks. My question is how would I go about doing the most basic of http(s) password sniffing, with the MkV? I can set up Karma and the wlans correctly, I just can't figure out which infusion(s) to use, and how to use them together? Is there a magical all in one that does everything? Any help would be appreciated! Quote Link to comment Share on other sites More sharing options...
THCMinister Posted March 7, 2014 Share Posted March 7, 2014 There is no "magic button", but things can be scripted to do almost just that. Look into SSL Strip and fake login pages. Although posting fake login pages on these forums are against the rules. Quote Link to comment Share on other sites More sharing options...
phubar Posted March 10, 2014 Share Posted March 10, 2014 (edited) To test the basic functionality of what I believe you are looking for in terms of basic password sniffing via ssl, get the Pineapple running with karma, sslstrip and internet connectivity. Use a wireless device to test karma (connectivity). Once successful, use a browser to log into a site via https and watch the sslstrip logs. There is one basic use case you can use to test a simple set up. good luck ~phu edit: this probably belongs in the MKV thread. Edited March 11, 2014 by phubar Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.