TheNightAwk Posted August 20, 2014 Share Posted August 20, 2014 Hi, I'm trying to set up the Pineapple (firmware 2.0.3) as an access point (no Karma at all, just a single SSID) and display a simple page when wireless clients look for some specific websites. This sounds pretty easy to do. I first have to make the Pineapple connect to an access point with wlan1 to route all the traffic. Then use dnsspoof and make a few host entries (eg: 172.16.42.1 website.com) for the websites I want clients to be redirected to and finally, modifying redirect.php to what I want to display. The routing/forwarding part works, it's a bit slow but it works (I guess due to the forwarding to another AP). However, I can't get dnsspoof to work. When I do dns lookup for one of the domains from a connected client, I get the legitimate IP address and not the IP address I entered in dnsspoof. It worked at some point but all I got was a page that kept trying to load (like when you try to reach the pineapple on port 80; even though I changed the index to go to redirect.php) but it stopped working as soon as I rebooted the pineapple. I also tried removing the infusions and reinstalling them, reflashing the pineapple, removing all unnecessary infusions but it is still not working. Am I doing anything wrong? Or is that scenario not doable on the pineapple? Quote Link to comment Share on other sites More sharing options...
baritpwn Posted August 20, 2014 Share Posted August 20, 2014 I've noticed if you install infusions that are part of the new firmware separately (dnsspoof standalone or karma standalone) as opposed to using them with the built in tiles, things start breaking. Did you install the DNSSpoof infusion on top of the one that already exists? If so, I'd remove that one or reflash. Quote Link to comment Share on other sites More sharing options...
TheNightAwk Posted August 20, 2014 Author Share Posted August 20, 2014 It kinda works. dnsspoof infusion was conflicting as you said. When I do a nslookup on one of the websites in the hosts list, I get the IP of the pineapple. When giving that IP address in a browser, I get my crafted page. However, when I want to reach one of the spoofed domains, I get the legitimate website. It should have served the page I crafted instead. By analyzing the traffic, I can see the traffic from the browser goes to the pineapple IP address as expected (and not the legitimate website's IP address) and ask for the the spoofed domain. So, the pineapple is acting as a proxy for some reason (if it was a gateway, I could see the traffic going to the legitimate IP. In this case, it goes to the pineapple's IP address). Any idea how I can make the pineapple serve the page I crafted for the spoofed domains instead of acting as a proxy? Quote Link to comment Share on other sites More sharing options...
baritpwn Posted August 21, 2014 Share Posted August 21, 2014 The websites may be loading from cache. You can try clearing your cache and cookies before testing and let us know the result Quote Link to comment Share on other sites More sharing options...
TheNightAwk Posted August 21, 2014 Author Share Posted August 21, 2014 That's the first thing I did before analyzing the traffic with Wireshark. When I said the pineapple is acting as a proxy, I meant that you could see the content of the whole website, coming from the pineapple's IP address (Record traffic, then follow TCP stream). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.