stunner2xx Posted November 15, 2015 Share Posted November 15, 2015 so i couldnt get it to work. says drive space is full. root@Pineapple:/# df Filesystem 1K-blocks Used Available Use% Mounted on rootfs 3200 3112 88 97% / /dev/root 12032 12032 0 100% /rom tmpfs 30904 440 30464 1% /tmp tmpfs 512 0 512 0% /dev /dev/mtdblock3 3200 3112 88 97% /overlay overlayfs:/overlay 3200 3112 88 97% / /dev/sdcard/sd1 14497704 360396 13409968 3% /sd this is what happens when i run the other commands root@Pineapple:/sd/infusions/portalauth/includes/scripts# ./check_depends.sh Not Installed root@Pineapple:/sd/infusions/portalauth/includes/scripts# ./install_depends.sh md5sum: can't open 'beautifulsoup4-4.4.0.tar.gz': No such file or directory sh: 63d1f33e6524f408cb6efbc5da1ae8a5: unknown operand MD5 of BS4 does not match Quote Link to comment Share on other sites More sharing options...
sud0nick Posted November 17, 2015 Author Share Posted November 17, 2015 What tells you your drive space is full? There is nothing in what you posted from the command line that states that. If your drive space is full you'll need to clear it out. Quote Link to comment Share on other sites More sharing options...
s7a73farm Posted February 2, 2016 Share Posted February 2, 2016 Every time I try to activate a portal capture from portal auth its breaking evil portal. system logs throw a write error. any ideas on what I am doing wrong? Quote Link to comment Share on other sites More sharing options...
sud0nick Posted February 2, 2016 Author Share Posted February 2, 2016 I know I already responded to you on Twitter but I'll reiterate here. Your issue with nodogsplash being removed has nothing to do with PA but you should try to refresh the small tile for Evil Portal to see if the dependencies are actually missing. I've run into this problem many times where EP throws a message that says depends are missing but if I refresh the tile all is well. You can clone websites that are not captive portals by entering the URL of the site in the Test Site field in the Config tab. Everything should work well but I have run into network timeout errors on larger sites. Check out my video on Portal Auth that describes every aspect of the infusion. It's a little long but teaches every part of it. Quote Link to comment Share on other sites More sharing options...
Maddog1929 Posted February 14, 2016 Share Posted February 14, 2016 This is a very interesting infusion and im looking forward to its first stable version. Just wanted to confirm something; Is it possible or at least planed to use this infusion to clone and harvest unique password/username based portals? I saw your demonstration from the pineapple 5 where you cloned a Starbucks portal that would require a user to get a password from a downloaded exe. My question is, could you clone something along the line of an offices's internet filter or a collage university portal. A portal that everyone has their own username and password to. And gather their username/password then push them to the web. The portal would have to look exactly like the original with just the 2 text boxes, without any popups as not to raise any red flags from IT admins who might get pulled onto the network by pineAP. (that would be a red flag in itself) Example: <spoiler> <--- i have no idea how these work </spoiler> Quote Link to comment Share on other sites More sharing options...
sud0nick Posted February 14, 2016 Author Share Posted February 14, 2016 This is a very interesting infusion and im looking forward to its first stable version. The current release is a stable release. Just wanted to confirm something; Is it possible or at least planed to use this infusion to clone and harvest unique password/username based portals? I saw your demonstration from the pineapple 5 where you cloned a Starbucks portal that would require a user to get a password from a downloaded exe. My question is, could you clone something along the line of an offices's internet filter or a collage university portal. A portal that everyone has their own username and password to. And gather their username/password then push them to the web. You can absolutely do this, however, you will not be able to clone the database that contains the expected usernames and passwords. If that were the case we wouldn't need to trick the user (except to maybe get a plaintext version of a hashed password). The demonstration you are talking about shows a special injection set I created to grant users an access key to further portray a valid captive portal. The .exe they download to get that key executes a root shell on their system so you can access it. This functionality is not dependent upon any particular captive portal and can even be used on a cloned website. You can definitely clone the portal pictured in your post and use that to get the user's credentials. However, Portal Auth will not automatically send those credentials to the original portal so you will have to first authenticate your Pineapple on that AP or by some other means (i.e. 3G/4G modem) to give your target users internet access after they give you their credentials. Quote Link to comment Share on other sites More sharing options...
Maddog1929 Posted February 14, 2016 Share Posted February 14, 2016 The current release is a stable release. You can absolutely do this, however, you will not be able to clone the database that contains the expected usernames and passwords. If that were the case we wouldn't need to trick the user (except to maybe get a plaintext version of a hashed password). The demonstration you are talking about shows a special injection set I created to grant users an access key to further portray a valid captive portal. The .exe they download to get that key executes a root shell on their system so you can access it. This functionality is not dependent upon any particular captive portal and can even be used on a cloned website. You can definitely clone the portal pictured in your post and use that to get the user's credentials. However, Portal Auth will not automatically send those credentials to the original portal so you will have to first authenticate your Pineapple on that AP or by some other means (i.e. 3G/4G modem) to give your target users internet access after they give you their credentials. Thanks, From knowledge ive gathered, all passwords for the portal I plan to clone are all 6 chars long, and are a mix of random numbers and letters. (users are a mix of the persons first and last name so brute forcing isnt an option) Im sure its possible to put some extra java in there that keeps them on the page if the password entered isnt exactly 6 chars long. That will hopefully prevent any wrong passwords being entered, or ITs attempting to inspect the portal by entering random info. Quote Link to comment Share on other sites More sharing options...
sud0nick Posted February 14, 2016 Author Share Posted February 14, 2016 Thanks, From knowledge ive gathered, all passwords for the portal I plan to clone are all 6 chars long, and are a mix of random numbers and letters. (users are a mix of the persons first and last name so brute forcing isnt an option) Im sure its possible to put some extra java in there that keeps them on the page if the password entered isnt exactly 6 chars long. That will hopefully prevent any wrong passwords being entered, or ITs attempting to inspect the portal by entering random info. It should go without saying but I hope what you are doing is all legal and with the permission of the owners of the AP / portal. If not then I recommend you don't do it. Quote Link to comment Share on other sites More sharing options...
dubberrucky Posted September 10, 2016 Share Posted September 10, 2016 Sud0Nick - This tool looks absolutley great. I was just wondering if something like this existed. I have unwrapped my nano and got it all installed unfortunatley im in a wifi blackspot so need to go hunting for some portals to try this on. I was wondering a few things: - Do you host a repository of cloned portals? It would be great if there were a way to download some templates so I could popup in the middle of somewhere, throw up a generic portal 'a la xfinity' without the need to clone it myself? - Is there a way I can test this without needing to find my local startbucks etc? I guess I would need to host a captive portal myself form my laptop - I could do this with NDS from Kali I guess, but again there would be limited content for PA to clone. Great work on this one. Quote Link to comment Share on other sites More sharing options...
sud0nick Posted September 11, 2016 Author Share Posted September 11, 2016 1. I do not host a portal repository. 2. You don't necessarily need to clone a "portal" as you can point the Test Site field setting to any URL and clone its page. Since you mentioned you're using the NANO you will want to look in this thread for the latest information about the module. This thread we're in pertains to the old MK V version of Portal Auth which I no longer update. Quote Link to comment Share on other sites More sharing options...
dubberrucky Posted September 11, 2016 Share Posted September 11, 2016 Sud0nick - thanks for the quick post back. I guess that the portal repo would be welcomed by many, is there an aversion to hosting one - if you aren't willing to host one do you have an objection to anyone else doing so? To the rest of the modules users would you want one and contribute if we hosted one? Quote Link to comment Share on other sites More sharing options...
sud0nick Posted September 11, 2016 Author Share Posted September 11, 2016 I will not endorse a portal repo. It would quickly become a place for social media phishing templates which have no value in a legal pentest. If someone chooses to clone Facebook and attempt to steal people's creds that's on them but I won't encourage that behavior. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted September 11, 2016 Share Posted September 11, 2016 6 hours ago, sud0nick said: I will not endorse a portal repo. It would quickly become a place for social media phishing templates which have no value in a legal pentest. If someone chooses to clone Facebook and attempt to steal people's creds that's on them but I won't encourage that behavior. This. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.