Gromit Posted September 2, 2015 Posted September 2, 2015 Hey guys I've no idea what I should try anymore. I've tried to setup DNSSpoof. My setup: - Both Wlan-interfaces enabled(Wlan0 and Wlan1) - Client-Mode connection to a Wifi-Network. Then I've enabled DNSSpoof by clicking on the tick-box. My DNSSpoof-file contains the following line: google.com *.* Now the problem: There is no redirect. I can connect to any site I want but I don't get redirected. What could be the problem. What could be the problem? Quote
phpsystems Posted September 2, 2015 Posted September 2, 2015 You need to specify the ip you want the response to point to. The asterisk is a wildcard, used for 1 or more domains / sub-domains. Your config should be: 172.16.42.1 *.google.com 172.16.42.1 google.com Where 172.16.42.1 is the pineapple's ip. Quote
Gromit Posted September 2, 2015 Author Posted September 2, 2015 I've changed it to: 172.16.42.1 *.* And still I doesn't get redirected. Do I have to change something else? For example add a file inside the /www directory? Quote
phpsystems Posted September 2, 2015 Posted September 2, 2015 No. Are you sure the target is only using the pineapple for dns? Quote
Gromit Posted September 2, 2015 Author Posted September 2, 2015 I can only make one more post until tomorrow evening. So What could possibly be wrong? I didn't change anything in the DNS section. Quote
UnKn0wnBooof Posted September 2, 2015 Posted September 2, 2015 Some OS's/Applications skip using DNS as they already know the IP address of a server. Perhaps they have a built in hosts config? Quote
phpsystems Posted September 3, 2015 Posted September 3, 2015 (edited) You could try running tcpdump on the target host to verify where you are checking dns from.If the host isn't using dhcp from the pineapple or statically configured to use the pineapple for dns this isn't going to work. Edited September 3, 2015 by phpsystems Quote
Blake Middle Posted September 4, 2015 Posted September 4, 2015 I've noticed that most current browsers use the search engine when you enter an address in the addressbar. When I start DNS spoof and ping the address (on the client) it returns the correct (spoofed) IP. When I start a browser and enter the address (on the client) in the addressbar it uses the engine and goes directly to the original page. To check if the DNS spoof is working correctly: - Start the DNS spoof. - Connect the client to the pineapple. - Flush the DNS on the client. (just to be sure) - Ping the spoofed address on the client. (don't use a browser) Does it return the correct IP you've chosen in the DNS spoof? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.