Jump to content

which infusion to keylog passwords, besides sslstripping


Recommended Posts

SSL stripping no longer works. I've been researching but gotten little results as to tutorials for other types of infusions. I want to get an infusion that can either get me wifi passwords or passwords to someone's accounts as they log into them. If possible, I would like some er infusions to start with downloading. I tried the wps infusion and it didn't work well with my router (which is why I want to use RubyReaver or Auto-Reaver). So, what other infusions could be used to monitor my other computer's web activities and the passwords that I get when I log in with my other computer (that I'm using as a target)? If possible, it would be nice if it was something I could use information I get from the PineAP log and input into such an infusion to get my passwords. I learned from this video about how to use the pineAP:

https://www.youtube.com/watch?v=IdhuX4BEK6s&index=2&list=PLuXfzxj2yX_uCE8dPbP39rQIB0a8PkFHT

So yeah, I don't want to buy too many new devices. I want to rely on my pineapple, but if possible I might want the documentation or something similar to learn to use such infusions. I might plug a wireless modem into my pineapple someday and go wardriving, but I want to learn to hack my own wifi first to learn before I go wardriving.

Link to post
Share on other sites

You could always try using Evil Portal and Portal Auth to clone a page, inject your own code, and display that page to the target. After they send their credentials to you, you redirect them to the actual page they wanted. It takes a little more effort than just clicking a button, though.

Link to post
Share on other sites
  • 3 weeks later...

You could always try using Evil Portal and Portal Auth to clone a page, inject your own code, and display that page to the target. After they send their credentials to you, you redirect them to the actual page they wanted. It takes a little more effort than just clicking a button, though.

Hi,

this is the case when the users are using web browsers. What about when they use social networks mobile apps on their smartphone? can't keylog/sniff that, right?

regards

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...