Jump to content

Recommended Posts

Hi Everyone! 

I am trying to achieve this scenario :

 

connect client to management AP, gets IP address from pineapple. PC on same pine network has same subnet address of 172.16.42.0/24. I want to be able to forward all traffic from the client device onto the PC which is running burpsuite. I have tried almost every thread that i can find and whatever i do i cannot get this traffic from the device through burpsuite. 

is it actually possible to do this? as in a client connects to the pineapple network and then the traffic is passed through to burpsuite? 

My set up in burpsuite was to look at all interfaces on port 8080. Then i tried the specific address of the burp PC with 8080 but still no traffic coming through. 

 

The only was i have got it to work slightly is by configuring the client device to use a proxy which directs straight to the PC using burp. This then causes problems about SSL connections failing (which i expected, but was worth a long shot) 

i then started to run ssl strip on pineapple to try and see if that would help, but no, the webpages would not load due to the SSL connections failed. 

When i do proxy straight through to the PC running burp the websites again, do not load and i am stuck with a loading screen for whatever im using. Obviously this isn't ideal and im hoping to use this in a presentation coming up very soon. I have been ripping my hair out over this for about a week now... surely it not this hard!! 

 

ANy help would be appreciated, mainly getting traffic flowing from pineapple to burp! 

 

THANKS!!!! w

Link to post
Share on other sites

I may be misunderstanding what your trying to do. You are basically wanting to capture the traffic from a victim as it flows from the victim, to the pineapple, and then to the internet?

There are are a couple ways to achieve this.

1. (the quicker and dirtier way) - Just ARP spoof the victim. You would want to arpspoof between the victim, and the inside interface of the Pineapple. Assuming the "PC" you referenced is actually something like a Kali box ... you will also want to setup IP forwarding. This will basically make you MiTM and assuming the traffic isn't leaving your victim as encrypted, your good to go.

2. Move the Pineapple "behind" your attack box, and share the internet connection through your attach box. This will allow you to monitor all traffic are you attack box acts as next hop upstream from the pineapple.

In either situation, you will need to setup Burp to listening on ports 80, 443, and maybe 8080 depending on your situation.

https://www.pentestgeek.com/penetration-testing/credential-harvesting-via-mitm-burp-suite-tutorial



Link to post
Share on other sites

Thanks for this captain! 

 

I will try this out later on! 

Basically im trying to capture Facebook messages through burp. I Can achieve this if burp is running on my pc and then configure the browser so I can see Facebook messages, however I want to go one step further because then it will be a kick ass demo! 

 

 

i usually set it up so all traffic is directed to the 8080 port as I usually have traffic on the pc running traffic from 80/443 on the burp suite so don't want to mess with that! 

Link to post
Share on other sites
On 5/13/2017 at 4:29 AM, rozzz said:

Thanks for this captain! 

 

I will try this out later on! 

Basically im trying to capture Facebook messages through burp. I Can achieve this if burp is running on my pc and then configure the browser so I can see Facebook messages, however I want to go one step further because then it will be a kick ass demo! 

 

 

i usually set it up so all traffic is directed to the 8080 port as I usually have traffic on the pc running traffic from 80/443 on the burp suite so don't want to mess with that! 

Gotcha

Yeah, this should work as far as getting the traffic intercepting. However, I am not sure if you will actually get message traffic as I THINK Facebook now encrypts it between Facebook server and clients.  Additionally, you can turn on secret conversations which (supposedly) does end to end, device to device encryption.  In fact, I'm not even sure you can SSL Strip Facebook anymore at the login page.  I dont think you can come into a Facebook server without HTTPs. Perhaps some back end API's and such ...

Best way to capture Facebook messages would be a client side attack ...

 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...