Reunion Posted February 15, 2022 Share Posted February 15, 2022 I've got some problems here with my turtle. Keep in mind, I've been trying this for over a week. The only module I've been able to get successfully running is Cronjob. Well, and NMAP, extroot and sshfs.Responder and Cred grabber will not start; UI bugs. SD card installed and configured via the SD module. Seemed like an involved and common problem. So, I accepted this and moved on to a DNS attack. Should be much simpler, I would think. However, this is the screen that I stare at every time I try to use DNSSpoof: Pretty sure the module is failing to start. Cannot figure out why. I've made sure to disable all other modules, and have even tried this from a clean boot on another turtle (our university has several). So I went on to DNSMasq; thought it would be a good alternative. This module actually succeeds in starting, thankfully, but the sites are never spoofed. I do have them pointed at the turtle's local 172.16.84.1 address; the reason for this being I want to host a python SimpleHTTPServer off port 80 to facilitate the mitm (can be run easily with cron, and does work!). But even changing the pointer to say, any other site does nothing. Is this some problem with the dns resolution on the host machine? What is the problem here? And how can I get these modules to run? I've tried everything I can think of, and every solution I find on the forums. Here's an image from AUTOSSH too, in case that helps, and a second one displaying some actual error text on DNSSpoof.Autossh DNSSpoof Any input here would be great - I would love very much to get DNSSpoof/DNSmasq working.ON DNSMASQ:I have added the line referred to in another user's reply to my dnsmasq file - no change. I've followed the hak5 tut's to a T. Am I missing something obvious? Last image, this is of my conf just to be extra-sure i'm giving all relevant info: I've also been getting an error involving "no such file or directory" for a lot of modules, even after SD card setup. Some have been fixed by it tho. E.g., this module used to throw that it could not find /etc/init.d (I believe, something init.d) - after inspection, it was a blank file, and did exist. It still threw the error even after exiting shell, and manually cd-ing to root (my turtle starts in some other directory). Ofc that probably wouldn't matter but, I figured since it's executing cli it would be worth a shot. I would also love ideas for a workaround or another attack I could execute; responder IS functional as far as I can tell; but I can't even begin to understand what it does on it's own, if anything, let alone get it to start. Maybe that's stupid of me, idk, I'm not exactly a skiddy - I've worked with the pineapple (v1 and modern), bunny and even the ducky and throwing star; security is my field like everyone else here - though still, probably a lot less advanced than half the users here. The better half. Just really hit a brick wall hard here on this one. I love whoever can help me with this and would buy them a car, a house, or more free time if such purchases were possible for me. Instead all I can offer is my whole-hearted thanks to all those who read and take the time to help. Lastly, just to reitterate, all of these problems are universal across all the turtle's I've tried (total of three). So HOPEFULLY, PROBABLY user error here - but what, man? Just what? Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 15, 2022 Share Posted February 15, 2022 OK, that's a lot of modules to troubleshoot at the same time. To give it all a bit more of a structure, let's start with autossh. Have you tried the things mentioned in the last post of this thread? Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 15, 2022 Share Posted February 15, 2022 I can add as well that the dnsmasq-spoof module works as intended so I can't recreate/reproduce that on any of my Turtles (or at least the one I have up and running at the moment). But, if the DNS servers aren't supplied by the Turtle (if, for example, DNS servers are "hard coded" on the target that is connected to the Turtle), then the Turtle will not be queried regarding DNS. So, check the configuration on the computer that is connected to the Turtle to see if it's configured to get DNS via DHCP (Dnsmasq) or if it's a static configuration. Link to comment Share on other sites More sharing options...
Reunion Posted February 28, 2022 Author Share Posted February 28, 2022 Hey guys, I'm really sorry this took so long. Just wanted to say that I BELIEVE DHCP addressing to be the issue I was experiencing. On autossh or similar modules, I have not bothered with that - found it was much easier to setup a cron for netcat. Gonna mark it as a solution for the next guy(s). Thanks again everyone! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.