Jump to content

Modules bugged?


Reunion
 Share

Go to solution Solved by dark_pyrro,

Recommended Posts

I've got some problems here with my turtle. Keep in mind, I've been trying this for over a week. The only module I've been able to get successfully running is Cronjob. Well, and NMAP, extroot and sshfs.

Responder and Cred grabber will not start; UI bugs. SD card installed and configured via the SD module. Seemed like an involved and common problem. So, I accepted this and moved on to a DNS attack. Should be much simpler, I would think.

However, this is the screen that I stare at every time I try to use DNSSpoof:

Capture.png

Pretty sure the module is failing to start. Cannot figure out why. I've made sure to disable all other modules, and have even tried this from a clean boot on another turtle (our university has several).

 

So I went on to DNSMasq; thought it would be a good alternative. This module actually succeeds in starting, thankfully, but the sites are never spoofed. I do have them pointed at the turtle's local 172.16.84.1 address; the reason for this being I want to host a python SimpleHTTPServer off port 80 to facilitate the mitm (can be run easily with cron, and does work!). But even changing the pointer to say, any other site does nothing.

Is this some problem with the dns resolution on the host machine? What is the problem here? And how can I get these modules to run? I've tried everything I can think of, and every solution I find on the forums. Here's an image from AUTOSSH too, in case that helps, and a second one displaying some actual error text on DNSSpoof.

Autossh

Capture2.png

 

 

DNSSpoof

Capture3.png

 

 

Any input here would be great - I would love very much to get DNSSpoof/DNSmasq working.

ON DNSMASQ:

I have added the line referred to in another user's reply to my dnsmasq file - no change.


I've followed the hak5 tut's to a T. Am I missing something obvious?  Last image, this is of my conf just to be extra-sure i'm giving all relevant info:
Capture4.png

I've also been getting an error involving "no such file or directory" for a lot of modules, even after SD card setup. Some have been fixed by it tho. E.g., this module used to throw that it could not find /etc/init.d (I believe, something init.d) - after inspection, it was a blank file, and did exist. It still threw the error even after exiting shell, and manually cd-ing to root (my turtle starts in some other directory). Ofc that probably wouldn't matter but, I figured since it's executing cli it would be worth a shot.


I would also love ideas for a workaround or another attack I could execute; responder IS functional as far as I can tell; but I can't even begin to understand what it does on it's own, if anything, let alone get it to start. Maybe that's stupid of me, idk, I'm not exactly a skiddy - I've worked with the pineapple (v1 and modern), bunny and even the ducky and throwing star; security is my field like everyone else here - though still, probably a lot less advanced than half the users here. The better half. Just really hit a brick wall hard here on this one.


I love whoever can help me with this and would buy them a car, a house, or more free time if such purchases were possible for me. Instead all I can offer is my whole-hearted thanks to all those who read and take the time to help.

Lastly, just to reitterate, all of these problems are universal across all the turtle's I've tried (total of three).  So HOPEFULLY, PROBABLY user error here - but what, man? Just what?

Link to comment
Share on other sites

  • Solution

I can add as well that the dnsmasq-spoof module works as intended so I can't recreate/reproduce that on any of my Turtles (or at least the one I have up and running at the moment). But, if the DNS servers aren't supplied by the Turtle (if, for example, DNS servers are "hard coded" on the target that is connected to the Turtle), then the Turtle will not be queried regarding DNS. So, check the configuration on the computer that is connected to the Turtle to see if it's configured to get DNS via DHCP (Dnsmasq) or if it's a static configuration.

Edited by dark_pyrro
Link to comment
Share on other sites

  • 2 weeks later...

Hey guys, I'm really sorry this took so long. Just wanted to say that I BELIEVE DHCP addressing to be the issue I was experiencing. On autossh or similar modules, I have not bothered with that - found it was much easier to setup a cron for netcat. Gonna mark it as a solution for the next guy(s). Thanks again everyone!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...