Page 11 of 14 FirstFirst ... 910111213 ... LastLast
Results 101 to 110 of 136

Thread: Soft AP / Phishing Script [Release]

  1. #101
    Just burned his ISO
    Join Date
    Jul 2012
    Posts
    1

    Default Re: Soft AP / Phishing Script [Release]

    Quote Originally Posted by VulpiArgenti View Post
    [0-DAY ADDED - PwnSTAR 0.72]

    Have added in the new MSXML exploit against Internet Explorer. This will exploit Windows 7. The payload is the default metasploit so is likely to be picked up by AV. I can't do much about that until I've learnt Ruby. Any help welcome.

    Use wisely - this vulnerability won't last long!

    http://code.google.com/p/pwn-star/downloads/list
    yo VulpiArgenti,
    Huge respect for the work you have put in big fella! I don't have the script in front of me but i had to take the zero out of your () 0day_(* something cant remember) as it chucked an error on start up of the script. Find and replace fixed the problem

    With the addition of:
    a) bandwidth limiting connected users (not sure how this could be done)
    b) beef hook injection via an ettercap filter
    c) opening a browser with hamster tab and beef tab

    this script would be perfect to run in the start up of a rasberrypi!

    cheers mate,
    Isolot.

  2. #102
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Interesting ideas for raspberrypi - I haven't had chance to play with one yet. Here is a method for "shaping" depending on the number of connections http://www.andybev.com/index.php/Linux_iptables_captive_portal_traffic_shaping_scri pts_(PortalShaper)



    Were you starting the script through bash (rather than sh etc)? I'm not aware of any restrictions on naming functions in bash (but there is still a lot I don't know!)



    [Major problems logging in recently - sorry for the slow reply]

  3. #103
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    7

    Default Re: Soft AP / Phishing Script [Release]

    ok, i hate to sound repetitive, but i have been having an issue, as have many here. i have tried several solutions, to no avail.

    here is the dhcp error i am receiving.
    Code:
    Generating /tmp/dhcpd.conf
    
    Starting DHCP server...
    Internet Systems Consortium DHCP Server V3.1.3
    Copyright 2004-2009 Internet Systems Consortium.
    All rights reserved.
    For info, please visit https://www.isc.org/software/dhcp/
    /tmp/dhcpd.conf line 10: semicolon expected.
    }
    ^
    /tmp/dhcpd.conf line 10: unexpected end of file
    }
    ^
    Configuration file errors encountered -- exiting
    cat /tmp/dhcpd.conf
    Code:
    default-lease-time 300;
    max-lease-time 360;
    ddns-update-style none;
    authoritative;
    log-facility local7;
    subnet 192.168.0.0 netmask 255.255.255.0 {
    range 192.168.0.100 192.168.0.200;
    option routers 192.168.0.1;
    option domain-name-servers ;
    }
    I am assuming my problem is right there at the last line where there is no ip.

    do i need to hard code this into the script? is this a bug? what am i missing?


    cat /etc/resolv.conf
    Code:
    # Generated by dhcpcd for interface wlan1
    search <myisp.com>
    nameserver <isp IP's>
    nameserver <isp IP's>
    thanks.

  4. #104
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Post #51 discussed this. For various reasons the script only reads local dns-servers. Your options are:


    • include a local server on your network (usually the same IP as your router, set up in your router config page) - best
    • hardcode your existing ISP into the script (at line 713) - not so good

    Code:
    # replace $apdns with your external dns-server
    
    echo "option domain-name-servers $apdns;" >> /tmp/dhcpd.conf
    ------------------------------------------------------------------

    as have many here
    A little harsh

  5. #105
    Member
    Join Date
    Jan 2010
    Posts
    54

    Default Re: Soft AP / Phishing Script [Release]

    Hi VulpiArgenti

    I am currently writing tutorials on my blog about how to use your script. I have noticed some errors hotspot 2:

    First: in hotspot 2 index file the location of the images are wrong you have not updated them to /hotspot_2

    Second: when using hotspot 2 for some reason the username and passwords are not being saved into the text file.

    The first i could fix easly but the second i am realy stumpped on why its not working :/

    I also ran into a problem on the captive portal hotspot, I have installed dnotify using 'apt-get install dnotify' but when I run it, all wireless connections seem to stay connected to the routers but have no internet access (even if there on a diffrent network). Is there any reason for this? and how can i solve it. I have only managed to get sslstrip to work for me atm but i have not ran all your options because i think getting the basics working first is the main priorty.

    Please get back to me soon thank you.
    Last edited by deviney; 09-07-2012 at 09:51 PM.

  6. #106
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    First: in hotspot 2 index file the location of the images are wrong
    Quite right! I really can't believe I am so stupid.

    Second: when using hotspot 2 for some reason the username and passwords are not being saved into the text file.
    This fails for the same reason - the form action wasn't pointing to the new php.

    I've uploaded a new file "hotspot_3". http://code.google.com/p/pwn-star/do...3.tgz&can=2&q= Apologies to anyone else who couldn't get it working.

    I also ran into a problem on the captive portal hotspot
    I have just thoroughly tested this and it's working perfectly for me. Can you give more details?

    As an aside, the captive portal options in the advanced menu are much more useful, as they allow internet access once credentials have been obtained. The simple hotspot options in the basic menu only phish credentials, and don't give internet access.
    Last edited by VulpiArgenti; 09-08-2012 at 02:47 AM.

  7. #107
    Member
    Join Date
    Jan 2010
    Posts
    54

    Default Re: Soft AP / Phishing Script [Release]

    I just noticed your new upload of hotspot2 (not hotspot 3) has the same problems as you did not put the 3 at the end of the image locations and also its a captiave portal even tho it was ment to be the simple one that does not give internet access. I have tried it and it does not ask for logins and rather just gives the victem internet access ha

    Am still having no luck with the captive portal, would you teamveiw with me and we can both troubleshoot it?

  8. #108
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Only use the packages marked "CURRENT RELEASE" e.g. hotspot_3, not hotspot_2.

  9. #109
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    To clarify the current use of the script packages:

    Use only the packages marked "CURRENT RELEASE" with PwnSTAR_0.8. Older packages work only with older (deprecated) versions of the script.

    "hotspot_3" is a simple phishing web page, used with basic menu option 4.

    "portal_simple" is a captive portal which allows you to edit the index.html with the name of the portal eg "Joe's CyberCafe". It is used for sniffing.

    "portal_hotspot3" phishes credentials, and then allows clients through the portal to the internet

    "portal_pdf" forces the client to download a malicious pdf in order to pass through the portal


    Edit: I have now bundled these into a single tar http://code.google.com/p/pwn-star/do...R.tgz&can=2&q=
    Last edited by VulpiArgenti; 09-09-2012 at 01:49 AM.

  10. #110
    Senior Member
    Join Date
    Jun 2007
    Location
    UK
    Posts
    175

    Default Re: Soft AP / Phishing Script [Release]

    I can't get your script to issue an IP address
    On further investigation it appears to be a BT5-R3 problem.
    Tried update & upgrade and also purged dhcp3-server still won't start.
    any ideas or pointers please. I have BT5-R3 installed on 3 different machines all with the same problem.
    thanks

Page 11 of 14 FirstFirst ... 910111213 ... LastLast

Similar Threads

  1. SET 0.7 phishing demo
    By pentest09 in forum BackTrack Videos
    Replies: 7
    Last Post: 12-19-2010, 10:31 PM
  2. Soft AP Upside Down image help pls, script nearly works
    By spriggsy in forum Beginners Forum
    Replies: 0
    Last Post: 11-05-2010, 12:01 PM
  3. Soft AP Script not working?
    By spriggsy in forum Beginners Forum
    Replies: 1
    Last Post: 05-19-2010, 01:08 PM
  4. Soft AP bash script
    By junke1990 in forum OLD Wireless
    Replies: 1
    Last Post: 04-03-2010, 08:30 AM
  5. backtrack 4 pre release user login script
    By eidos in forum OLD Newbie Area
    Replies: 1
    Last Post: 07-30-2009, 09:57 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •