Page 12 of 14 FirstFirst ... 21011121314 LastLast
Results 111 to 120 of 136

Thread: Soft AP / Phishing Script [Release]

  1. #111
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    I'm not intending to upgrade my main rig, so I can't comment yet. I'll have a play with R3 in a VM and get back to you in a few days. Do you think this is a specific problem with the script, or a general problem with dhcp3-server ie does dhcp work when you run it manually?

  2. #112
    Senior Member
    Join Date
    Jun 2007
    Location
    UK
    Posts
    175

    Default Re: Soft AP / Phishing Script [Release]

    dhcp3-server won't run manually either. Not tried it in VM.

  3. #113
    Just burned his ISO
    Join Date
    Sep 2012
    Posts
    5

    Default Re: Soft AP / Phishing Script [Release]

    having an issue, or i'm just incredibly stupid (most likely the latter) probably an easy fix.

    trying to start an ap (ie; free public wifi) to capture usernames and passwords that are put into the fields of the given HTML page.

    WITHOUT giving internet access.

    I go on my test machine, connect, and then i try going to a url (google, or anything else)

    I get nothing, as if there is no internet connection

    What am i doing wrong?

    if you guys can help me with this, ill write somthing that auto re-sizes all of the 9999 terminals that pop up to match your resolution

    along with a GUI if you guys want


    Thank you in advance!

    what i do
    1. selection : (simple web server)
    2.no, i would not like to give internet access
    3.i put in my interface (wlan1, random macs)
    4. no, i do not want to find target channel?
    - why would this be important for what im doing? any channel will show up when looking for a wifi hotspot. im not trying to emulate being a pre-set one.
    5.i choose (bullseye), to make my ESSID "Free Public wifi"

    now,

    6. i select the directory "hotspot_3" (the one provided)
    7. Asks me if i want "all adresses" or "use custom host file" , i press all adresses
    8. Do you want to tail credentials? "no"

    says "web server attack is running"

  4. #114
    Just burned his ISO
    Join Date
    Sep 2011
    Posts
    4

    Default Re: Soft AP / Phishing Script [Release]

    Is it normal when you tail sslstrip.log the window pops up for half a second and disappears?

  5. #115
    Senior Member
    Join Date
    Jun 2007
    Location
    UK
    Posts
    175

    Default Re: Soft AP / Phishing Script [Release]

    The DHCP problem seems to be with the /tmp/dhcpd.conf line 10 unexpected end of file.
    the last part of the dhcpd.conf is as follows:-


    subnet 192.168.0.0 netmask 255.255.255.0 {
    range 192.168.0.100 192.168.0.255
    option routers 192.168.0.1;
    option domain-name-servers ;
    }

  6. #116
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    @lokitround1

    You appear to be setting appropriate options, but the client is not seeing the hotspot webpage, correct?
    There are many steps involved in this process, and I need you to narrow down the possible sources of error.
    First, check you can see the hotspot page when you browse to localhost on the attacking machine.
    Next check the victim has an IP address, and his DNS requests are showing up in the dnsspoof eterm.
    If this is all good, then you are probably confounded by dns-cacheing: see post #96

  7. #117
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Quote Originally Posted by vsboost View Post
    Is it normal when you tail sslstrip.log the window pops up for half a second and disappears?
    No.

    This suggests sslstrip is not running. Have you installed it properly with install.py? (read the script for more details)

  8. #118
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Hi parrotface,

    The script is not reading your nameserver from your home network. This usually fails if you don't have a local nameserver (eg 10.1.1.1), and use a remote server such as google.
    There are a few posts discussing this eg #51, #103, #104.
    You can setup a local nameserver as a workaround. At some point I will re-write the parsing of /etc/resolv.conf to fix this issue.

  9. #119
    Just burned his ISO
    Join Date
    Sep 2011
    Posts
    4

    Default Re: Soft AP / Phishing Script [Release]

    Quote Originally Posted by VulpiArgenti View Post
    No.

    This suggests sslstrip is not running. Have you installed it properly with install.py? (read the script for more details)
    tried to run ./setup.py in sslstrip directory, this failed but running "python /pentest/web/sslstrip/setup.py install" seemed to have configured it, however the sslstrip tail still disapears after half a second.

  10. #120
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Is sslstrip running? If not, can you start it manually? Does /root/sslstrip.log exist?

Page 12 of 14 FirstFirst ... 21011121314 LastLast

Similar Threads

  1. SET 0.7 phishing demo
    By pentest09 in forum BackTrack Videos
    Replies: 7
    Last Post: 12-19-2010, 10:31 PM
  2. Soft AP Upside Down image help pls, script nearly works
    By spriggsy in forum Beginners Forum
    Replies: 0
    Last Post: 11-05-2010, 12:01 PM
  3. Soft AP Script not working?
    By spriggsy in forum Beginners Forum
    Replies: 1
    Last Post: 05-19-2010, 01:08 PM
  4. Soft AP bash script
    By junke1990 in forum OLD Wireless
    Replies: 1
    Last Post: 04-03-2010, 08:30 AM
  5. backtrack 4 pre release user login script
    By eidos in forum OLD Newbie Area
    Replies: 1
    Last Post: 07-30-2009, 09:57 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •