Jump to content



- - - - -

FAQ's


63 replies to this topic

#21 Ironman

    Ninja Trainee

  • Members
  • 6,705 posts

Posted 01 April 2011 - 04:09 PM

Trcx said:

You might want to mention that as your typing the password it won't show on the screen.

Added: Good catch Trcx!! This should do.
Posted Image

#22 brutal truth

    Member

  • Moderators
  • 8,695 posts
  • iPhone:iPhone 4
  • iPod touch:iPod touch 1G
  • iPad:iPad
  • iPod:iPod classic
  • Apple TV:Apple TV 2G

Posted 05 April 2011 - 02:41 PM

Ironman said:

Added: Good catch Trcx!! This should do.
I have added this to the FAQ.

#23 Trcx528

    iPhone Pwner

  • Members
  • 3,131 posts
  • iPod touch:iPod touch 4G
  • Mac:MacBook Pro

Posted 05 April 2011 - 02:42 PM

Thanks Brutal!!!!

#24 brutal truth

    Member

  • Moderators
  • 8,695 posts
  • iPhone:iPhone 4
  • iPod touch:iPod touch 1G
  • iPad:iPad
  • iPod:iPod classic
  • Apple TV:Apple TV 2G

Posted 05 April 2011 - 04:12 PM

No problem.

#25 LankAsif

    Advanced Sexually

  • Members
  • 1,476 posts

Posted 05 April 2011 - 08:37 PM

Think there should be a separate FAQ where the forum discusses ideas  and then the best get moved too locked FAQ? No more clutter for admin to sort out.  ::)
There are three kinds of people in this world.
Those who can count, and those who can't.
Posted Image

#26 A12danrulz

  • Validating
  • 3,492 posts

Posted 05 April 2011 - 09:12 PM

Q: I heard you can steal peoples passwords over wifi! How do I do that?

A: Well, yes you can, but you can't just get any of their passwords that easily. You can run whats known as an MITM, or Man In The Middle, attack. What this does is uses ARP spoofing to trick the target computer/s into sending their traffic through your computer or iPod, and you use a packet recorder and sniffer combo to read the passwords, urls, etc such as pirni and derv or firesheep. But an MITM attack isn't guaranteed to get the password. If the website they are logging onto uses https, which is a secure version of http, hence the S, you aren't going to be able to get a password. In this case you will need to be a little more creative. You will need to be a bit more skilled. You will need to copy the login page of the site you want the password for, like facebook, with wget. Then you will need to put that in your webservers main page as index.html, along with a script that records the input into the username and password field into a .txt file. When you have that all ready you just need to run iPwN, use the dns spoof attack, and DON'T use the wildcard target! How suspicious would it look if you wanted to go to google but you get sent to facebook? Just say no to a wildcard and put in the URL of the login page. Now there you go! Leave that run for a bit and check the .txt file for passwords.

Q: But when they visit the URL I'm faking it says "http://192.168.1.2:80/var/www/index.html" How do I make it different?

A: Now that is an excellent question! Unfortunately, you cannot change the ip of the URL, but you CAN change the directory so it looks less suspicious. If you are using Lighttpd from cydia go to /etc/lighttpd2.conf and change the first line, which should say 'server.document-root = "/var/www" '
Change the directory to any that you want. For example, if you are getting a facebook login, change it to something like "/facebook/default_login". Then just make a directory to there and put your index.html there and your keylogger. There you go! You can now get peoples passwords!

Quote

Stupid questions get stupid answers.

#27 Ironman

    Ninja Trainee

  • Members
  • 6,705 posts

Posted 05 April 2011 - 09:20 PM

Good tut A12!! Straight forward, easy to follow!!

Posted Image

#28 Ironman

    Ninja Trainee

  • Members
  • 6,705 posts

Posted 05 April 2011 - 09:32 PM

LankAsif said:

Think there should be a separate FAQ where the forum discusses ideas  and then the best get moved too locked FAQ? No more clutter for admin to sort out.  ::)

That's a pretty good idea. But we kind of do that with the whole hack section. 
I think the setup we have now seems to be working pretty well. Boo's original post is basically the locked FAQ. Since only a Mod or Boo can edit it. So anything that stands out here as useful will get bumped to Boo's post.
Posted Image

#29 LankAsif

    Advanced Sexually

  • Members
  • 1,476 posts

Posted 05 April 2011 - 09:42 PM

Oh, good  to know. Just remember how there was a post asking for posts to be removed in order to clean up the FAQ (ironically, that's what I'm doing now). Anywhoo, was just a thought  :D
There are three kinds of people in this world.
Those who can count, and those who can't.
Posted Image

#30 A12danrulz

  • Validating
  • 3,492 posts

Posted 05 April 2011 - 09:44 PM

Yeah if it isn't broken don't fix it.

Quote

Stupid questions get stupid answers.

#31 LankAsif

    Advanced Sexually

  • Members
  • 1,476 posts

Posted 05 April 2011 - 09:49 PM

A12danrulz said:

Yeah if it isn't broken don't fix it.

LOL, just following concept of previous "fixes".
There are three kinds of people in this world.
Those who can count, and those who can't.
Posted Image

#32 Ironman

    Ninja Trainee

  • Members
  • 6,705 posts

Posted 05 April 2011 - 09:53 PM

LankAsif said:

Oh, good  to know. Just remember how there was a post asking for posts to be removed in order to clean up the FAQ (ironically, that's what I'm doing now). Anywhoo, was just a thought  :D

Well that was more to try and get it ready for brutal truth to do his mod thing. That way there would have been less for him to cut out and clean up.
Posted Image

#33 LankAsif

    Advanced Sexually

  • Members
  • 1,476 posts

Posted 05 April 2011 - 09:56 PM

LankAsif said:

LOL, just following concept of previous "fixes".

Guess I wasn't.
Thanks for explaining it Ironman.
There are three kinds of people in this world.
Those who can count, and those who can't.
Posted Image

#34 brutal truth

    Member

  • Moderators
  • 8,695 posts
  • iPhone:iPhone 4
  • iPod touch:iPod touch 1G
  • iPad:iPad
  • iPod:iPod classic
  • Apple TV:Apple TV 2G

Posted 06 April 2011 - 11:22 AM

A12danrulz said:

Q: I heard you can steal peoples passwords over wifi! How do I do that?

A: Well, yes you can, but you can't just get any of their passwords that easily. You can run whats known as an MITM, or Man In The Middle, attack. What this does is uses ARP spoofing to trick the target computer/s into sending their traffic through your computer or iPod, and you use a packet recorder and sniffer combo to read the passwords, urls, etc such as pirni and derv or firesheep. But an MITM attack isn't guaranteed to get the password. If the website they are logging onto uses https, which is a secure version of http, hence the S, you aren't going to be able to get a password. In this case you will need to be a little more creative. You will need to be a bit more skilled. You will need to copy the login page of the site you want the password for, like facebook, with wget. Then you will need to put that in your webservers main page as index.html, along with a script that records the input into the username and password field into a .txt file. When you have that all ready you just need to run iPwN, use the dns spoof attack, and DON'T use the wildcard target! How suspicious would it look if you wanted to go to google but you get sent to facebook? Just say no to a wildcard and put in the URL of the login page. Now there you go! Leave that run for a bit and check the .txt file for passwords.

Q: But when they visit the URL I'm faking it says "http://192.168.1.2:80/var/www/index.html" How do I make it different?

A: Now that is an excellent question! Unfortunately, you cannot change the ip of the URL, but you CAN change the directory so it looks less suspicious. If you are using Lighttpd from cydia go to /etc/lighttpd2.conf and change the first line, which should say 'server.document-root = "/var/www" '
Change the directory to any that you want. For example, if you are getting a facebook login, change it to something like "/facebook/default_login". Then just make a directory to there and put your index.html there and your keylogger. There you go! You can now get peoples passwords!
Added this and did some minor cleanup.

#35 Ironman

    Ninja Trainee

  • Members
  • 6,705 posts

Posted 06 April 2011 - 12:09 PM

Once again. Thanks dude!!! We all need to chip in and buy you a night out on the town!!!
Posted Image

#36 Vonix

    Animation Overlord

  • Members
  • 10,859 posts
  • iPod touch:iPod touch 4G, iPod touch 2G
  • Mac:iMac
  • iPod:iPod nano
  • Apple TV:Apple TV 2G

Posted 14 April 2011 - 07:16 AM

I tried Tor and not only was it extremely slow, but it was German
Posted Image Posted Image

#37 Gavin

  • Members
  • 5,844 posts

Posted 14 April 2011 - 07:19 AM

0vonix0 said:

I tried Tor and not only was it extremely slow, but it was German

That's odd...

Quote

Complainismo strikes again

#38 d3nn

    Diodora demartiniorum

  • Members
  • 5,690 posts
  • iPod touch:iPod touch 4G
  • iPod:iPod nano

Posted 14 April 2011 - 07:21 AM

Gavin said:

That's odd...


It always goes german for me in google. It's because the last tor server (in this case) is in germany so google thinks from your ip that you're german.
Posted Image

#39 Vonix

    Animation Overlord

  • Members
  • 10,859 posts
  • iPod touch:iPod touch 4G, iPod touch 2G
  • Mac:iMac
  • iPod:iPod nano
  • Apple TV:Apple TV 2G

Posted 14 April 2011 - 07:22 AM

It's outragously slow too.
Posted Image Posted Image

#40 d3nn

    Diodora demartiniorum

  • Members
  • 5,690 posts
  • iPod touch:iPod touch 4G
  • iPod:iPod nano

Posted 14 April 2011 - 07:25 AM

It always is... I still don't use other proxys, though. Tor is probably the best you can get for free at least.
Posted Image