Results 1 to 15 of 15

Thread: Pwnstar9.0 for Kali-linux 2016R1-2 released for testing

  1. #1
    Join Date
    2013-Jul
    Posts
    819

    Pwnstar9.0 for Kali-linux 2016R1-2 released for testing

    Musket Teams have voted to release their latest field version of Pwnstar9 for WPA Phishing and Open Hotspots for community testing.

    Script supports Kali 2016R1R2 only!

    Features

    1. Complete control of most aspects of the Rogue AP process. Such as mac spoofing, channels, AP names of various components, 2nd wifi device options and all aspects of internet connection when access thru captive portal.

    2. Passive and Active DOS processes all run from only one(1) wifi device supporting packet injection. Passive DDOS allows RogueAP Clones running parallel with Rogue AP and still supporting active DDOS when required.

    3. 17 Web Page folders supporting dns spoof and captive portals for both Open Web Sites, WPA Phishing AND WPA Enterprise

    4. MITMf and sslslip, sslslip+ and sslstrip are setup thru menu options as required by user.

    5. WPA Downgrade added to active DDOS choices available.

    6 HTTPS trap to avoid warning to phish

    7. Options for use of two(2) wifi devices

    You can download the zip which contains a lengthy help file.

    https://github.com/musket33/Pwnstar9...-Kali-2016R1-2

    or

    https://www.datafilehost.com/d/6aec9109


    Musket Teams
    Last edited by mmusket33; 2017-02-04 at 06:19.

  2. #2
    Join Date
    2013-Jul
    Posts
    819
    Webpage Updates

    Replace two files in the webpage folder with these updates

    Corrects a small flaw on right side of background

    Musket Teams

    Update available at either address below


    https://github.com/musket33/Pwnstar9...-Kali-2016R1-2


    https://www.datafilehost.com/d/6d32cdf0

  3. #3
    Join Date
    2013-Jul
    Posts
    6
    Dear Mmusket,

    I just tried the tool on a fresh install of 2016R2. Using choice 9 a with captive portal and sniffing, I was able to get the captive portal to work fine, but the victim machine could not get past the captive portal for further credential sniffing. Every refresh of browser or attempt to go to other site resulted in captive portal page again. Any thoughts on what I am doing wrong or potential bug? Target was iOS device with safari.

  4. #4
    Join Date
    2013-Jul
    Posts
    819
    To social cred

    1. If you want to do credential sniffing not WPA Phishing suggest you use item 3. This being said tell us the following and we will run some tests and get back to you as we are currently working on new pages.

    1. What web page did you use?

    2. Reference the HTTPS trap feature which selection did you use?

    In general to get past the portal phishing page you first must enter data requested by the page correctly. If you use the HTTPS trap feature the phish will bypass the portal page until a http request is made. At that point the portal page is seen. Once data is entered correctly the phishing page is no longer seen unless you change your mac address and sign in with a different ip.

    In closing use the HTTPS trap, get an association to the rogue and make a https request. You should be sent straight to the internet. Next change your request to http and you should get the portal page, 'Now enter the data requested and see what occurs.

    Musket Teams
    Last edited by mmusket33; 2017-02-12 at 14:23.

  5. #5
    Join Date
    2013-Jul
    Posts
    819
    To social cred

    Suggest you cross reference this post concerning airbase-ng

    https://forums.kali.org/showthread.p...ssid-specified

    MTeams
    Last edited by mmusket33; 2017-02-12 at 14:28.

  6. #6
    Join Date
    2013-Jul
    Posts
    819
    New Web Pages and corrections to one folder are available at:

    https://github.com/musket33/Pwnstar9...-Kali-2016R1-2

    or download thru the following:

    Newpages and Updates.zip

    https://www.datafilehost.com/d/ff979b11


    Musket Teams

  7. #7
    Join Date
    2013-Jul
    Posts
    819
    New Web Pages and Corrections 2

    Included in the package are six(6) webpage folders

    Replace the following four(4) folders with these newer ones

    androidwpa1
    androidwpa1access
    routerwpa8
    routerwpa8access

    Corrects a flaw in error pages.

    New Web Pages

    speedwpa1
    speedwpa1access

    The speed webpages attempt to exploit the emotional need for more internet speed.

    All web page coding has been rechecked and tested

    The captive portal coding is currently being explored by MTeams for newer approaches so expect further changes in the future.

    You can download at;

    https://github.com/musket33/Pwnstar9...-Kali-2016R1-2

    or

    https://www.datafilehost.com/d/f2e72070


    Musket Teams

  8. #8
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Any plans to make this compatible for us poor invisible minority that uses KL1? Please? That would be cool.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  9. #9
    Join Date
    2013-Jul
    Posts
    819
    I assure you that users of Kali 1.10a are not invisible to us. MTeams spent allot of coding time keeping 1.10a functioning. Until we found the older airmon-ng solution reaver always worked better for us when using k1.10a. Furthermore we could never get Bully to do much of anything and are starting tests to see if bully functions better for us when using the older airmon-ng.


    Reference Pwnstar9.0 MTeams ran into problems with some of the sniffing tools. You could make a usb install of kali 2016. This would result in one of the sniffing tools possibly unusable but that might be corrected. However we will look into a modified version. We plan on loading beef into the package. We tried but it kept eating our distro.

    MTeams
    Last edited by mmusket33; 2017-03-01 at 09:36.

  10. #10
    Join Date
    2015-Dec
    Posts
    15
    Hi MT, thanks for your outstanding work.
    Would it be possible to use Pwnstar9.0 as a "simple" wifi repeater / range extender?
    I need to extend my access point signal using my KALI 2016.R2 box.
    I have 2 wifi adapters.

  11. #11
    Join Date
    2013-Jul
    Posts
    819
    To JackBauer

    You can setup an access point but it would not be protected by WPA or WEP. Just use selection three not 4 or 9a as you do not need to login in thru a web page. If you understand both bash coding and airbase-ng commands we think you could encrypt the airbase-ng with WEP BUT have it transmit that it is WPA. That would confuse a hacker to some extent. Notice our RogueAP WPA Clone used to passive DDOS a target transmits that it is WPA encrypted. We ran some tests years back with this WEP/WPA concept .


    MTeams

  12. #12
    Join Date
    2013-Jul
    Location
    Australia
    Posts
    2
    Hi Guys i have playing with the latest version i have set up Rogue AP Name = ZZZ Blackhole but has a different name DIRECT -oQF3 etc
    why is that ?

    XAM

  13. #13
    Join Date
    2013-Jul
    Posts
    819
    To maxwell8686

    When you select the type of airbase-ng to set up there are three(3) types. You have selected type three(3) which responds to all probes. Just select type 2 and you will only broadcast the essid or rogueAP name you require.

    Furthermore if you select type three(3) or possibly type one(1) you will also end up with a second rogueAP name called default.

    Musket Teams

  14. #14
    Join Date
    2013-Mar
    Posts
    74
    Can this one help to sniff https logins?

    Was thinking as sslstrip doesn't work (all using now HSTS) to let the user connect to a rogue AP and from there trick him to login to an https site and get the credentials .... ?

  15. #15
    Join Date
    2013-Jul
    Posts
    819
    To: pamamolf

    Pwnstar9 supports MITMf and sslslip, sslslip+ and sslstrip. Setup pwnstar9 to use Item 3 in the basic menu

    You might try the beef package in airgeddon available for download here in Community Projects. MTeams cannot test as our receivers do not work with airgeddon.


    Musket Teams
    Last edited by mmusket33; 2017-04-26 at 11:37.

Similar Threads

  1. Pwnstar9.0 for kali2.0 has been released for general use
    By mmusket33 in forum Project Archive
    Replies: 37
    Last Post: 2016-12-05, 08:23
  2. Replies: 25
    Last Post: 2015-10-09, 00:41
  3. Penetration Testing Laboratory for Kali Linux users.
    By Luka Safonov in forum How-To Archive
    Replies: 2
    Last Post: 2015-05-29, 10:16

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •