Forum Replies Created
- Posts
Hi!
Look, the search function will look for file names not the full path, if you want to enter a path then you should hit / as soon as the file browser opens. Also nodistributes seems to be down so use antiscan.meGreetings!
DiegoHi!
Your code looks ok, but the error seems you are using python3 in windows machine, can you sahre a screenshot with the command used to run the backdoor and the error message?Thanks!
DiegoHi!
But where are you pasting the location? Is not clear yet, also some screenshot will help.Thanks!
DiegoHi!
Are you using python 2 or 3? Also your code is unreadable because it lacks of indentation. So share it using the CODE button or upload it to pastebin and share the links here.Greetings!
DiegoHi!
Which attack are you trying? Also where have you stored the backdoor? What do you mean by it doesnt detect even when i copy paste? Can you elaborate much more? It’s not clear what you mean.Thanks!
DiegoHi!
Do you mean that airodump is not writting any file to disk? Because you said that it was displaying PMKID found so that means it should capture it.
Also you can still try to capture the handshake by deauthenticating a client, or even connect and disconnect any device manually (this ti test that the handshake can be captured).Let me know.
DiegoHi!
Ok, then please specify where and how are you testing, because first you said you were testing it against a remote host and suddenly you said it was working in explicit mode, so it might be clear for you how are you testing but not for me, so doing a proper explanation will help to solve this faster.Did you download the latest mitmproxy or are you using the one included in custom kali? Also remember to clear browser’s cache before trying the attack.
And if you are going to test it in the remote host first check that the arp spoofing attack is working by running arp -a and check that the router’s ip has kali’s mac address.Greetings!
DiegoHi!
Not all the routers will use PMKID, but any router will use a four-way handshake while authenticating a client. So check this article:PMKID Dumping: WiFi Password Attacks are Easier Than Previously Thought
Greetings!
DiegoHi!
You are doing something weird, because explicit mode will work for the local host (kali) and transparent mode will work for a remote host (victim). Also in you other question you said it’s working in official kali release and not is custom kali, I tested both of the attack with custom kali and they are working fine for me, did ou run apt upgrade in custom kali? Because this will undo the custom changes made by Zaid.And yes, it will work for http sites for now, later on the course you’ll learn to bypass https.
Greetings!
DiegoHi!
Ok, I just tested it with custom kali and it’s working fine here, it’s odd it’s not working for you.
Greetings!
DiegoHi!
If you have run the commands I shared successfully then it wouldn’t error out, can you sahre some screenshots with the result of the commands?Thanks!
DiegoHi!
For the moment only test with http sites, also remember to clear the browser’s cache before doing any test.Is any of the commands thowing an error or a warning?
Greetings!
Diego