sud0nick

[Official] Portal Auth

122 posts in this topic

Cloned portals don't appear in Portal Auth.  They show up in Evil Portal.  You should watch this video to gain an understanding of how this module works with others.

 

1

Share this post


Link to post
Share on other sites

Great Module. Followed the videos using all the infusions/module together and it works great against Win10.

Are you planning to make any videos showcasing building payloads for android/OSX?

also, people should make sure they power the NANO/TETRA adequately while doing any setup work involving copying/moving/extracting etc of files.

I was getting image linking errors after cloning sites until I swapped my TETRA over to mains power. So could be something to consider for some cases.

 

0

Share this post


Link to post
Share on other sites

@3mrgnc3 Currently the only way to build payloads for OS X using my API is to use the Python version.  I stopped supporting it awhile back since it didn't have the ability to function like a C#-based payload (primarily freezing Python code didn't work as well as a real compiled program).  The other payload options exist for you to deliver any payload you may already have and they don't necessarily need to integrate with PASS or Cursed Screech.  I'm pretty slammed with work and school so I haven't had time to work on personal projects at all.  Once I get some time I plan on getting a new version of Portal Auth released and I may create a Java API for building Android payloads.

1

Share this post


Link to post
Share on other sites

Thank you for this awesome module Nick; along with all the amazing support! I was trying the default "payloader" in my lab. When the target pulled the frame to download the exe, the link read: http://192.168.1.1/download/windows/NetCli.exe ... it was trying to pull the exe from my internal web server instead of off the pineapple. I can manipulate the code as shown in the video, but wanted to know if this is required for the default payloader injection. Thanks!

 

0

Share this post


Link to post
Share on other sites

Posted (edited)

@Mwatt when you download the payload the URL just points to whatever page you attempted to access and adds on the path to that payload.

For example, if you got to the portal by accessing www.interwebz.com then the payload URL would be www.interwebz.com/download/windows/NetCli.exe.  The fact that your payload URL contains 192.168.1.1 tells me you got to the portal by going to that address.

Edited by sud0nick
0

Share this post


Link to post
Share on other sites

Hello all,

I'm new to the Pineapple game so its a slow learning process.  I've gone through several tutorials and have lurked the forums plenty before I even tried anything and now I'm stuck in regards to evil portal.  I followed the video tutorials that were created by sud0nick and have followed them to a T, but where my issues lie are in the following.

When creating cloning the portal in Portal Auth, I either receive "an error has occurred" message.  This still seemed to create the portal and it showed up in Evil Portal so naturally I activated it thinking it was just a glitch and continued on.  I went to my test machine, was able to download the payload and install the key generator, and generate my key.  When I went I go in to "Submit" the key, nothing happens.  There are no errors, no refreshes, nothing happens.  I rebooted the device several times to no avail.  I read somewhere in the forum that it could be an SD card issue.  The card was formatted via the Pineapple and the only issue I've noticed with the card is that I need to wait till the Pineapple is turned on before inserting the card or else my modules won't load.  Not a big deal.  The card is a 32gb Sandisk class 10 if that helps.  

 

Any help would be appreciated.  It just seems as though my Pineapple doesn't like me.  It has crashes and things don't load.  I feel like I'm doing something wrong. 

0

Share this post


Link to post
Share on other sites

@imesoj What browser are you using?  Try checking the developer console to see if there are any JavaScript errors.

0

Share this post


Link to post
Share on other sites
On 3/23/2017 at 8:00 PM, sud0nick said:

@Mwatt when you download the payload the URL just points to whatever page you attempted to access and adds on the path to that payload.

For example, if you got to the portal by accessing www.interwebz.com then the payload URL would be www.interwebz.com/download/windows/NetCli.exe.  The fact that your payload URL contains 192.168.1.1 tells me you got to the portal by going to that address.

 

Thanks Nick! 

0

Share this post


Link to post
Share on other sites
17 hours ago, sud0nick said:

@imesoj What browser are you using?  Try checking the developer console to see if there are any JavaScript errors.

I've tried Chrome/Firefox/IE with no luck.  But funny enough, 40 minutes after making the post last night, I was suddenly able to clone a website successfully.  Thanks for the response.

0

Share this post


Link to post
Share on other sites

Posted (edited)

On 3/24/2017 at 9:10 PM, sud0nick said:

@imesoj What browser are you using?  Try checking the developer console to see if there are any JavaScript errors.

I'm back, looks like its broken again, and yes I am receiving a ton of Javascript errors when accessing modules attached to the SD Card or whenever I do anything that requires accessing the SD Card.  Several reboots seem to do nothing.  Is this the reason why my "victim" machine is asked to install a .json file after activating the key?  It never says the key is successful, it just asks to install or save the mentioned file and the page remains on the submit button. 

Chrome with  56.0.2924.87 (64-bit)

GET http://172.16.42.1:1471/modules/EvilPortal/js/module.js?_=1490563844656 404 (Not Found)
send @ jquery.min.js:4
ajax @ jquery.min.js:4
n.(anonymous function) @ jquery.min.js:4
getScript @ jquery.min.js:4
pineapple.routeProvider.when.resolve.jsLoader @ pineapple.js:24
e @ angular.min.js:39
(anonymous) @ angular-route.min.js:11
n @ angular.min.js:8
(anonymous) @ angular-route.min.js:11
(anonymous) @ angular.min.js:118
$eval @ angular.min.js:132
$digest @ angular.min.js:129
$apply @ angular.min.js:133
(anonymous) @ angular.min.js:104
dispatch @ jquery.min.js:3
r.handle @ jquery.min.js:3
 

Edited by imesoj
0

Share this post


Link to post
Share on other sites
15 hours ago, imesoj said:

GET http://172.16.42.1:1471/modules/EvilPortal/js/module.js?_=1490563844656 404 (Not Found)

The symlinks that Evil Portal creates either aren't being generated properly or the files don't have the proper permissions on them.

0

Share this post


Link to post
Share on other sites
6 hours ago, sud0nick said:

The symlinks that Evil Portal creates either aren't being generated properly or the files don't have the proper permissions on them.

Thanks,

I posted the output in the Evil Portal thread.  Any suggestions other than that?

0

Share this post


Link to post
Share on other sites

@imesoj maybe try putting the portal on /root/portals instead of the SD card and make sure you run chmod 755 on the files.  If that doesn't fix it then the Evil Portal thread is the place to get support for it.

0

Share this post


Link to post
Share on other sites
On 3/27/2017 at 0:59 PM, sud0nick said:

@imesoj maybe try putting the portal on /root/portals instead of the SD card and make sure you run chmod 755 on the files.  If that doesn't fix it then the Evil Portal thread is the place to get support for it.

The portal path is currently /root/portals.  The actual module is on the SD Card.  Since there's always an error in the process of writing, there aren't very many files to run chmod 755 after the cloning process.  

0

Share this post


Link to post
Share on other sites

Posted (edited)

Hey i followed your youtube video of the authportal and paper and screech to access the computer but when following to point to use the starbucks, like cloning the portal. i get an error> pretty much the same as imesoj. Also the files were in the evilportal but i couldn't activate it at all.

Edited by Mr.Pupp3T
0

Share this post


Link to post
Share on other sites

Posted (edited)

Okay Update the Resource files i guess were too big so it wasnt allowing it i copied the files over to evil portal and it worked just without the resource files. Now i gotta update .net on my laptop. cause im getting an error

 

 

JUST AN UPDATE; Great tool to have worked flawless, just had to get rid of the resouce file on the starbucks website my SD card is little small need to get a larger one. if anyone is having problems on getting keys and its not doing anything after 10 mins just resinstall the module and it will work,

Edited by Mr.Pupp3T
0

Share this post


Link to post
Share on other sites

Hi all,
I was able to clone the website of my favorite coffee house *once*. Any other website that I tried subsequently errors out.

I started the cloning via putty using this:

python portalclone.py --portalName Example  --portalArchive /sd/portals/ --url http://www.example.org --injectSet Free_WiFi_Week


 

For instance, I got those errors out of one of all those failed attempts:

Traceback (most recent call last):
  File "portalclone.py", line 24, in <module>
    cloner.cloneResources()
File "/sd/modules/PortalAuth/includes/scripts/PortalCloner.py", line 186, in cloneResources
    r = self.session.get(urlparse.urljoin(self.url, img.get(tag)), stream=True, verify=False)
  File "/sd/modules/PortalAuth/includes/scripts/libs/requests/sessions.py", line 473, in get
    return self.request('GET', url, **kwargs)
  File "/sd/modules/PortalAuth/includes/scripts/libs/requests/sessions.py", line 461, in request
    resp = self.send(prep, **send_kwargs)
  File "/sd/modules/PortalAuth/includes/scripts/libs/requests/sessions.py", line 573, in send
    r = adapter.send(request, **kwargs)
  File "/sd/modules/PortalAuth/includes/scripts/libs/requests/adapters.py", line 415, in send
    raise ConnectionError(err, request=request)
requests.exceptions.ConnectionError: ('Connection aborted.', BadStatusLine("''",))

I am connected to the interwebs via USB tethering (because internet connection on the Pineapple Nano via Windows is a royal pain in the neck and rarely ever works for me).
Also, I am writing the portal data to SD because I seem to have run out of space on the Pineapple itself.

On another occasion I also got several screens full of this, which surprised me as @sud0nick said those shouldn't even occur:

/sd/modules/PortalAuth/includes/scripts/libs/requests/packages/urllib3/connectionpool.py:747: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html

Apologies if the question is somewhat silly - I've been on this for a couple of weeks now and was never able to get the thing running properly. One successful cloning attempt is all I have to show at this point, which is sort of frustrating (although certainly not the end of the world).

Any ideas as to what I am doing wrong?

0

Share this post


Link to post
Share on other sites

I am getting some errors when cloning websites - wondering if someone could help me figure out what is wrong. Here is the error log:

Traceback (most recent call last): File "/pineapple/modules/PortalAuth/includes/scripts/portalclone.py", line 24, in cloner.cloneResources() File
"/pineapple/modules/PortalAuth/includes/scripts/PortalCloner.py", line 182, in cloneResources self.css_urls[_key] = self.parseCSS(urlparse.urljoin(self.url, img.get(tag))) File
"/pineapple/modules/PortalAuth/includes/scripts/PortalCloner.py", line 63, in parseCSS r = requests.get(url) File
"/pineapple/modules/PortalAuth/includes/scripts/libs/requests/api.py", line 65, in get return request('get', url, **kwargs) File
"/pineapple/modules/PortalAuth/includes/scripts/libs/requests/api.py", line 49, in request response = session.request(method=method, url=url, **kwargs) File
"/pineapple/modules/PortalAuth/includes/scripts/libs/requests/sessions.py", line 461, in request resp = self.send(prep, **send_kwargs) File
"/pineapple/modules/PortalAuth/includes/scripts/libs/requests/sessions.py", line 567, in send adapter = self.get_adapter(url=request.url) File
"/pineapple/modules/PortalAuth/includes/scripts/libs/requests/sessions.py", line 646, in get_adapter raise InvalidSchema("No connection adapters were found for '%s'" % url) 
requests.exceptions.InvalidSchema: No connection adapters were found for 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7'

 

0

Share this post


Link to post
Share on other sites

@kruemel and @nrohsakul sorry guys I've been really busy with work and school.  Now that school is out I should be able to find some time to work on these problems.  Please send me a PM with the sites you were trying to clone and any other details so I can try to replicate the problem and work it out.

1

Share this post


Link to post
Share on other sites

I've pushed an update to my dev branch on GitHub.  Nothing major has changed but I would appreciate it if some people could test it with various sites and let me know if they get any errors.  The cloning process should now be a little bit faster than before since the resources are downloading concurrently instead of serially.

0

Share this post


Link to post
Share on other sites

Version 1.4 has been submitted to the Module Manager.  It is already available on GitHub in the Portal Auth master branch.  Here is the changelog:

June 10, 2017 

- The default captive portal test page can now be reached over HTTPS
- Added dependency for curl to support access to Test Site over HTTPS
- Portal cloning is now multithreaded which makes it slightly faster
- Added ability to select payloads for target OSes in the cloner options window

 

1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.