gripgrizzly Posted April 17, 2014 Posted April 17, 2014 Just wanted to know if there is an infusion that could allow me to deny access to my open AP. ex: allow all to connect but not have internet access then allow them internet access by their mac address. or everyone is allowed to connect and have internet access but then you could specify specific mac addresses deny internet access to. -Is anything like this possible at all? Quote
Foxtrot Posted April 17, 2014 Posted April 17, 2014 You mean like having a "Guest network" type thing, but the other way around? Quote
Sebkinne Posted April 17, 2014 Posted April 17, 2014 Just wanted to know if there is an infusion that could allow me to deny access to my open AP. ex: allow all to connect but not have internet access then allow them internet access by their mac address. or everyone is allowed to connect and have internet access but then you could specify specific mac addresses deny internet access to. -Is anything like this possible at all? You could achieve this by using iptables: Block all traffic on interface wlan0. Allow all traffic on MAC ABC on interface wlan0. Allow all traffic on MAC XYZ on interface wlan0. Remember, MAC addresses can be spoofed easily. Best Regards, Sebkinne Quote
gripgrizzly Posted April 17, 2014 Author Posted April 17, 2014 You mean like having a "Guest network" type thing, but the other way around? kind of sort of but thats a good idea ... is it possiple to broad cast two APs from one pinaple? Quote
Foxtrot Posted April 17, 2014 Posted April 17, 2014 No, If i'm not mistaken you need two wireless NICs to broadcast two APs. Quote
gripgrizzly Posted April 17, 2014 Author Posted April 17, 2014 You could achieve this by using iptables: Block all traffic on interface wlan0. Allow all traffic on MAC ABC on interface wlan0. Allow all traffic on MAC XYZ on interface wlan0. Remember, MAC addresses can be spoofed easily. Best Regards, Sebkinne ahhh iptables .... i see ..... hmmm i would have to look into this ..... i think this can do it tho ok so the MAC's can be spoofed so the best approach would be to block all traffic then allow individual MACs ..... that sounds about right what do you think.. could i get problems with that Quote
m40295 Posted April 17, 2014 Posted April 17, 2014 Couldn't you configure evil portal with a username and password if the password and username are in file.txt allow access to wlan1 (brlan) Quote
gripgrizzly Posted April 17, 2014 Author Posted April 17, 2014 (edited) Couldn't you configure evil portal with a username and password if the password and username are in file.txt allow access to wlan1 (brlan) ok this is intersting i thought that only wlan0 could create an AP and wlan1 can not so are you saying that users could connect to wlan1? or was that a typo and you ment wlan0? Edited April 17, 2014 by gripgrizzly Quote
m40295 Posted April 18, 2014 Posted April 18, 2014 (edited) sorry now that i reread a bit confusing for me wlan0 is pineapple ap wlan1 is my client for internet my thouht is using a evilportal for user pass to allow the use of client mode for each user connected to ap so connecting to the pineapple is open but to get internet you need a user pass i hope that makes more sence Edited April 18, 2014 by m40295 Quote
gripgrizzly Posted April 19, 2014 Author Posted April 19, 2014 (edited) sorry now that i reread a bit confusing for me wlan0 is pineapple ap wlan1 is my client for internet my thouht is using a evilportal for user pass to allow the use of client mode for each user connected to ap so connecting to the pineapple is open but to get internet you need a user pass i hope that makes more sence makes alot more sence now have you done that before? Edited April 19, 2014 by gripgrizzly Quote
m40295 Posted April 19, 2014 Posted April 19, 2014 i haven been working on it as many other in a diffrent thread isnt learning fun Quote
gripgrizzly Posted April 20, 2014 Author Posted April 20, 2014 i haven been working on it as many other in a diffrent thread isnt learning fun riiiiiiight..... You could achieve this by using iptables: Block all traffic on interface wlan0. Allow all traffic on MAC ABC on interface wlan0. Allow all traffic on MAC XYZ on interface wlan0. Remember, MAC addresses can be spoofed easily. Best Regards, Sebkinne following this format tip ......... i got this #Rules for allowing your mac addresses/sbin/iptables -A FORWARD -i eth1 -m mac --mac-source XX:XX:XX:XX:XX:11 -j ACCEPT/sbin/iptables -A FORWARD -i eth1 -m mac --mac-source XX:XX:XX:XX:XX:22 -j ACCEPT/sbin/iptables -A FORWARD -i eth1 -m mac --mac-source XX:XX:XX:XX:XX:33 -j ACCEPT#One final rule to drop all packets which do not match one of the rules above (are not from one of your allowed macs)/sbin/iptables -A FORWARD -i eth1 -j DROP cleaned it up a bit of corse change /sbin/ to sd and eth1 and such works ..but a little unconventional having to restart the pineapple everytime to make adjustments..... hmmm i think i might start from scratch with this.... mabe just Deauth...... will look into jammer Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.