Jump to content

[Support] Portal Auth


sud0nick
 Share

Recommended Posts

Well that explains it then.

Because the captive portal that i tried to clone (from the fast food chain), could never finish the cloning process. HOWEVER it did copy both landscape & portait backgrounds for both mobile and regular.

FORTUNATELY I saved the source code and fixed a couple of links. So now, i could use that as a mobile/regular sized captive portale template. It's PERFECT.

Link to comment
Share on other sites

  • Replies 262
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

If i connect to a portal using a moble phone, will portal auth clone it with the mobile version only?

And vece-versa, if i connect with a laptop, will portal auth clone both versions? (mobile/desktop version)

I have a template composed of 2 css files and one splash screen and it detects if the victim is on a mobile or computer, works like a charm.

If anyone plans to make an adaptable portal page this setup worked for me:

The demensions used are:

Landscape version

width: 873px; height: 650px;

Portrait version (mobile phones)

Mobile phone version:

width: 900px; height: 1172px;

Having a fixed dimension would cause issues for other people on different devices unless they change it to their devices resolution. that's the issue with some infusions and the inability see all the content. But that's a different srory. The portalauth infusion clones the css. So if that css includes adaptive dimensions for mobile infusions, it will grab it. if you spoof a useragent and the portal has seperate css from say a desktop or for mobile devices or whatever, it will grab and clone that Edited by DataHead
Link to comment
Share on other sites

Absolutly. I guess that's what happend to me. Portal auth did actually download 2 css files.

Perhaps the css files adapt according to the device.

Part of the source code:

Android: function() {
return navigator.userAgent.match(/Android/i);
},
BlackBerry: function() {
return navigator.userAgent.match(/BlackBerry/i);
},
iOS: function() {
return navigator.userAgent.match(/iPhone|iPad|iPod/i);
},
Opera: function() {
return navigator.userAgent.match(/Opera Mini/i);
},
Windows: function() {
return navigator.userAgent.match(/IEMobile/i);
},
any: function() {
return (isMobile.Android() || isMobile.BlackBerry() || isMobile.iOS() || isMobile.Opera() || isMobile.Windows());
}
};
if( !isMobile.any() ) {
document.getElementById('portrait').style.visibility = 'hidden';
}

So i guess it's perhaps more univeral than i thought.

Again, up to now, I've tested it on various smartphones and tablets, it's perfect.

Link to comment
Share on other sites

Absolutly. I guess that's what happend to me. Portal auth did actually download 2 css files.

Perhaps the css files adapt according to the device.

Part of the source code:

Android: function() {
return navigator.userAgent.match(/Android/i);
},
BlackBerry: function() {
return navigator.userAgent.match(/BlackBerry/i);
},
iOS: function() {
return navigator.userAgent.match(/iPhone|iPad|iPod/i);
},
Opera: function() {
return navigator.userAgent.match(/Opera Mini/i);
},
Windows: function() {
return navigator.userAgent.match(/IEMobile/i);
},
any: function() {
return (isMobile.Android() || isMobile.BlackBerry() || isMobile.iOS() || isMobile.Opera() || isMobile.Windows());
}
};
if( !isMobile.any() ) {
document.getElementById('portrait').style.visibility = 'hidden';
}

So i guess it's perhaps more univeral than i thought.

Again, up to now, I've tested it on various smartphones and tablets, it's perfect.

If Portal Auth is copying the files then why not just add this code to InjectJS? That's why a lot of the options are editable because not every situation is going to be the same. I put quite a bit of effort into the infusion so that you guys have the power to make it work for you not just in the way I designed it. Take control of it, play with the Inject/Strip options and modify those Inject files. Remember, if you screw them up you can just click the restore link to get the original back.

Link to comment
Share on other sites

Ya i just had to add a login field at the bottom of the script. That same login script is automatically displayed regardless of the resolution requested by the client.

Regardng portal auth, it didn't copy all the files. At least it didn't copy the source file (it was 0kb). I tried different options, but it couldn't do it. So since it wasn't able to copy, i just saved the source code. Strange thing is that there was no .js when cloning the fast food portal. I think it was either not included or simply un able to clone.

Nevertheless, with a little tweaking here and there the portal is now exactly the same as the original.

My idea is to use the InjectJs login splash screen as an alternative option. For example in cases were adding additional information is too complex.

It's nice to have it as an option though.

Link to comment
Share on other sites

We'll have to continue this particular discussion in messages but I looked at the source you sent me and there was no reference to any JS files. If there is no reference in the HTML it won't be copied. It's strange that the HTML didn't copy so there is definitely a missing variable here. Maybe there was a type of redirect that has not been accounted for yet?

Edited by sud0nick
Link to comment
Share on other sites

I think I found the reason why Cheeto couldn't clone some portals recently. I looked into the Python scripts that do the cloning and authentication and found that I had left some test URLs in there that lead to a page that no longer exists. I have fixed this issue and uploaded a new build to my site. Please give it a shot and let me know if there are any issues.

Link to comment
Share on other sites

v2.2 has been submitted to the Pineapple Bar. Some things have been added and a lot of issues have been fixed. I still don't expect it to be perfect because there is always going to be some weird portal out there that does things differently. One of the things I added in this version is error logs. If something goes wrong you can view the error in the Error Logs tab. Please copy and paste it here with a description of what you were doing so I can address the issue.

Change Log v2.2

[->] Fixed meta refresh bugs in cloning and authentication
[->] Added Error Logs tab
[->] Added client MAC collection
[->] Updated the layout of the change log tab
[->] Fixed layout issues on mobile devices
[->] Made minor changes to the UI

Edit:

A couple more changes were made after posting this and the infusion was resubmitted. You now must configure the Test Website and Data Expected fields before you can use Portal Auth. You may choose to use my server if you want by clicking the checkbox for this option. This is so you know where your requests are going every time you check for a captive portal. If you have your own server I recommend you use it.

Edited by sud0nick
Link to comment
Share on other sites

Error log:

Traceback (most recent call last): File "/sd/infusions/portalauth/includes/scripts/portalclone.py", line 52, in response = follow_redirects(response, s) File "/sd/infusions/portalauth/includes/scripts/portalclone.py", line 33, in follow_redirects r = follow_redirects(s.get(new_url), s) File "/sd/infusions/portalauth/includes/scripts/portalclone.py", line 33, in follow_redirects r = follow_redirects(s.get(new_url), s) File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 473, in get return self.request('GET', url, **kwargs) File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 447, in request prep = self.prepare_request(req) File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 378, in prepare_request hooks=merge_hooks(request.hooks, self.hooks), File "/usr/lib/python2.7/site-packages/requests/models.py", line 303, in prepare self.prepare_url(url, params) File "/usr/lib/python2.7/site-packages/requests/models.py", line 360, in prepare_url "Perhaps you meant http://{0}?".format(url)) requests.exceptions.MissingSchema: Invalid URL u'/pas/start?command=track&track=admin&key=prt_f3_v2-8803dbb9d7c2d71843e43effc511d3c9': No schema supplied. Perhaps you meant http:///pas/start?command=track&track=admin&key=prt_f3_v2-8803dbb9d7c2d71843e43effc511d3c9?

Edited by jorgeivan
Link to comment
Share on other sites

Do you have a copy of the source code to what you were trying to clone? If so, send it to me in a PM. It says the URL was invalid which I can tell it is by the error. Maybe the meta refresh goes to a relative URL? Let me know if you can get that info for me.

Link to comment
Share on other sites

BTW I realize that v2.2 hasn't been released yet on the Pineapple Bar which means you downloaded this from my site. I will be removing v2.2 from my site until it is released on the Pineapple Bar to respect Hak5's approving authority. After all it is their device and they have an approval process for a reason. I will still add test versions to my site as a disclaimer is already posted there about them.

Edit:

Until v2.2 is approved, if you download portalauth_latest.tar.gz from my site you will receive v2.1 instead.

Edited by sud0nick
Link to comment
Share on other sites

I updated portal auth but no still no luck and the fast food chain.

If i could make a suggestion, how about adding a STOP buton to the clone menu?

From time to time, the user might run into an endless loop (like in my case) and the only way to get out of it is to shut down the device.

Also Auto Auth didn't work. I could see thte captured macs though.

I'll pm you with the video footage.


Cheers.
Link to comment
Share on other sites

Like I've said many times now, auto authentication will not always work. Every portal is different with different elements that need to be passed to the AP for authentication. This is why I have included the Element Tags field in the Config tab. Search the source, determine which elements are being sent with the form data, place them in the Element Tags field and try again. If it works then share the configuration with everyone here so we know what to add to ours. If it doesn't work then we can look at where the script failed.

Link to comment
Share on other sites

I don't know why that's happening to you. Is anyone else running into this problem? I will work on adding a stop button so you can kill the process. Are you sure it's actually running into a loop? Remember it may take some time to copy everything from a portal. If you close the window while it's copying and try to run some other operation the Pineapple may lock up because it doesn't have much processing power.

Link to comment
Share on other sites

I don't know why that's happening to you. Is anyone else running into this problem? I will work on adding a stop button so you can kill the process. Are you sure it's actually running into a loop? Remember it may take some time to copy everything from a portal. If you close the window while it's copying and try to run some other operation the Pineapple may lock up because it doesn't have much processing power.

Yes I have.

Edited by xrad
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...