Jump to content
Hak5 Forums
Sign in to follow this  
vay3t

[Need help] Evil Portal (iptables)

Recommended Posts

vay3t   

Using evil portal I have noticed that it has some "problems" of functioning (they are not really problems)

  • Https that does not get redirected
  • Need internet to work

Practicing in raspberry pi I was able to make a captive portal using the following rules. I do not know if they would work when editing the api of evil portal:

iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j DNAT --to 10.0.0.1
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1
iptables -P FORWARD DROP

The truth is that solving these two points is fundamental for me. Any suggestions or help?

Share this post


Link to post
Share on other sites
vay3t   
38 minutes ago, vay3t said:

Using evil portal I have noticed that it has some "problems" of functioning (they are not really problems)

  • Https that does not get redirected
  • Need internet to work

Practicing in raspberry pi I was able to make a captive portal using the following rules. I do not know if they would work when editing the api of evil portal:


iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j DNAT --to 10.0.0.1
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1
iptables -P FORWARD DROP

The truth is that solving these two points is fundamental for me. Any suggestions or help?

The iptables rules in the api are:

iptables -t nat -A PREROUTING -s 172.16.42.0/24 -p tcp --dport 80 -j DNAT --to-destination 172.16.42.1:80
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j DROP

 

Share this post


Link to post
Share on other sites
oXis   

A couple of time ago I posted this script on Evil Portal's topic. The PineAP works with openwrt, so the iptable chains are a little bit different than the ones in Debian for example, so it's hard to use a Pi to prototype the rules.

Here is my script, https://pastebin.com/zZhzqf91 the init section shows the rules to redirect traffic. HTTPS is hard to redirect because of HSTS and Certificates, either you drop it or you expect clients to authorised the self signed certificate (doesn't work with HSTS).

Hope it helps.

Edited by oXis

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×