SDFUK Posted October 4, 2018 Share Posted October 4, 2018 Hi, I've been experimenting with the Evil Portal module. It's really nice to use and works well when easily loading new templates etc in. I'd like to improve the hit rate at which new clients are being redirected to the captive portal. I've used the DNSSpoof module to redirect all to the portal, but I suspect this is hit and miss due to many clients caching DNS. I am finding that many clients will connect straight through without ever seeing the Evil Portal. Is there a good way to increase the chance of the portal popping up - e.g does anyone have a list of the various domains such as captive.apple.com? Or should I be looking at IPTables rules to block the traffic similar to WiFiPhisher? Thanks Link to comment Share on other sites More sharing options...
Redenbacher Posted October 8, 2018 Share Posted October 8, 2018 @SDFUK I was playing around with Evil Portal today and I got every client to direct to my Portal page. If the portal doesn't come up every time, make sure there isnt another module interfering with the Evil Portal module & reboot the Pineapple. On a different note; if there are any experienced Evil Portal users. I could use some help on my other thread: "My objective is to phish the usernames and passwords by sending them to a txt file or log entry." Link to comment Share on other sites More sharing options...
newbi3 Posted October 8, 2018 Share Posted October 8, 2018 On 10/4/2018 at 8:22 AM, SDFUK said: Is there a good way to increase the chance of the portal popping up - e.g does anyone have a list of the various domains such as captive.apple.com? Or should I be looking at IPTables rules to block the traffic similar to WiFiPhisher? If you spoof all dns to your pineapple you'll get basically everyone but obviously this isn't a good solution because you'll want clients to use the internet as normal after they go through the portal. In the long term I want to write a program that spoofs DNS conditionally but thats down the road. Right now your best bet is to improve the iptables for Evil Portal. If you end up writing better iptables please make a PR to the project https://github.com/frozenjava/EvilPortalNano Link to comment Share on other sites More sharing options...
Forkish Posted October 24, 2018 Share Posted October 24, 2018 Couldn’t you set some of that (conditional stuff) up in the iptables? Link to comment Share on other sites More sharing options...
HJADR Posted October 25, 2018 Share Posted October 25, 2018 I am pretty new to this stuff and have just started messing around in it. I came across the same https problems and searching for an answer came across this here. I am just wondering if it wouldn't be possible to generate a certificate and strip the ssl just like the SSLsplit does? ( https://forums.hak5.org/topic/37107-official-sslsplit/ ) Thus changing the traffic to http and beeing able to redirect it to the captive portal. Link to comment Share on other sites More sharing options...
eprom Posted January 11, 2019 Share Posted January 11, 2019 +1 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.