Jump to content
SDFUK

Improving Evil Portal

Recommended Posts

Hi,

I've been experimenting with the Evil Portal module. It's really nice to use and works well when easily loading new templates etc in. 

I'd like to improve the hit rate at which new clients are being redirected to the captive portal. I've used the DNSSpoof module to redirect all to the portal, but I suspect this is hit and miss due to many clients caching DNS. I am finding that many clients will connect straight through without ever seeing the Evil Portal.

Is there a good way to increase the chance of the portal popping up - e.g does anyone have a list of the various domains such as captive.apple.com? Or should I be looking at IPTables rules to block the traffic similar to WiFiPhisher?

Thanks

Share this post


Link to post
Share on other sites

@SDFUK I was playing around with Evil Portal today and I got every client to direct to my Portal page.

If the portal doesn't come up every time, make sure there isnt another module interfering with the Evil Portal module & reboot the Pineapple.

 

On a different note; if there are any experienced Evil Portal users. I could use some help on my other thread:

"My objective is to phish the usernames and passwords by sending them to a txt file or log entry."

 

 

Share this post


Link to post
Share on other sites
On 10/4/2018 at 8:22 AM, SDFUK said:

Is there a good way to increase the chance of the portal popping up - e.g does anyone have a list of the various domains such as captive.apple.com? Or should I be looking at IPTables rules to block the traffic similar to WiFiPhisher?

If you spoof all dns to your pineapple you'll get basically everyone but obviously this isn't a good solution because you'll want clients to use the internet as normal after they go through the portal. In the long term I want to write a program that spoofs DNS conditionally but thats down the road. Right now your best bet is to improve the iptables for Evil Portal. If you end up writing better iptables please make a PR to the project https://github.com/frozenjava/EvilPortalNano

  • Like 1

Share this post


Link to post
Share on other sites

Couldn’t you set some of that (conditional stuff) up in the iptables?

Share this post


Link to post
Share on other sites

I am pretty new to this stuff and have just started messing around in it. I came across the same https problems and searching for an answer came across this here.
I am just wondering if it wouldn't be possible to generate a certificate and strip the ssl just like the SSLsplit does? ( https://forums.hak5.org/topic/37107-official-sslsplit/ ) Thus changing the traffic to http and beeing able to redirect it to the captive portal.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...