BinaryC0de Posted April 30, 2020 Share Posted April 30, 2020 Attempting a different type of attack... Android Target -->ARP Poison-->MITM-->Captive Portal (with Android Captive Portal detection... Not counting that target has to surf to http site) I can get captive portal all day long with initial WiFi connection. However, if either I revoke target access in something like Evil Portal module... Or... More like I'm trying to do with ARP poisoning target with an already established wlan connection... The captive portal detection in android doesn't seem to pick back up. It seems that after established on the lan the device does connectivity checks via SSL and not HTTP (https://connectivitycheck.gstatic.com/generate_204 instead of http://connectivitycheck.gstatic.com/generate_204). I just need to verify with someone else that is the case and this is not going to be a feasible thing to pursue. Quote Link to comment Share on other sites More sharing options...
BinaryC0de Posted April 30, 2020 Author Share Posted April 30, 2020 I would think that a legit use case for something like this would be expired access and the need for reathenication. Such as hotel captive portal after 24 hours. Certainly surfing to http would redirect but not user friendly. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.