Jump to content

Evil Twin portal launches when I connect to the management SSID


brauckzilla

Recommended Posts

I'm brand new to the Pineapple, so forgive my ignorance here.

I setup Evil Twin yesterday for a work project.  I need a captive portal to test some VPN software.

Anyway, that is all working good after some initial glitches.

What I notice now is that when I connect to the management network SSID on my Mac, I get Firefox pop-up stating I need to connect to the network first. When I click the button, it takes me to the Evil Twin portal which is on a different SSID.

Not sure what logs or where the logs are to gather to isolate the issue.

Any suggestions would be great.

Thanks!

Link to comment
Share on other sites

When using the Evil Portal module (which I guess is what you are referring to), any networking interface (in OpenWrt terms) that passes through the br-lan device will be captured by the portal and that includes the management AP as well, not just the open AP.

The module changes the iptables configuration on the br-lan device. Check lines 146-149 in the module.py file of the Evil Portal module.

So, any traffic on any interface that goes through the "br-lan" device is used for Evil Portal.

Check
/etc/config/network
and
/etc/config/wireless
to identify those interfaces. Should be wlan0 (open AP) and wlan0-1 (management AP) and any other WiFi interface on the radio0 device such as Enterprise and EvilWPA that uses "lan" as network since "lan" uses "br-lan" as device.

You could perhaps change the lines mentioned above and specify wlan0 (the open AP) instead of br-lan if you want to just get Evil Portal "activated" when someone is connected to the open AP. I haven't tried that though, so I don't know if it will work as expected.

Link to comment
Share on other sites

3 hours ago, dark_pyrro said:

When using the Evil Portal module (which I guess is what you are referring to), any networking interface (in OpenWrt terms) that passes through the br-lan device will be captured by the portal and that includes the management AP as well, not just the open AP.

The module changes the iptables configuration on the br-lan device. Check lines 146-149 in the module.py file of the Evil Portal module.

So, any traffic on any interface that goes through the "br-lan" device is used for Evil Portal.

Check
/etc/config/network
and
/etc/config/wireless
to identify those interfaces. Should be wlan0 (open AP) and wlan0-1 (management AP) and any other WiFi interface on the radio0 device such as Enterprise and EvilWPA that uses "lan" as network since "lan" uses "br-lan" as device.

You could perhaps change the lines mentioned above and specify wlan0 (the open AP) instead of br-lan if you want to just get Evil Portal "activated" when someone is connected to the open AP. I haven't tried that though, so I don't know if it will work as expected.

Thanks for the reply.  I'll take a look at it and see what I can do.

So, based on your description of the code, this is WAD (Working as Designed).

Cheers

 

Craig

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...