GGG Posted March 11, 2023 Share Posted March 11, 2023 Hi! I am activating the open AP plus a nice google login page. But when I connect to it, I am not forced to visit that landing page. My android send this notification of course but who cares? I have internet even without visiting it and I am not forced to visit it. What's wrong here? Link to comment Share on other sites More sharing options...
dark_pyrro Posted March 11, 2023 Share Posted March 11, 2023 Depends on how you define "have internet". Are you able to use the web on the device without authenticating? I guess you are using the Evil Portal module since you refer to the "nice google login page". Link to comment Share on other sites More sharing options...
GGG Posted March 11, 2023 Author Share Posted March 11, 2023 25 minutes ago, dark_pyrro said: Depends on how you define "have internet". Are you able to use the web on the device without authenticating? I guess you are using the Evil Portal module since you refer to the "nice google login page". Yes and yes! ) I have internet 100% and it just shows a notification in the android notification bar that I need to authenticate bla bla. But it's useless since it's not forcing me to go to this page. Link to comment Share on other sites More sharing options...
dark_pyrro Posted March 11, 2023 Share Posted March 11, 2023 iptables should control that on the Pineapple and it shouldn't be possible to pass it. Is the /tmp/EVILPORTAL_CLIENTS.txt containing any IP addresses? Link to comment Share on other sites More sharing options...
GGG Posted March 11, 2023 Author Share Posted March 11, 2023 6 minutes ago, dark_pyrro said: iptables should control that on the Pineapple and it shouldn't be possible to pass it. Is the /tmp/EVILPORTAL_CLIENTS.txt containing any IP addresses? eh... I don't even have a tmp folder in my mark VII 😕 I must have missed something really basic here, right? 😄 Link to comment Share on other sites More sharing options...
dark_pyrro Posted March 11, 2023 Share Posted March 11, 2023 It's more or less impossible to not have a /tmp directory, it's a part of OpenWrt Link to comment Share on other sites More sharing options...
GGG Posted March 11, 2023 Author Share Posted March 11, 2023 4 minutes ago, dark_pyrro said: It's more or less impossible to not have a /tmp directory, it's a part of OpenWrt Definately! I wasn't in the root folder sorry lol Well it only has one IP, the Permanent client's one (which again, I am not sure what does this mean!) Link to comment Share on other sites More sharing options...
dark_pyrro Posted March 11, 2023 Share Posted March 11, 2023 It's most likely 172.16.42.42 which is the IP address that should be dedicated to the target connected to the Pineapple (at least using the USB-C Ethernet interface, if configured as static). What IP is the Android device getting from the Pineapple when connected to the open AP? Link to comment Share on other sites More sharing options...
GGG Posted March 11, 2023 Author Share Posted March 11, 2023 29 minutes ago, dark_pyrro said: It's most likely 172.16.42.42 which is the IP address that should be dedicated to the target connected to the Pineapple (at least using the USB-C Ethernet interface, if configured as static). What IP is the Android device getting from the Pineapple when connected to the open AP? 172.16.42.184 Link to comment Share on other sites More sharing options...
dark_pyrro Posted March 11, 2023 Share Posted March 11, 2023 What's the output of: iptables -S -t nat Not the whole output, but what lines are there that has anything that relates to the 172.16.42.0/24 range? I.e. iptables -S -t nat | grep 172.16.42 A screenshot of the EvilPortal (when it's active/running) would be nice to have for troubleshooting purposes. Link to comment Share on other sites More sharing options...
GGG Posted March 11, 2023 Author Share Posted March 11, 2023 -A PREROUTING -s 172.16.42.42/32 -A PREROUTING -i br-lan -p tcp -m tcp --dport 443 -j DNAT --to-destination 172.16.42.1:80 -A PREROUTING -i br-lan -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.16.42.1:80 -A PREROUTING -i br-lan -p tcp -m tcp --dport 53 -j DNAT --to-destination 172.16.42.1:5353 -A PREROUTING -i br-lan -p udp -m udp --dport 53 -j DNAT --to-destination 172.16.42.1:5353 Link to comment Share on other sites More sharing options...
dark_pyrro Posted March 11, 2023 Share Posted March 11, 2023 Can't see what your issue might be atm. I've never had any issues with Evil Portal (well, some when 2.x fw was released but that was fixed and was possible to solve temporarily). It shouldn't be possible to pass iptables rules (or the lack of them for the specific target). Link to comment Share on other sites More sharing options...
GGG Posted March 11, 2023 Author Share Posted March 11, 2023 9 minutes ago, dark_pyrro said: Can't see what your issue might be atm. I've never had any issues with Evil Portal (well, some when 2.x fw was released but that was fixed and was possible to solve temporarily). It shouldn't be possible to pass iptables rules (or the lack of them for the specific target). What if I tell you that I had internet in my android because I forgot my 5g on as well??? 😕 I know... shoot me now. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.