Jump to content

Evil Portal issues - You are not authorized


Recommended Posts

Hi all,

I have burnt through so many hours of personal time and work time trying to sort this. I have followed various articles and YouTube videos, so I thought it might be worth posting here also.

Basically, I want to use the Pineapple on one of my pen tests I want to clone the SSID of my customer, then broadcast the cloned SSID as a fake SSID with an Evil Portal hanging off the back of it.

I have managed to customise some of the Kleo portals to my liking, I customised images and CSS, nothing to complex but the outcome is very effective.

My issue is this:

- Connect to the open AP that the Pineapple is broadcasting - works fine

- The Captive Portal page opens - works fine

- Enter credentials and press the submit button - works fine

- An alert on the Pineapple appears saying a user has successfully connected and the entered credentials are visible in the log file - works fine

- After pressing the submit button either from a mobile device or a desktop device, a screen appears with a plain text message saying "You are not authorized"

- On a mobile device, I press cancel, then a pop up appears with two options, one saying connect without internet and one saying connect to another network

- If I press connect without internet, the mobile device connects to the SSID being broadcast by the Pineapple, therefore the mobile device is connected to SSID being broadcast by the Pineapple.

I cannot for the life in me work out why the Pineapple is insisting that after entering something into the text fields then pressing the submit button that a message should be displayed saying "You are not authorized".

I have had a look at the php files on the pineapple in /www/captiveportal and I see various functions being called, one of them being something like onerror() but why is the error happening in the first place therefore why is the onerror() function being called which is what is displaying the "You are not authorized" plain text on the screen.

All I want is to grab the creds then dump the user out of the captive portal. I cannot use the Pineapple in a pen test when its only half working like this.

Has anyone got a solution to this please?

I am using the Starbucks portal by the way.

Many thanks.

Link to comment
Share on other sites

I haven't no, I am not sure why this person has massively over complicated the scenario by adding in Evilginx either!

I am not sure what is being achieved by adding - <BODY onload="document.forms['member_signup'].submit()"> wont this just auto submit the form therefore not give the user to enter details?

Link to comment
Share on other sites

I am going to factory reset and go from there.

I will also try the suggestion from dark_pyrro.

I would really like to get this working, I know alternatives exists such as Airgeddon but there is something really cool about whipping this device out ya bag on a pen test 🙂

Thanks for the replies.

Any other suggestions would be greatly appreciated.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...