Jump to content

[Evil Portal] - IOS internet check issue


Skeleton022

Recommended Posts

Hi there!

 

I'm trying to make an evilportal on the wifi pineapple (OS version: 2.1.2, Evil portal version: 1.5.3, other modules installed, don't know if it helps: hcxdumptool[1.0], httpseek[1.2.1])

I've made a template using the "New Portal" button, then modified it to my needs. The problem is that when I try it out with my iphone 13 it fails to reach "http://captive.apple.com/hotspot-detect.html" instead it tries to find the hotspot-detect.html on the webserver.
There are a lot of these errors in the log file:

2024/01/20 15:35:51 [error] 25944#0: *9 open() "/www/hotspot-detect.html" failed (2: No such file or directory), client: 172.16.42.143, server: www, request: "GET /hotspot-detect.html HTTP/1.0", host: "captive.apple.com"
2024/01/20 15:36:02 [error] 25944#0: *17 open() "/www/hotspot-detect.html" failed (2: No such file or directory), client: 172.16.42.143, server: www, request: "GET /hotspot-detect.html HTTP/1.0", host: "captive.apple.com"

The process (on the Iphone):

1. I join the open wifi network hosted by pineapple with my phone.
2. The captive portal pops up with the desired visual.
3. I fill out the required fields in the form, then click on the submit button.
4. Since it should be a friendly demonstation the destionation url is set to the rickroll Youtube url. (In my head it should redirect to yt and start playing the song, then the user could click on the "Done" button in the top right corner to dismiss the captive portal screen.

*Meanwhile the phone's ip makes its way to the "Allowed Clients" list. (So there is in fact internet access on the phone...)*

5. BUT this is where shit hits the fan. There is no "Done" button, only "Cancel", since the phone thinks that the network has no internet on it (since it can't reach the hotspot-detect url described above).

Note: If I put a hotspot-detect.html on the pineapple, the captive portal will not pop up, since ios finds it and thinks that everything is fine, no need to pop the portal...

I'm almost sure that this behaviour will be there if I test it with an android phone, since it too will have an url to check for internet. (I'll test it later, then edit the post accordingly!)

 

Thanks for the help in advance!
Have a nice day, and happy hacking!

Link to comment
Share on other sites

  • 2 months later...
On 1/20/2024 at 6:55 AM, Skeleton022 said:

Hi there!

 

I'm trying to make an evilportal on the wifi pineapple (OS version: 2.1.2, Evil portal version: 1.5.3, other modules installed, don't know if it helps: hcxdumptool[1.0], httpseek[1.2.1])

I've made a template using the "New Portal" button, then modified it to my needs. The problem is that when I try it out with my iphone 13 it fails to reach "http://captive.apple.com/hotspot-detect.html" instead it tries to find the hotspot-detect.html on the webserver.
There are a lot of these errors in the log file:

2024/01/20 15:35:51 [error] 25944#0: *9 open() "/www/hotspot-detect.html" failed (2: No such file or directory), client: 172.16.42.143, server: www, request: "GET /hotspot-detect.html HTTP/1.0", host: "captive.apple.com"
2024/01/20 15:36:02 [error] 25944#0: *17 open() "/www/hotspot-detect.html" failed (2: No such file or directory), client: 172.16.42.143, server: www, request: "GET /hotspot-detect.html HTTP/1.0", host: "captive.apple.com"

The process (on the Iphone):

1. I join the open wifi network hosted by pineapple with my phone.
2. The captive portal pops up with the desired visual.
3. I fill out the required fields in the form, then click on the submit button.
4. Since it should be a friendly demonstation the destionation url is set to the rickroll Youtube url. (In my head it should redirect to yt and start playing the song, then the user could click on the "Done" button in the top right corner to dismiss the captive portal screen.

*Meanwhile the phone's ip makes its way to the "Allowed Clients" list. (So there is in fact internet access on the phone...)*

5. BUT this is where shit hits the fan. There is no "Done" button, only "Cancel", since the phone thinks that the network has no internet on it (since it can't reach the hotspot-detect url described above).

Note: If I put a hotspot-detect.html on the pineapple, the captive portal will not pop up, since ios finds it and thinks that everything is fine, no need to pop the portal...

I'm almost sure that this behaviour will be there if I test it with an android phone, since it too will have an url to check for internet. (I'll test it later, then edit the post accordingly!)

 

Thanks for the help in advance!
Have a nice day, and happy hacking!

I have the same problem with IOS, and unfortunately I can't find a fix.

I set the portal up to just reload the signup page on submit, so I could try submitting multiple times to see what happens.  

On the first attempt, nothing happens. The login page just reloads. The second attempt, the authorization goes though, and I get the credentials logged. If I hit the submit button a THIRD time, Apple will see the internet, access the captive.apple.com/hotspot-detect.html page and it will display "Success" and then the cancel button turns to a Done. 

Not sure what causes it since the internet works the whole time. Maybe the iptables rule is taking time.

Also, for android everything works fine. At least with the phone I have. It's a Galaxy S 9 that's trapped on Android 10. First attempt it captures credentials and closes the portal and grants internet access. So it definitely seems to be an iOS issue.  

Edited by jermzz
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...