Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 28

Thread: captive portal fishing

  1. #11
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    7

    Default Re: captive portal fishing

    I setup the files in www stated the permissions with chmod and yet when i connect to the fake ap I get a connection timeout occurred. Furthermore, the phishing page doesn't appear. However, the httpd server is up and when I type 127.0.0.1 the phishing webpage appears.

  2. #12
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: captive portal fishing

    @stick397 Can you connect to the fake AP ?
    Do you get an IP adress ?
    Are you getting any error messages ?
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

  3. #13
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    7

    Default Re: captive portal fishing

    The fake ap is created but I get an error message as soon as I connect stating no Internet connection I assume my dhcp i messed up

  4. #14
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: captive portal fishing

    Do you get any error messages from the dhcp server then ?
    The dhcp server should say something if you try to connect.
    And your victim pc doesn't have a static IP adress configured for another network because then you wouldn't be able to connect either
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

  5. #15
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    7

    Default Re: captive portal fishing

    http://img708.imageshack.us/img708/1...20104at135.png

    When I join the lhyx hospot I get this error a connection time out occurred

  6. #16
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: captive portal fishing

    Hi LHYX1,

    Nice idea.

    The attack seemed to run perfectly for me, but the credentials weren't logged. Can you confirm the supplied html and php worked for you?

    I am very "html-challenged", but eventually got it working by simplifying the process-form (with matching variables in index.html) to:

    PHP Code:
    <?php 
    $name 
    $_POST['login'];
    $password $_POST ['password']; 
    $fp fopen("formdata.txt""a"); 
    fwrite($fp$name" ; "$password"\n"); 
    fclose($fp); 
    echo 
    "<center><h1>Thank you</h1></center>"
    ?>
    Regards
    Vulpi

  7. #17
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: captive portal fishing

    @stick397 Everything looks good so maybe it's your wireless card ?

    @VulpiArgenti
    I thought the credential fishing page worked perfectly when I uploaded it.
    Anyway glad you got it to work
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

  8. #18
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    7

    Default Re: captive portal fishing

    ok i got it working with the web server on SAMSUNG NP-R519 R519 WIFI WIRELESS MINI CARD but not on rtl8781l chipset or as it is known awus036h wifi card. Other issue i had was that the entered username and password it did not appear in the formdata.txt although it responded back upon entering details. How do I solve the wi-fi card issue and the receiving of phished data ?

  9. #19
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: captive portal fishing

    Hi stick397,

    You seem to have two issues which should be addressed separately. Regarding the credential fishing, before attempting the complete attack, check that the web pages work on your own machine i.e. 127.0.0.1 in your browser address bar. If nothing is written to the txt file, and the permissions are correct, then try the php I posted above (which definitely works). Just to confuse you, I also changed the variable names, so you will have to change the index.html to match. The relevant snippet:
    HTML Code:
    <table width="370"> 
      <tr> 
        <td scope="col"><label for="login">Name (if applicable):</label></td> 
        <th scope="col"><input type="text" name="login" /></th> 
      </tr> 
        <tr> 
        <td><label for="password">Network Password: </label></td> 
        <td><input type="password" name="password" /></td>
    Regarding the Alfa, I have the same card and it works fine. On your screen shot above I don't see a DHCP lease, therefore I would guess the fault is somewhere in the DHCP request/offer process.

    Good luck!

  10. #20
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: captive portal fishing

    It's very strange that it doensn't work with your awus036h because I'm using the same wireless card

    And I found a fault in my index.html, you should set a name option for the login and password input tags.
    I made a few adjustments before uploading, I should have checked.
    I will update the script

    <input type="text" id="login" name="login" />
    <input type="password" id="password" name="password" />
    Last edited by LHYX1; 01-06-2012 at 01:57 PM.
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Fake AP and captive Portal
    By CeEe4 in forum OLD Wireless
    Replies: 7
    Last Post: 02-26-2010, 11:49 PM
  2. Rogue AP and Captive Portal
    By CeEe4 in forum OLD Newbie Area
    Replies: 0
    Last Post: 02-03-2010, 04:05 PM
  3. Setup Captive Portal
    By thedon in forum OLD Newbie Area
    Replies: 2
    Last Post: 01-29-2010, 10:32 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •