Thursday, April 17, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 53   
  • · Total Members: 14,481
  • · Newest Member: amd3012
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1277   
    cruizrisner1057   
    Qwexotic1034   
    Null Set869   
    auditorsec603   
    Override602   
    godofcereal599   
    TurboBorland585   
    Teddy469   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override Security Wireless Security
    Captive portals
    Register FAQ Members List Today's Posts Search

    Print Thread
    01-02-2014 10:29 AM Captive portals
    Hello guys,

    First I wish everyone a wonderful hacky new year !!

    I'm actually starting to study on wifi captive portals and ways to bypass them.

    I read than captive portals can redirect users via :

    - HTTP
    - IP redirect
    - DNS

    I've found many explanation, and could test HTTP redirection with PfSense captive portals.

    The IP redirection and DNS redirections are less usual it seems.

    Do anyone know a captive portal than is performing DNS or IP redirections ? Any documentations are welcomed also
     
    Offline
    01-02-2014 02:06 PM RE: Captive portals
    I can't help you. But that topic is similat. Maybe you can filter some infomations there out: http://infinityexists.com/videos/om/videos/
    Join our IRC channal! irc.evilzone.org #Evilzone #SecurityOverride

    "The quieter you become the more you are able to hear."

    "With great power comes great responsibility"
     
    Offline
    01-03-2014 09:06 AM RE: Captive portals
    Teddy wrote:
    I can't help you. But that topic is similat. Maybe you can filter some infomations there out:
    http://infinityexists.com/videos/om/videos/


    Thank you I'll check that. I'm rather focused on how captive portals work.
     
    Offline
    01-03-2014 12:29 PM RE: Captive portals
    The bilble wikipedia (just joking) and other sources quotes that some captive portals are doing DNS poisonning in order to redirect non authorised users to a login web page. If someone knows any implementation of that, please let me know.
     
    Offline
    01-08-2014 07:35 PM RE: Captive portals
    If you have the access to a couple PC's or even maybe a couple VM's you can set up your own portal and test against it. You'll have to run a few google searches but there are a few different applications that will set up a capture portal, which really if you think about it, http server, DNS, DHCP maybe, pretty simple things to setup on a linux box. I believe some distros actually come with this pre-installed... you know, if your into that sort of thing Wink

    Not sure if that's what you had in mind but hope it gives you some ideas.
     
    Offline
    01-09-2014 05:29 AM RE: Captive portals
    SMB wrote:
    If you have the access to a couple PC's or even maybe a couple VM's you can set up your own portal and test against it. You'll have to run a few google searches but there are a few different applications that will set up a capture portal, which really if you think about it, http server, DNS, DHCP maybe, pretty simple things to setup on a linux box. I believe some distros actually come with this pre-installed... you know, if your into that sort of thing Wink

    Not sure if that's what you had in mind but hope it gives you some ideas.


    I've installed two CP (PfSense and Alcasar), in order to test, both are working. I've managed to test a DNS tunnel. Now I'm trying to test ICMP tunneling, but both portals are not allowing ICMP when the user is not logged in. I tried to allow ICMP through firewall rules, but it not working.
    Any ideas ?
     
    Offline
    01-13-2014 03:58 AM RE: Captive portals
    Ok think I found how to do this on PfSense. It's using IPFW, just a new rule to set.
     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard