[akademikane]

Hi teacher,

Is there any way we can give them internet access so when fake captive portal gets displayed after they enter the password they also get a pop up saying update your network, click here to update so we give them a backdoor ?

[Diego Pérez]

Hi!
Fluxion is the closest tool to do the Captive Portal attack and at the end give internet connection to the user:
https://github.com/FluxionNetwork/fluxion/wiki/Captive-Portal-Attack

And yes, you can also give them a backdoor with the network update, in this case you’ll need to have some web development skills in order to modify the html page and serve a backdoor to the client.

Greetings!
Diego

[akademikane]

So as I know fluxion is a program which checks if the entered password on the web is correct then they give access to the itnernet, is that right ?

[Diego Pérez]

Hi!
According to the documentation (in the link I sahred above) they said that after checking the password the victim will be to connect to the real AP.

Greetings!
Diego

[akademikane]

Dieo I understand it, but what If we want when they click in the fake ap we give them a page so they enter the password and after it we gvie them a page you have to update this network and they click and get the backdoor ?

[Diego Pérez]

Hi!
It can be done but not with fluxion, because you’ll need to modify it’s code, i haven’t tried it but it might be possible. So the easiest way would be to do it manually, as the fake captive portal attack, but you’ll need to do some modifications to the fake login page as well to serve the fake update, for this you’ll need some web development skills.

Greetings!
Diego

[akademikane]

I can modify but, which one do you recommend me because as you know to install something needs internet connection, so with fake captive protal no internet is there, any idea Diego ?

[Diego Pérez]

Hi!
In such case you need to give them an already backdoored executable, something that pop-up as normal a normal update. I know that for a cpative portal this is not normal but you should make it look like it is, so creating a custom installer would be the option here. To make it more real it will have to display the companies logo and stuff like that. The executable doesn’t have to do anything at all, I mean to the the system, it will be just a dummy executable that display brands logo, some info and a loading bar but in the background it will run the malware.

Greetings!
Diego

[akademikane]

Yes but we know that there is no internet connection when the captive protal is loaded.

[Diego Pérez]

Hi!
That doesn’t matter, the file will be stored in your local machine, so there’s no need for internet connection.

Greetings!
Diego

[akademikane]

Yes but when we give them a backdoor and they can’t even download it because there is no internet connection in captive portal.

[Diego Pérez]

Hi!

As mentioned, the file is stored in your machine, and by file I mean the backdoor, so again, there’s no need for internet connection. Do you get what I mean?

Let me know.
Diego

[akademikane]

I am so sorry but I did not.
We can’t even download anything if we don’t have internet conenction.

[Diego Pérez]

Hi!
As the file is gonna be stored in the kali machine, attacker machine, and apache server is running, then there’s no need for internet connection, any device connected to the fake captive portal will be able to connect to kali’s apache server an it can download a file stored in the local server, you don’t need internet to download a file from the local host. Do you understand the situation I’m raising?

Greetings!
Diego

[Author]

Posts