Wi-Fi Hacking using Evil Twin Attacks and Captive Portals! — Part 4

Madura Rajapakshe
4 min readFeb 7, 2021

--

In this section, I’m going to teach you how to enable a captive board to log in page on your access point. So, first, off I will open the “nano dnsmasq.conf” file using nano and the name of the file.

And here on the last line, I have added the IP address for the login page. Basically, these were directing any request from the web browser to this IP address when clients connect to the access point. So, I’ll close these and open the “nano hostapd.conf” file using nano. And here I will only change the wireless network name to free Wi-Fi and save the file.

Now I will start DNS mask using “dnsmasq -C [location]” and in my case its “dnsmasq -C /root/dnsmasq.conf” and then start host APD by typing “hostapd /root/hostapd.conf” and I will also “-B” to run the command in the background.

This is useful if you don’t want to open a new terminal. And now I need to add the IP address for the wlan0 interface by typing “ifconfig wlan0 192.168.1.1/24” and press enter.

Now the next thing is to set up the log-in page for the access point and in my case, I have saved the files in the home directory. So, to find the fires I will click on the file manager and here I have a folder called Basic portal so I will open the folder, and here are the files for the log-in page.

Now let’s see how the page looks like by clicking the index.html.

And you can see a basic HTML login page that will be used to appear when clients try to connect to the access point. And the next step is to copy the files to the webserver directory by going to other location /var/www/html and paste the file.

The last thing you need to do is to modify the configuration file for the patch web server and add a rewrite rule. So, I already saved the rules in a file here in the home directory.

you can see the patch you rewrite file which will open using nano “nano Apache-Rewrite”.

Now here are not going to cover too deep about these rules. Basically, these rules will make the redirection for a captive portal to work properly so you need to copy this (whole content) and in the terminal type “nano /etc/apache2/sites-enabled/000-default.conf”.

And below virtual host paste the code. And don’t forget to save the file. Once done with that start the webserver using “service Apache2 start” and let’s move to the Windows machine and take the free Wi-Fi network. So, I will click connect and you can see I have been automatically redirected to the login page.

--

--

No responses yet