TL;DR
This guide shows you how to set up a captive portal – a webpage users see before getting internet access, often used in public Wi-Fi. Warning: Using this for malicious purposes is illegal and unethical. This information is for educational security testing only.
Setting Up Your Captive Portal
Choose a Framework/Tool: Several options exist, each with different features and complexity.
CoovaChilli: A popular open-source option. Requires more technical knowledge.
nodogsplash: Another open-source choice, simpler than CoovaChilli.
WiFiDog: Commercial solution with a free version for limited use.
For this guide, we’ll focus on nodogsplash due to its relative simplicity.
Install nodogsplash: On Debian/Ubuntu-based systems:
sudo apt update
sudo apt install nodogsplash
Configure the Interface: Edit /etc/nodogsplash.conf to specify the network interface your access point uses (e.g., wlan0).
interface=wlan0
Customize the Portal Page: nodogsplash uses HTML templates in /usr/share/nodogsplash/htdocs/.
Edit index.html to change the login form, branding, and terms of service.
You can add your own CSS for styling.
Authentication Method: Decide how users will authenticate.
MAC Address Authentication: Simplest method; allows access based on device MAC address. Edit /etc/nodogsplash.conf and set auth_type=macauth.
Web Form Authentication: Requires users to enter credentials (email, password). More complex setup involving a database or external authentication server. Edit /etc/nodogsplash.conf and set auth_type=webform.
DHCP Server Configuration: Ensure your DHCP server provides the captive portal’s IP address as the default gateway.
If using hostapd, configure it to forward DHCP requests to dnsmasq or another DHCP server.
The DHCP server should also provide a DNS server (e.g., 8.8.8.8).
Start nodogsplash:
sudo systemctl start nodogsplash
Enable on Boot:
sudo systemctl enable nodogsplash
Firewall Rules (Important): Configure your firewall to redirect HTTP traffic (port 80) and HTTPS traffic (port 443) to the captive portal.
Using iptables:
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp –dport 80 -j REDIRECT –to-ports 8080
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp –dport 443 -j REDIRECT –to-ports 8080
Testing: Connect to the Wi-Fi network. You should be redirected to your customized captive portal page.
Security Considerations
HTTPS: Always use HTTPS for secure communication, especially if collecting user credentials. Configure nodogsplash with a valid SSL certificate.
Input Validation: If using web form authentication, thoroughly validate all user inputs to prevent injection attacks.
Data Storage: Securely store any collected data (e.g., MAC addresses, usernames, passwords).
Regular Updates: Keep nodogsplash and your operating system updated with the latest security patches.
The post Captive Portal Setup appeared first on Blog | G5 Cyber Security.
No Responses