Captive / landing page of a secured Wifi

In our corporate, we have a Wifi that staff / guests have to register before they can
use it.  Subsequently after registration, each time staff/guest connects to it, they
have to click on "Lets Surf" in the landing/captive page.

I need to monitor this landing page for possible defacement/changes as it's been
known hackers ever hacked it such that the landing page is replaced with one that
will lead to an external Internet malicious site.

I thought of writing a script to dump out this landing page every hourly using
wget or curl but somehow wget or curl (Windows version) can never connect to
it to dump out this html page: I've tried specifying proxy & without proxy.

Purpose of dumping out this landing page is such that I could do a "comp" (ie
Unix equivalent of  "diff") against a baseline page to see if that page has changed.

What did I miss that  wget/curl could not dump out this page?  While I'm connected
to home Internet or my phone's 4G, the very same laptop could dump out, say
google.com

I ran wget from Windows command prompt while I ran curl from a "bash-like"
shell that runs on my Windows : both works on my home Internet but not
with the corporate's captive page.

When connecting each time to this 'secured' Wifi, it will lead to a URL that looks
like   http://www.wiresuss.com/login.php? . . .
sunhuxAsked:
Who is Participating?
 
Julian HansenCommented:
I would do the following

1. MD5 the file
2. Save the MD5
3. Create a cron script that runs every hour (or whenever)
4. When cron script runs it compares md5 of home page to live page.
5. If md5 signatures do not match then copy backup to live
6. MD5 + cron script + backup all live outside the web root so hackers can't mess with them.

Sample cron script (outside the root)

<?php
// ENSURE THIS IS OUTSIDE THE ROOT

define('BACKUP','backup.html');

// MD5 PROVIDED FOR DEMO PURPOSES
// CALC AS PART OF FILE UPLOAD PROCESS

define('SAVEDMD5','84d17aaa2400424cc279ed5d1332f8b2');

// File to monitor

$file = 'index.html';
$md5 = md5_file($file);

if ($md5 != SAVEDMD5) {
	copy(BACKUP, $file);
	echo "Log event here, send email etc";
}

Open in new window

1
 
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Sounds like you have a solution. If you still have a question, clarify what help you require.

That said, if any page anywhere is getting hacked, better to find the hole + close it.

If one page is hacked, likely other nefarious activities are occurring other places.
0
 
sunhuxAuthor Commented:
I have a non-working solution: in fact both the wget & curl could not save the landing page's into a file.
Below is the error I'm getting & I'm seeking help to fix this.  The very same wget command works on
my home broadband:

C:\wget>wget --wait=5 --recursive --level=2 https://www.wirewuss.com/index.php
--22:41:31--  https://www.wirewuss.com/index.php
           => `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.

FINISHED --22:41:31--
Downloaded:  bytes in 0 files  <== no file saved

C:\wget>wget --wait=5 --recursive --level=2 www.wirewuss.com/index.php
--22:41:57--  http://www.wirewuss.com/index.php
           => `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--22:42:02--  https://www.wirewuss.com/index.php
           => `www.wirewuss.com/index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.

FINISHED --22:42:03--
Downloaded:  bytes in 0 files  <== no file saved
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
sunhuxAuthor Commented:
The above 2 screens show outputs from doing wget against https & http of the landing page
0
 
Julian HansenCommented:
This worked for me

wget --no-check-certificate https://www.wirewuss.com/index.php

Open in new window


Refer: https://www.cyberciti.biz/faq/wget-example-download-from-https-web-sites/
1
 
sunhuxAuthor Commented:
Julian, the above   --no-check-certificate   did not work ie it did not save a copy of the landing page.
Below are the screens/outputs: is it because my landing page is in https/ssl ?

D:\wget>wget-1.10 --tries=1 --no-check-certificate https://www.wirewuss.com/index.php
--09:23:12--  https://www.wirewuss.com/index.php
           => `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
D:\wget>



D:\wget>wget-1.10 --tries=1 --no-check-certificate www.wirewuss.com/index.php 
--09:23:25--  http://www.wirewuss.com/index.php
           => `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--09:23:25--  https://www.wirewuss.com/index.php
           => `index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.



Using the full url (which was displayed when I tried to access any URLs eg: google.com when
first establishing connection to the captive Wifi), got the following output :

D:\wget>wget-1.10 --no-check-certificate www.wirewuss.com/index.php?class=User&m
ethod=LoadConnected&success=1
--09:24:53--  http://www.wirewuss.com/index.php?class=User
           => `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php?class=User [following]
--09:24:53--  https://www.wirewuss.com/index.php?class=User
           => `index.php@class=User'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.


D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/index.php?clas
s=User&method=LoadConnected&success=1
--09:25:03--  https://www.wirewuss.com/index.php?class=User
           => `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.


D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/
--09:25:12--  https://www.wirewuss.com/
           => `index.html.4'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
0
 
sunhuxAuthor Commented:
If I click "Lets Surf" on the Captive page so that my browser could start browsing
any Internet sites, doing wget on that wiresuss will not work too & doing wget
on say google.com will return the content of google.com page
0
 
Julian HansenCommented:
Julian, the above   --no-check-certificate   did not work ie it did not save a copy of the landing page.
It worked for me - refer attached.
index.php
1
 
sunhuxAuthor Commented:
Can share which version of wget you're running and the Windows OS that you're on?

My version is rather old
0
 
Julian HansenCommented:
Windoze 10
c:\> wget --help
GNU Wget 1.19.1, a non-interactive network retriever.

Open in new window

0
 
sunhuxAuthor Commented:
I've used wget V1.19.1 on Win10, still did not manage to connect/download from my Wirewuss.

Looks like my Wirewuss is different
0
 
sunhuxAuthor Commented:
It's only after I've clicked "Lets Surf" on the landing page, then google/other Internet web pages could be downloaded by wget
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.