Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!
Captive / landing page of a secured Wifi
In our corporate, we have a Wifi that staff / guests have to register before they can
use it. Subsequently after registration, each time staff/guest connects to it, they
have to click on "Lets Surf" in the landing/captive page.
I need to monitor this landing page for possible defacement/changes as it's been
known hackers ever hacked it such that the landing page is replaced with one that
will lead to an external Internet malicious site.
I thought of writing a script to dump out this landing page every hourly using
wget or curl but somehow wget or curl (Windows version) can never connect to
it to dump out this html page: I've tried specifying proxy & without proxy.
Purpose of dumping out this landing page is such that I could do a "comp" (ie
Unix equivalent of "diff") against a baseline page to see if that page has changed.
What did I miss that wget/curl could not dump out this page? While I'm connected
to home Internet or my phone's 4G, the very same laptop could dump out, say
google.com
I ran wget from Windows command prompt while I ran curl from a "bash-like"
shell that runs on my Windows : both works on my home Internet but not
with the corporate's captive page.
When connecting each time to this 'secured' Wifi, it will lead to a URL that looks
like http://www.wiresuss.com/login.php? . . .
use it. Subsequently after registration, each time staff/guest connects to it, they
have to click on "Lets Surf" in the landing/captive page.
I need to monitor this landing page for possible defacement/changes as it's been
known hackers ever hacked it such that the landing page is replaced with one that
will lead to an external Internet malicious site.
I thought of writing a script to dump out this landing page every hourly using
wget or curl but somehow wget or curl (Windows version) can never connect to
it to dump out this html page: I've tried specifying proxy & without proxy.
Purpose of dumping out this landing page is such that I could do a "comp" (ie
Unix equivalent of "diff") against a baseline page to see if that page has changed.
What did I miss that wget/curl could not dump out this page? While I'm connected
to home Internet or my phone's 4G, the very same laptop could dump out, say
google.com
I ran wget from Windows command prompt while I ran curl from a "bash-like"
shell that runs on my Windows : both works on my home Internet but not
with the corporate's captive page.
When connecting each time to this 'secured' Wifi, it will lead to a URL that looks
like http://www.wiresuss.com/login.php? . . .
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
I would do the following
1. MD5 the file
2. Save the MD5
3. Create a cron script that runs every hour (or whenever)
4. When cron script runs it compares md5 of home page to live page.
5. If md5 signatures do not match then copy backup to live
6. MD5 + cron script + backup all live outside the web root so hackers can't mess with them.
Sample cron script (outside the root)
1. MD5 the file
2. Save the MD5
3. Create a cron script that runs every hour (or whenever)
4. When cron script runs it compares md5 of home page to live page.
5. If md5 signatures do not match then copy backup to live
6. MD5 + cron script + backup all live outside the web root so hackers can't mess with them.
Sample cron script (outside the root)
<?php
// ENSURE THIS IS OUTSIDE THE ROOT
define('BACKUP','backup.html');
// MD5 PROVIDED FOR DEMO PURPOSES
// CALC AS PART OF FILE UPLOAD PROCESS
define('SAVEDMD5','84d17aaa2400424cc279ed5d1332f8b2');
// File to monitor
$file = 'index.html';
$md5 = md5_file($file);
if ($md5 != SAVEDMD5) {
copy(BACKUP, $file);
echo "Log event here, send email etc";
}
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
I have a non-working solution: in fact both the wget & curl could not save the landing page's into a file.
Below is the error I'm getting & I'm seeking help to fix this. The very same wget command works on
my home broadband:
C:\wget>wget --wait=5 --recursive --level=2 https://www.wirewuss.com/index.php
--22:41:31-- https://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
FINISHED --22:41:31--
Downloaded: bytes in 0 files <== no file saved
C:\wget>wget --wait=5 --recursive --level=2 www.wirewuss.com/index.php
--22:41:57-- http://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--22:42:02-- https://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
FINISHED --22:42:03--
Downloaded: bytes in 0 files <== no file saved
Below is the error I'm getting & I'm seeking help to fix this. The very same wget command works on
my home broadband:
C:\wget>wget --wait=5 --recursive --level=2 https://www.wirewuss.com/index.php
--22:41:31-- https://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
FINISHED --22:41:31--
Downloaded: bytes in 0 files <== no file saved
C:\wget>wget --wait=5 --recursive --level=2 www.wirewuss.com/index.php
--22:41:57-- http://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--22:42:02-- https://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
FINISHED --22:42:03--
Downloaded: bytes in 0 files <== no file saved
This worked for me
Refer: https://www.cyberciti.biz/faq/wget-example-download-from-https-web-sites/
wget --no-check-certificate https://www.wirewuss.com/index.php
Refer: https://www.cyberciti.biz/faq/wget-example-download-from-https-web-sites/
Julian, the above --no-check-certificate did not work ie it did not save a copy of the landing page.
Below are the screens/outputs: is it because my landing page is in https/ssl ?
D:\wget>wget-1.10 --tries=1 --no-check-certificate https://www.wirewuss.com/index.php
--09:23:12-- https://www.wirewuss.com/index.php
=> `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
D:\wget>
D:\wget>wget-1.10 --tries=1 --no-check-certificate www.wirewuss.com/index.php
--09:23:25-- http://www.wirewuss.com/index.php
=> `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--09:23:25-- https://www.wirewuss.com/index.php
=> `index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
Using the full url (which was displayed when I tried to access any URLs eg: google.com when
first establishing connection to the captive Wifi), got the following output :
D:\wget>wget-1.10 --no-check-certificate www.wirewuss.com/index.php?class=User&m
ethod=LoadConnected&succes
--09:24:53-- http://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php?class=User [following]
--09:24:53-- https://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.
D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/index.php?clas
s=User&method=LoadConnecte
--09:25:03-- https://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.
D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/
--09:25:12-- https://www.wirewuss.com/
=> `index.html.4'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
Below are the screens/outputs: is it because my landing page is in https/ssl ?
D:\wget>wget-1.10 --tries=1 --no-check-certificate https://www.wirewuss.com/index.php
--09:23:12-- https://www.wirewuss.com/index.php
=> `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
D:\wget>
D:\wget>wget-1.10 --tries=1 --no-check-certificate www.wirewuss.com/index.php
--09:23:25-- http://www.wirewuss.com/index.php
=> `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--09:23:25-- https://www.wirewuss.com/index.php
=> `index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
Using the full url (which was displayed when I tried to access any URLs eg: google.com when
first establishing connection to the captive Wifi), got the following output :
D:\wget>wget-1.10 --no-check-certificate www.wirewuss.com/index.php?class=User&m
ethod=LoadConnected&succes
--09:24:53-- http://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php?class=User [following]
--09:24:53-- https://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.
D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/index.php?clas
s=User&method=LoadConnecte
--09:25:03-- https://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.
D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/
--09:25:12-- https://www.wirewuss.com/
=> `index.html.4'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
If I click "Lets Surf" on the Captive page so that my browser could start browsing
any Internet sites, doing wget on that wiresuss will not work too & doing wget
on say google.com will return the content of google.com page
any Internet sites, doing wget on that wiresuss will not work too & doing wget
on say google.com will return the content of google.com page
Can share which version of wget you're running and the Windows OS that you're on?
My version is rather old
My version is rather old
I've used wget V1.19.1 on Win10, still did not manage to connect/download from my Wirewuss.
Looks like my Wirewuss is different
Looks like my Wirewuss is different
It's only after I've clicked "Lets Surf" on the landing page, then google/other Internet web pages could be downloaded by wget
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
That said, if any page anywhere is getting hacked, better to find the hole + close it.
If one page is hacked, likely other nefarious activities are occurring other places.