Link to home
Create AccountLog in
Avatar of sunhux
sunhux

asked on

Captive / landing page of a secured Wifi

In our corporate, we have a Wifi that staff / guests have to register before they can
use it.  Subsequently after registration, each time staff/guest connects to it, they
have to click on "Lets Surf" in the landing/captive page.

I need to monitor this landing page for possible defacement/changes as it's been
known hackers ever hacked it such that the landing page is replaced with one that
will lead to an external Internet malicious site.

I thought of writing a script to dump out this landing page every hourly using
wget or curl but somehow wget or curl (Windows version) can never connect to
it to dump out this html page: I've tried specifying proxy & without proxy.

Purpose of dumping out this landing page is such that I could do a "comp" (ie
Unix equivalent of  "diff") against a baseline page to see if that page has changed.

What did I miss that  wget/curl could not dump out this page?  While I'm connected
to home Internet or my phone's 4G, the very same laptop could dump out, say
google.com

I ran wget from Windows command prompt while I ran curl from a "bash-like"
shell that runs on my Windows : both works on my home Internet but not
with the corporate's captive page.

When connecting each time to this 'secured' Wifi, it will lead to a URL that looks
like   http://www.wiresuss.com/login.php? . . .
Avatar of David Favor
David Favor
Flag of United States of America image

Sounds like you have a solution. If you still have a question, clarify what help you require.

That said, if any page anywhere is getting hacked, better to find the hole + close it.

If one page is hacked, likely other nefarious activities are occurring other places.
ASKER CERTIFIED SOLUTION
Avatar of Julian Hansen
Julian Hansen
Flag of South Africa image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of sunhux
sunhux

ASKER

I have a non-working solution: in fact both the wget & curl could not save the landing page's into a file.
Below is the error I'm getting & I'm seeking help to fix this.  The very same wget command works on
my home broadband:

C:\wget>wget --wait=5 --recursive --level=2 https://www.wirewuss.com/index.php
--22:41:31--  https://www.wirewuss.com/index.php
           => `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.

FINISHED --22:41:31--
Downloaded:  bytes in 0 files  <== no file saved

C:\wget>wget --wait=5 --recursive --level=2 www.wirewuss.com/index.php
--22:41:57--  http://www.wirewuss.com/index.php
           => `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--22:42:02--  https://www.wirewuss.com/index.php
           => `www.wirewuss.com/index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.

FINISHED --22:42:03--
Downloaded:  bytes in 0 files  <== no file saved
Avatar of sunhux

ASKER

The above 2 screens show outputs from doing wget against https & http of the landing page
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of sunhux

ASKER

Julian, the above   --no-check-certificate   did not work ie it did not save a copy of the landing page.
Below are the screens/outputs: is it because my landing page is in https/ssl ?

D:\wget>wget-1.10 --tries=1 --no-check-certificate https://www.wirewuss.com/index.php
--09:23:12--  https://www.wirewuss.com/index.php
           => `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
D:\wget>



D:\wget>wget-1.10 --tries=1 --no-check-certificate www.wirewuss.com/index.php 
--09:23:25--  http://www.wirewuss.com/index.php
           => `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--09:23:25--  https://www.wirewuss.com/index.php
           => `index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.



Using the full url (which was displayed when I tried to access any URLs eg: google.com when
first establishing connection to the captive Wifi), got the following output :

D:\wget>wget-1.10 --no-check-certificate www.wirewuss.com/index.php?class=User&m
ethod=LoadConnected&success=1
--09:24:53--  http://www.wirewuss.com/index.php?class=User
           => `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php?class=User [following]
--09:24:53--  https://www.wirewuss.com/index.php?class=User
           => `index.php@class=User'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.


D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/index.php?clas
s=User&method=LoadConnected&success=1
--09:25:03--  https://www.wirewuss.com/index.php?class=User
           => `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.


D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/
--09:25:12--  https://www.wirewuss.com/
           => `index.html.4'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
Avatar of sunhux

ASKER

If I click "Lets Surf" on the Captive page so that my browser could start browsing
any Internet sites, doing wget on that wiresuss will not work too & doing wget
on say google.com will return the content of google.com page
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of sunhux

ASKER

Can share which version of wget you're running and the Windows OS that you're on?

My version is rather old
Windoze 10
c:\> wget --help
GNU Wget 1.19.1, a non-interactive network retriever.

Open in new window

Avatar of sunhux

ASKER

I've used wget V1.19.1 on Win10, still did not manage to connect/download from my Wirewuss.

Looks like my Wirewuss is different
Avatar of sunhux

ASKER

It's only after I've clicked "Lets Surf" on the landing page, then google/other Internet web pages could be downloaded by wget