Captive / landing page of a secured Wifi
In our corporate, we have a Wifi that staff / guests have to register before they can
use it. Subsequently after registration, each time staff/guest connects to it, they
have to click on "Lets Surf" in the landing/captive page.
I need to monitor this landing page for possible defacement/changes as it's been
known hackers ever hacked it such that the landing page is replaced with one that
will lead to an external Internet malicious site.
I thought of writing a script to dump out this landing page every hourly using
wget or curl but somehow wget or curl (Windows version) can never connect to
it to dump out this html page: I've tried specifying proxy & without proxy.
Purpose of dumping out this landing page is such that I could do a "comp" (ie
Unix equivalent of "diff") against a baseline page to see if that page has changed.
What did I miss that wget/curl could not dump out this page? While I'm connected
to home Internet or my phone's 4G, the very same laptop could dump out, say
google.com
I ran wget from Windows command prompt while I ran curl from a "bash-like"
shell that runs on my Windows : both works on my home Internet but not
with the corporate's captive page.
When connecting each time to this 'secured' Wifi, it will lead to a URL that looks
like http://www.wiresuss.com/login.php? . . .
use it. Subsequently after registration, each time staff/guest connects to it, they
have to click on "Lets Surf" in the landing/captive page.
I need to monitor this landing page for possible defacement/changes as it's been
known hackers ever hacked it such that the landing page is replaced with one that
will lead to an external Internet malicious site.
I thought of writing a script to dump out this landing page every hourly using
wget or curl but somehow wget or curl (Windows version) can never connect to
it to dump out this html page: I've tried specifying proxy & without proxy.
Purpose of dumping out this landing page is such that I could do a "comp" (ie
Unix equivalent of "diff") against a baseline page to see if that page has changed.
What did I miss that wget/curl could not dump out this page? While I'm connected
to home Internet or my phone's 4G, the very same laptop could dump out, say
google.com
I ran wget from Windows command prompt while I ran curl from a "bash-like"
shell that runs on my Windows : both works on my home Internet but not
with the corporate's captive page.
When connecting each time to this 'secured' Wifi, it will lead to a URL that looks
like http://www.wiresuss.com/login.php? . . .
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Sounds like you have a solution. If you still have a question, clarify what help you require.
That said, if any page anywhere is getting hacked, better to find the hole + close it.
If one page is hacked, likely other nefarious activities are occurring other places.
That said, if any page anywhere is getting hacked, better to find the hole + close it.
If one page is hacked, likely other nefarious activities are occurring other places.
I would do the following
1. MD5 the file
2. Save the MD5
3. Create a cron script that runs every hour (or whenever)
4. When cron script runs it compares md5 of home page to live page.
5. If md5 signatures do not match then copy backup to live
6. MD5 + cron script + backup all live outside the web root so hackers can't mess with them.
Sample cron script (outside the root)
1. MD5 the file
2. Save the MD5
3. Create a cron script that runs every hour (or whenever)
4. When cron script runs it compares md5 of home page to live page.
5. If md5 signatures do not match then copy backup to live
6. MD5 + cron script + backup all live outside the web root so hackers can't mess with them.
Sample cron script (outside the root)
<?php
// ENSURE THIS IS OUTSIDE THE ROOT
define('BACKUP','backup.html');
// MD5 PROVIDED FOR DEMO PURPOSES
// CALC AS PART OF FILE UPLOAD PROCESS
define('SAVEDMD5','84d17aaa2400424cc279ed5d1332f8b2');
// File to monitor
$file = 'index.html';
$md5 = md5_file($file);
if ($md5 != SAVEDMD5) {
copy(BACKUP, $file);
echo "Log event here, send email etc";
}
I have a non-working solution: in fact both the wget & curl could not save the landing page's into a file.
Below is the error I'm getting & I'm seeking help to fix this. The very same wget command works on
my home broadband:
C:\wget>wget --wait=5 --recursive --level=2 https://www.wirewuss.com/index.php
--22:41:31-- https://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
FINISHED --22:41:31--
Downloaded: bytes in 0 files <== no file saved
C:\wget>wget --wait=5 --recursive --level=2 www.wirewuss.com/index.php
--22:41:57-- http://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--22:42:02-- https://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
FINISHED --22:42:03--
Downloaded: bytes in 0 files <== no file saved
Below is the error I'm getting & I'm seeking help to fix this. The very same wget command works on
my home broadband:
C:\wget>wget --wait=5 --recursive --level=2 https://www.wirewuss.com/index.php
--22:41:31-- https://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
FINISHED --22:41:31--
Downloaded: bytes in 0 files <== no file saved
C:\wget>wget --wait=5 --recursive --level=2 www.wirewuss.com/index.php
--22:41:57-- http://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--22:42:02-- https://www.wirewuss.com/index.php
=> `www.wirewuss.com/index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
FINISHED --22:42:03--
Downloaded: bytes in 0 files <== no file saved
This worked for me
Refer: https://www.cyberciti.biz/faq/wget-example-download-from-https-web-sites/
wget --no-check-certificate https://www.wirewuss.com/index.php
Refer: https://www.cyberciti.biz/faq/wget-example-download-from-https-web-sites/
Julian, the above --no-check-certificate did not work ie it did not save a copy of the landing page.
Below are the screens/outputs: is it because my landing page is in https/ssl ?
D:\wget>wget-1.10 --tries=1 --no-check-certificate https://www.wirewuss.com/index.php
--09:23:12-- https://www.wirewuss.com/index.php
=> `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
D:\wget>
D:\wget>wget-1.10 --tries=1 --no-check-certificate www.wirewuss.com/index.php
--09:23:25-- http://www.wirewuss.com/index.php
=> `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--09:23:25-- https://www.wirewuss.com/index.php
=> `index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
Using the full url (which was displayed when I tried to access any URLs eg: google.com when
first establishing connection to the captive Wifi), got the following output :
D:\wget>wget-1.10 --no-check-certificate www.wirewuss.com/index.php?class=User&m
ethod=LoadConnected&succes
--09:24:53-- http://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php?class=User [following]
--09:24:53-- https://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.
D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/index.php?clas
s=User&method=LoadConnecte
--09:25:03-- https://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.
D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/
--09:25:12-- https://www.wirewuss.com/
=> `index.html.4'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
Below are the screens/outputs: is it because my landing page is in https/ssl ?
D:\wget>wget-1.10 --tries=1 --no-check-certificate https://www.wirewuss.com/index.php
--09:23:12-- https://www.wirewuss.com/index.php
=> `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
D:\wget>
D:\wget>wget-1.10 --tries=1 --no-check-certificate www.wirewuss.com/index.php
--09:23:25-- http://www.wirewuss.com/index.php
=> `index.php'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php [following]
--09:23:25-- https://www.wirewuss.com/index.php
=> `index.php'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
Using the full url (which was displayed when I tried to access any URLs eg: google.com when
first establishing connection to the captive Wifi), got the following output :
D:\wget>wget-1.10 --no-check-certificate www.wirewuss.com/index.php?class=User&m
ethod=LoadConnected&succes
--09:24:53-- http://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.wirewuss.com/index.php?class=User [following]
--09:24:53-- https://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.
D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/index.php?clas
s=User&method=LoadConnecte
--09:25:03-- https://www.wirewuss.com/index.php?class=User
=> `index.php@class=User'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
'method' is not recognized as an internal or external command,
operable program or batch file.
'success' is not recognized as an internal or external command,
operable program or batch file.
D:\wget>wget-1.10 --no-check-certificate https://www.wirewuss.com/
--09:25:12-- https://www.wirewuss.com/
=> `index.html.4'
Resolving www.wirewuss.com... 52.221.100.76
Connecting to www.wirewuss.com|52.221.100.76|:443... connected.
Unable to establish SSL connection.
If I click "Lets Surf" on the Captive page so that my browser could start browsing
any Internet sites, doing wget on that wiresuss will not work too & doing wget
on say google.com will return the content of google.com page
any Internet sites, doing wget on that wiresuss will not work too & doing wget
on say google.com will return the content of google.com page
Julian, the above --no-check-certificate did not work ie it did not save a copy of the landing page.It worked for me - refer attached.
index.php
Can share which version of wget you're running and the Windows OS that you're on?
My version is rather old
My version is rather old
Premium Content
You need an Expert Office subscription to comment.Start Free Trial