New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CLOSED] DNS spoofing to captive portal on non-internet connected networks #291
Comments
Comment by areynold Note: Linked Makefile should use PKG_VERSION:=dns-spoof for testing. |
Comment by areynold Could not reproduce steps 5 or 6. |
Comment by dismantl Did you accept the captive portal in step 2? If so, you'll need to deauth your MAC or IP address from nodogsplash using the 'ndsctl deauth ' command. Then try step 5 again. |
Comment by dismantl Also, make sure /etc/init.d/nodogsplash and /etc/init.d/dnsmasq both got patched correctly. You can also make sure there are two instances of dnsmasq running with 'ps w'; one instance should be "/usr/sbin/dnsmasq -p 5353 --address=/#/1.2.3.4". |
Comment by areynold I did not accept the captive portal. A bit more on the behavior. When I disconnect the node from the gateway I get a standard network timeout, not captive portal. If I then reconnect to the gateway long enough to be captured, then disconnect before running dig, some hostnames are resolved correctly (i.e., their actual IP addresses) while others time out. |
Comment by dismantl can you give the output of 'ps w |grep dnsmasq' ? Instead of going to redemmas.org in step 5, go to any other non-HTTPS website that you haven't visited before. This is to make sure you aren't going to a domain whose DNS resolution has been cached by the browser. |
Comment by areynold 2814 nobody 952 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf --server=/#8.8.8.8 --server=/#/192.168.13.84#5353 I tried a variety of new sites, all non-SSL. I've tried restarting the browser, restarting the test client, and flushing the local DNS cache. |
Comment by dismantl hmm, that should work. Basically, instance #1 of dnsmasq will fallback on 192.168.13.84 port 5353 as the dns server if it fails to resolve a domain w/ 8.8.8.8. At step 5, can you run dig with a domain you haven't gone to before, and post the output? And it would be worth seeing if dig is available on the router as well, and trying a lookup on the node itself, to see if it falls back to the local dns resolver on port 5353. |
Comment by areynold Sorry. That's a transcription error. I'm not directly connected to the node from this machine. The process does actually read "--server=/#/8.8.8.8" |
Comment by areynold From the client: ; <<>> DiG 9.8.1-P1 <<>> indyreader.org From the node: nslookup indyreader.orgServer: 127.0.0.1 nslookup: can't resolve 'indyreader.org': Name or service not known |
Comment by dismantl apparently your dig program doesn't list what dns server it uses. Can you try 'host -v indyreader.org' ? |
Comment by dismantl Confirmed that this does not work. Only works upon reboot, and so isn't very helpful. |
Issue by dismantl
Wednesday Jun 12, 2013 at 22:49 GMT
Originally opened as opentechinstitute/luci-commotion-splash#1
To test:
dismantl included the following code: https://github.com/opentechinstitute/luci-commotion-splash/pull/1/commits
The text was updated successfully, but these errors were encountered: