Gowifi captive portal issue - redirect looping

Yoinx · 2019-02-17 22:01:26

I'm unsure what information would be pertinent and I'm not sure if this is specifically an arch Linux issue.

I'm trying to connect to a gowifi network on a Navy base (actually tried on two bases now). I can connect to the network, get to the initial TOS page, agree, then where the authorization happens the page just loops. I've tried in multiple browsers (chromium, Firefox, the default browser with kde 5 plasma and gnome) and they all go the same thing. This network connection fine on my phone and on Windows 10.

Like I said. Given the point that it fails... I'm not even sure what logs would help since I'm connected to the wifi, just not getting the authorization to access the internet.

Thanks in advance for any help.

Trilby · 2019-02-17 22:06:19

Following a similar pattern as the following may help:
https://bbs.archlinux.org/viewtopic.php?id=242991

These always take a bit of tinkering to get through as they're all a bit different.

Yoinx · 2019-02-17 22:21:59

Trilby wrote:

Following a similar pattern as the following may help:
https://bbs.archlinux.org/viewtopic.php?id=242991
These always take a bit of tinkering to get through as they're all a bit different.

Thanks. I had actually been looking at that post earlier today, but I couldn't figure out how to run the js directly. I'm trying to get the pages again to try and post them... But the wifi doesn't seem to want to let me get to the login page anymore either. I'll post back if/when it wants to work at least to that point again.

Trilby · 2019-02-17 22:41:37

I'd not trust browsers for this. Use curl. You can optionally use the -L flag to follow redirects, but sometimes this will actually get in the way (as you may be redirected to an error page before you get a chance to see what you came to see). I'd also include the -H flag to retrieve headers. Usually there are several steps between any initial url you give to curl and what you'll end up needing, but those steps are different every time. So just post what you get at stage 1 and we can go from there.

Yoinx · 2019-02-18 15:32:27

Trilby wrote:

I'd not trust browsers for this. Use curl. You can optionally use the -L flag to follow redirects, but sometimes this will actually get in the way (as you may be redirected to an error page before you get a chance to see what you came to see). I'd also include the -H flag to retrieve headers. Usually there are several steps between any initial url you give to curl and what you'll end up needing, but those steps are different every time. So just post what you get at stage 1 and we can go from there.

So I managed to get back connected. I used the website to click the TOS guest box. Then used curl at the point that it starts looping. -H kept telling me no url specified while trying to use that flag, so I used -D to dump the headers. Hopefully that's similar enough.

Page 1 Header:

HTTP/1.1 302 Hotspot login required
Cache-Control: no-cache
Content-Length: 135
Content-Type: text/html
Date: Mon, 18 Feb 2019 15:22:56 GMT
Expires: 0
Location: https://WIFI1.VIASAT.COM/login?dst=http%3A%2F%2Fwww.cnn.com%2F

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Content-Length: 1135
Content-Type: text/html
Date: Mon, 18 Feb 2019 15:22:56 GMT
Expires: 0

Page 1 Body:

<html>
<head>
<title></title>
<meta http-equiv="refresh" content="0; url=http://redir.nnu.com/?hwid=D4:CA:6D:44:99:7E&clientip=10.40.6.84&page=loginsuccess">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="-1">
<style type="text/css">
<!--
textarea,input,select {
	background-color: #FDFBFB;
	border: 1px #BBBBBB solid;
	padding: 2px;
	margin: 1px;
	font-size: 14px;
	color: #808080;
}

body{ color: #737373; font-size: 12px; font-family: verdana; }

a, a:link, a:visited, a:active { color: #AAAAAA; text-decoration: none; font-size: 12px; }
a:hover { border-bottom: 1px dotted #c1c1c1; color: #AAAAAA; }
img {border: none;}
td { font-size: 12px; color: #7A7A7A; }

-->
</style>
</head>
<body onLoad="startClock()">
<table width="100%" height="100%">
<tr>
	<td align="center" valign="middle">
	You are logged in
	<br><br>
	If nothing happens, click <a href="http://redir.nnu.com/?hwid=D4:CA:6D:44:99:7E&clientip=10.40.6.84&page=loginsuccess">here</a></td>
</tr>
</table>

</body>
</html>

Page 2 header:

HTTP/1.1 200 OK
Date: Mon, 18 Feb 2019 15:23:33 GMT
Server: NNUAS/1.0.0 WSGI Server
Content-Type: text/html
Content-Security-Policy: default-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: 0
Via: 1.1 redir.nnu.com
Vary: Accept-Encoding
Connection: close
Transfer-Encoding: chunked

Page 2 Body:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
  <title>Redirecting...</title>
  <link rel="shortcut icon" href="/media/images/favicon.ico">
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  <script type="text/javascript" src="/media/js/main.min.js"></script>
  <style type="text/css">body {font-family: Arial, Verdana, Helvetica, sans-serif;}</style>
</head>
<body onload="init()">
  
  
  <!--
  <?xml version="1.0"><carrier_data><page_type>login</page_type><device_type>mikrotik</device_type><login_url>https://portal.nnu.com/navy2/</login_url><carrier_id>NNU</carrier_id><version>0</version><note>Login Page</note></carrier_data>
  <WISPAccessGatewayParam><Redirect><MessageType>100</MessageType><ResponseCode>0</ResponseCode><AccessProcedure>1.0</AccessProcedure><LocationName>NNU</LocationName><AccessLocation>25782</AccessLocation><LoginURL>https://portal.nnu.com/navy2/</LoginURL><AbortLoginURL>https://wifi1.viasat.com/logout</AbortLoginURL></Redirect></WISPAccessGatewayParam>
  -->

  <!-- This must be a GET request to handle systems that do not send the request body (iOS). -->
  <form id="pf" name="pf" action="/post/" method="get" accept-charset="utf-8">
    <input type="hidden" id="w" name="w" value="0">
    <input type="hidden" id="h" name="h" value="0">
    <input type="hidden" id="qs_data" name="qs_data" value="eyJzeXNpZCI6IDI1NzgyLCAiaHdpZCI6ICJENDpDQTo2RDo0NDo5OTo3RSJ9">
  </form>
  <div id="content">
    <h2>JavaScript is Required</h2>
    <div>You must have JavaScript enabled to properly view this website.<br>Click <a href="js.html">here</a> for instructions to enable JavaScript for your browser<br></div>
  </div>
</body>
</html>

Yoinx · 2019-02-18 15:33:02

*Duplicated Post due to XSS error in chromium*

Last edited by Yoinx (2019-02-18 15:37:21)

Trilby · 2019-02-18 19:29:09

Oops, yes, -H was the wrong flag. The -I flag provides headers only, and I always forget and struggle to find the flag for showing the headers and content*.

I'm not sure if I'm interpreting your description from the last post correctly. Are you saying you were successful in getting connected, or just successful in getting those outputs but not yet connected? Assuming the latter, there is javascript included from another url in the page 2 body. Can you use curl to retrieve that as well? That'd be curl'ing from the same domain but with domain.tld/media/js/main.min.js

Also including the actual curl commands used to get that output would help provide context to be sure we're all on the same page (no pun intended).

*Edit: it was the '-i' (lower case I) that I always forget, that includes the headers and response body in the output.

Last edited by Trilby (2019-02-18 19:38:18)

Arch Linux

#1 2019-02-17 22:01:26

Gowifi captive portal issue - redirect looping

#2 2019-02-17 22:06:19

Re: Gowifi captive portal issue - redirect looping

#3 2019-02-17 22:21:59

Re: Gowifi captive portal issue - redirect looping

#4 2019-02-17 22:41:37

Re: Gowifi captive portal issue - redirect looping

#5 2019-02-18 15:32:27

Re: Gowifi captive portal issue - redirect looping

#6 2019-02-18 15:33:02

Re: Gowifi captive portal issue - redirect looping

#7 2019-02-18 19:29:09

Re: Gowifi captive portal issue - redirect looping

Board footer