============== Captive Portal ============== CVEs like CVE-2024-36472 only work within a captive portal. Here's how to recreate one quickly for testing. Let's create a lab with a captive portal using the (now discontinued) zeroshell project: * https://web.archive.org/web/20210302154154/https://zeroshell.org/ * http://www.club.cc.cmu.edu/pub/zeroshell/ This is properly recognized by buster's Firefox, and Gnome provided `network-manager-config-connectivity-debian `_ is installed. We prepare a zeroshell VM with 2 NICs LAN/WAN, and a buster-elts VM with 1 NIC for the LAN. zeroshell is very light, 512MB RAM and 2GB disk is more than enough. Let's reuse libvirt's default bridge ``virbr0`` for the WAN, and create a new bridge for the restricted LAN: :: apt install bridge-utils brctl addbr zs0 ifconfig zs0 up Connect (e.g. in ``virt-manager``) ``virbr0`` to zeroshell:nic0 and ``zs0`` to both zeroshell:nic1 and our buster VM. Install the zeroshell VM from the `latest ISO `_. * Normal Startup (Live CD) * \ Installation Manager, keep defaults * IP Address to assign to ETH00: 192.168.122.2/255.255.255.0 * Default Gateway: 192.168.122.1 * \ Reboot * \ IP Manager * \ Add IP address * ETH01: 192.168.200.1/255.255.255.0 * Web interface https://192.168.122.2 (accept self-sign SSL certificate, admin:zeroshell) * Network / DHCP * Subnet > New > 192.168.200.0 * Range 1: 192.168.200.101 - 192.168.200.199 * Default Gateway: 192.168.200.1 * DNS 1: 192.168.200.1 * Save * Users / Captive Portal * GW: Active * Interface: ETH01 * Save * Bonus: actually working gateway * Network / Router / NAT * NAT Enabled Interfaces: ETH00 * Save In the buster-elts VM, dhclient should now work, Firefox should now pop-up about the captive portal, and Gnome should open a `Hotspot Login` pop-up when connecting the network. | Copyright (C) 2025 Sylvain Beucler