Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
shude2020-01-19 20:14:01
WiFi
shude, 2020-01-19 20:14:01

What to do if your Wi-Fi is intercepted?

Good afternoon.
I have a problem and I don't have the skills to take steps to fix it.
The bottom line is that when you connect to your Wi-Fi router, ads are loaded on any resource that I open via http. I found out the following on my own:
When requesting any JavaScript file via http, a dummy js file comes in response, which contains the script for introducing ad units, and then connecting the original js.
The scheme of work is as follows: For any request for a js file, if the Referer header with the original host is present, then a decoy js comes, if there is no Referer, then the original file comes.
I don't think that this nonsense happens at the provider level, but at the same time I don't understand how this can be done and how to get rid of it. The router is old - WPA2-Personal encryption
Changed all passwords, hid the SSID - nothing helps.
Embeds only in http, https cannot.
Tell me what to do, what to check, how can it be blocked? I'm a Web developer, the dev stack often hangs on http, well, it's not at all comfortable to work.
UPD: the problem appears only when connected to the router on all devices (laptop, phones, tablets) in other places everything is fine, if you distribute the Internet from the phone, everything is also fine.
This exactly manifests itself only when connected to this router, so the fact of the presence of a virus disappears. any guest who comes to the house and connects to the network sees this ad

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

7 answer(s)
Report
X
xmoonlight, 2020-01-19
@xmoonlight

Directly connect the Internet cable to the PC and check:
1. There will be advertising - the problem is either in the laptop or in the provider.
2. No - it means in the router (what mitm's slip here - the probability is <1%).

Report
R
Ronald McDonald, 2020-01-19
@Zoominger

I am a web developer, the dev stack often hangs on http

And it didn’t occur to you that it’s not about WiFi?
Clean your browser from unnecessary add-ons, scan DrWeb CureIt, it is obvious that malware is sitting somewhere in the system.

Report
T
towin, 2020-01-19
@towin

Most likely, your router had access to the web UI from the outside, and through simple actions, the enemies sewed a modified firmware into the router.
You need to upgrade to standard firmware and immediately disable Web UI, ssh, telnet on WAN.

Report
A
aa3mandius, 2020-01-19
@aa3mandius

Check the network details on the router.
Quite often it happens that the web muzzle of the router looks out, and the password admin / admin, respectively, makes a banal dns substitution, which in turn causes an advertising parade.

Report
R
rionnagel, 2020-01-20
@rionnagel

Connect a fresh PC bypassing the router. The same thing - roll the barrels on the provider.
ps. In general, in my practice, some providers allowed themselves to mimic any trash in http. Treated by scandal!!! If the scandal did not help - change the provider .... And if you still have a hundred points with this provider - then there too.
If sla is specified, you can consider the transition time as unavailable time. To do this, you need to collect metadata.

Report
A
Alexey Kharchenko, 2020-01-20
@AVX

Some providers do this. I won’t say anything about wired ones, but specifically Megafon does this 100%.
I have a sim card of a megaphone and a sim card of MTS on my phone, plus wifi (which is connected to a router on Rostelecom). Megafon: If you download via http, not https - on frequently visited sites (only http!) An ad block is inserted, if you click it by accident - you can run into a mobile subscription (so if you go through a mobile browser), or get a corrupted file (if something was downloaded via http from a computer connected via usb to this smartphone, i.e. smartphone as a modem). The settings are everywhere automatically, on a Linux computer, and nothing has changed after installing another distro. It comes to the point that even the system cannot be updated - the files are downloaded, and one will definitely fail during installation. It is worth clearing the cache, connecting to another provider - everything is ok.
Those. when connected to Rostelecom, mts - this does not happen.
Fight how? No way, apparently, you need to change the provider, and that's it. You can also organize a connection through vpn, but I did not check how it would work.

Report
R
Roman Vladimirovich F., 2020-01-23
@FiLinX

Sergey, log in) - How to add information on top of a web page through a Wi-Fi access point?

Similar questions
D
Drew2016-08-24 02:00:43
How to stop processes interfering with the translation of the interface into the mod monitor (airmon-ng start )? 2Reply
O
Outsider V.2020-11-02 00:37:38
5G Wi-Fi transmission freezes every 10s in Windows 10 - how to fix it? 0Reply
C
Chasing2014-08-11 10:38:55
How to make wifi in Ubuntu 14.04? 1Reply
M
mcnum12022-03-18 20:30:16
How to set up Wi-Fi on a laptop with elementary OS without the ability to connect to the Internet? 1Reply
D
Drew2016-08-27 20:10:28
Is it possible to force the onboard netadaptor, which does not support airmon-ng mods, to be supported in software ways (without a soldering iron)? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question