If the attacker controls the wifi, he doesn't need to put it in the captive portal page; he can intercept any non-secure http page and put his exploit there.
You really shouldn't connect to untrusted networks at all if you want to be safe from this kind of attack.
You really shouldn't connect to untrusted networks at all if you want to be safe from this kind of attack.