|
Title: cracking a login wireless Post by: bazpaul on February 10, 2009, 03:21:32 AM Hi, Im just wondering is it possible to crack wireless where you have to login via a website. Like in a hotel or cafe where they give you a password and the webpage defaults to a login screen.
Thanks!!! Title: Re: cracking a login wireless Post by: don on February 10, 2009, 08:12:30 AM Yes. It is based on MAC address, so spoof that, and voila... I think there may be a post or 2 on this forum about that. Let me see if I can find it.
BTW - Being the "Ethical" Hacker Network, you are doing this as part of a pen test with permission from the hotel, right? Don Title: Re: cracking a login wireless Post by: jason on February 10, 2009, 11:34:36 AM Google is your friend. Try something along the lines of 'wireless mac security'.
Title: Re: cracking a login wireless Post by: SynJunkie on February 10, 2009, 04:17:43 PM Bazpaul
Not sure if its any use to you but did a blog post on bypassing mac address filtering a while back. i'm sure there are better guides but it might be of use. http://synjunkie.blogspot.com/2007/12/bypass-hidden-ssid-mac-address-filter.html Regards Syn Title: Re: cracking a login wireless Post by: jason on February 10, 2009, 04:38:23 PM Nice post Syn. Always helpful to have pretty pictures :)
Title: Re: cracking a login wireless Post by: SynJunkie on February 10, 2009, 05:08:26 PM Thanks, i aim to please :-)
Title: Re: cracking a login wireless Post by: Vertigo on February 12, 2009, 02:25:03 AM It not so easy to crack login in some cases... some ISP's use ssl secured login with unique passwd. MAC address change in this cases will not help :-\
============== GCIH, Security+ Title: Re: cracking a login wireless Post by: munkeyfreenix .batcat on March 17, 2009, 01:38:46 PM i don't know much about it, but I believe Dan Kaminsky had done something with DNS and tunneling to get through those sorts of things.
Title: Re: cracking a login wireless Post by: hayabusa on March 18, 2009, 08:05:19 AM I did a test, not long ago, for a hotel chain that was using such login screens and ssl. I used a combination of ARP spoofing / MITM (to catch the login credentials,) and then MAC spoofing and was able to gain access pretty quickly.
You simply need to take your time, and work out each piece of the puzzle, methodically, before you start hacking away, to make sure you have a good feel for how to get by each measure of security. SSL, when used with a webpage login, is extremely vulnerable to the MITM attacks, particularly where you're dealing with either hotel visitors or hotel staff (who generally are NOT well-versed in security, and who will readily click on SSL certificate messages, without thinking. And, as Don says, however, you ARE doing this for legit purposes, correct? Title: Re: cracking a login wireless Post by: Kev on March 18, 2009, 10:06:16 PM This is one of those times when a windows tool can do the job nicely. Cain and Abel is a great tool for Mitm, arp poison routing and good ole network sniffing. I have found it does a great job testing the security for most hotel login screens.
Title: Re: cracking a login wireless Post by: Soolari on March 28, 2009, 10:32:03 AM Wht...about a wireless that askin 4 security before it connect how do i bypas that plz any hlp
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |