HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 48 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Wirelessarrow cracking a login wireless
EH-Net
May 22, 2013, 10:50:32 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: cracking a login wireless  (Read 11194 times)
0 Members and 1 Guest are viewing this topic.
bazpaul
Newbie
*
Offline Offline

Posts: 1


View Profile
« on: February 10, 2009, 03:21:32 AM »
Hi, Im just wondering is it possible to crack wireless where you have to login via a website. Like in a hotel or cafe where they give you a password and the webpage defaults to a login screen.

Thanks!!!
Logged
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4167


Editor-In-Chief


View Profile WWW
« Reply #1 on: February 10, 2009, 08:12:30 AM »
Yes. It is based on MAC address, so spoof that, and voila... I think there may be a post or 2 on this forum about that. Let me see if I can find it.

BTW - Being the "Ethical" Hacker Network, you are doing this as part of a pen test with permission from the hotel, right?

Don
Logged
CISSP, MCSE, CSTA, Security+ SME
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #2 on: February 10, 2009, 11:34:36 AM »
Google is your friend. Try something along the lines of 'wireless mac security'.
Logged
SynJunkie
Jr. Member
**
Offline Offline

Posts: 71


View Profile WWW
« Reply #3 on: February 10, 2009, 04:17:43 PM »
Bazpaul

Not sure if its any use to you but did a blog post on bypassing mac address filtering a while back.

i'm sure there are better guides but it might be of use.

http://synjunkie.blogspot.com/2007/12/bypass-hidden-ssid-mac-address-filter.html

Regards

Syn
Logged
----------------------------------
http://synjunkie.blogspot.com
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #4 on: February 10, 2009, 04:38:23 PM »
Nice post Syn. Always helpful to have pretty pictures Smiley
Logged
SynJunkie
Jr. Member
**
Offline Offline

Posts: 71


View Profile WWW
« Reply #5 on: February 10, 2009, 05:08:26 PM »
Thanks, i aim to please :-)
Logged
----------------------------------
http://synjunkie.blogspot.com
Vertigo
Newbie
*
Offline Offline

Posts: 13


View Profile
« Reply #6 on: February 12, 2009, 02:25:03 AM »
It not so easy to crack login in some cases... some ISP's use ssl secured login with unique passwd. MAC address change in this cases will not help  Undecided

==============
GCIH, Security+
Logged
munkeyfreenix .batcat
Newbie
*
Offline Offline

Posts: 11



View Profile
« Reply #7 on: March 17, 2009, 01:38:46 PM »
i don't know much about it, but I believe Dan Kaminsky had done something with DNS and tunneling to get through those sorts of things.
Logged
hayabusa
Hero Member
*****
Offline Offline

Posts: 1632



View Profile
« Reply #8 on: March 18, 2009, 08:05:19 AM »
I did a test, not long ago, for a hotel chain that was using such login screens and ssl.  I used a combination of ARP spoofing / MITM (to catch the login credentials,) and then MAC spoofing and was able to gain access pretty quickly.

You simply need to take your time, and work out each piece of the puzzle, methodically, before you start hacking away, to make sure you have a good feel for how to get by each measure of security.  SSL, when used with a webpage login, is extremely vulnerable to the MITM attacks, particularly where you're dealing with either hotel visitors or hotel staff (who generally are NOT well-versed in security, and who will readily click on SSL certificate messages, without thinking.

And, as Don says, however, you ARE doing this for legit purposes, correct?
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH
Kev
Sr. Member
****
Offline Offline

Posts: 428


View Profile
« Reply #9 on: March 18, 2009, 10:06:16 PM »
This is one of those times when a windows tool can do the job nicely. Cain and Abel is a great tool for Mitm, arp poison routing and good ole network sniffing. I have found it does a great job testing the security for most hotel login screens.
Logged
Soolari
Newbie
*
Offline Offline

Posts: 13


View Profile
« Reply #10 on: March 28, 2009, 10:32:03 AM »
Wht...about a wireless that askin 4 security before it connect how do i bypas that plz any hlp
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.056 seconds with 24 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.