February 10, 2009 at 9:21 am #3333bazpaulParticipant
Hi, Im just wondering is it possible to crack wireless where you have to login via a website. Like in a hotel or cafe where they give you a password and the webpage defaults to a login screen.
February 10, 2009 at 2:12 pm #22094Don DonzalKeymaster
Yes. It is based on MAC address, so spoof that, and voila… I think there may be a post or 2 on this forum about that. Let me see if I can find it.
BTW – Being the “Ethical” Hacker Network, you are doing this as part of a pen test with permission from the hotel, right?
February 10, 2009 at 5:34 pm #22095jasonParticipant
Google is your friend. Try something along the lines of ‘wireless mac security’.
February 10, 2009 at 10:17 pm #22096SynJunkieParticipant
Not sure if its any use to you but did a blog post on bypassing mac address filtering a while back.
i’m sure there are better guides but it might be of use.
February 10, 2009 at 10:38 pm #22097jasonParticipant
Nice post Syn. Always helpful to have pretty pictures 🙂
February 10, 2009 at 11:08 pm #22098SynJunkieParticipant
Thanks, i aim to please 🙂
February 12, 2009 at 8:25 am #22099VertigoParticipant
It not so easy to crack login in some cases… some ISP’s use ssl secured login with unique passwd. MAC address change in this cases will not help :-
March 17, 2009 at 6:38 pm #22100munkeyfreenix.batcatParticipant
i don’t know much about it, but I believe Dan Kaminsky had done something with DNS and tunneling to get through those sorts of things.
March 18, 2009 at 1:05 pm #22101hayabusaParticipant
I did a test, not long ago, for a hotel chain that was using such login screens and ssl. I used a combination of ARP spoofing / MITM (to catch the login credentials,) and then MAC spoofing and was able to gain access pretty quickly.
You simply need to take your time, and work out each piece of the puzzle, methodically, before you start hacking away, to make sure you have a good feel for how to get by each measure of security. SSL, when used with a webpage login, is extremely vulnerable to the MITM attacks, particularly where you’re dealing with either hotel visitors or hotel staff (who generally are NOT well-versed in security, and who will readily click on SSL certificate messages, without thinking.
And, as Don says, however, you ARE doing this for legit purposes, correct?
March 19, 2009 at 3:06 am #22102KevParticipant
This is one of those times when a windows tool can do the job nicely. Cain and Abel is a great tool for Mitm, arp poison routing and good ole network sniffing. I have found it does a great job testing the security for most hotel login screens.
March 28, 2009 at 3:32 pm #22103SoolariParticipant
Wht…about a wireless that askin 4 security before it connect how do i bypas that plz any hlp
- You must be logged in to reply to this topic.