.

[Article]-Free WiFi in Airports and Public Hotspots

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sat Apr 14, 2007 3:19 pm

[Article]-Free WiFi in Airports and Public Hotspots

Another great addition to the growing number of works by Brian Wilson here on EH-Net.

Permanent Link: [Article]-Free WiFi in Airports and Public Hotspots

By Brian Wilson, CCNA, CCSE, CCAI, MCP, Network+, Security+, JNCIA

Recently while traveling I noticed a hot spot and wanted to surf the internet. Once I connected to the AP I had seen that they wanted to charge me $8 per day to surf the internet. I thought that was just too much money for a quick internet connection, and my layover between flights was about 3 hours. I decided to see what I could access while connected to there AP.

Disclaimer: This paper and the topics covered in the paper are just for educational purposes and should not be tried on a network without the permission from the owner of the network you plan on testing. I hold no responsibility for any actions or damage that might accrue if you try anything explained in this paper. “Do not do this at home kids” hacking/cracking/pen testing might be harmful to your health.


Feel free to add your comments,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Apr 17, 2007 9:22 am

Re: [Article]-Free WiFi in Airports and Public Hotspots

Hey All,

Help Brian get some well-deserved attention for his work by digging his article here:

http://www.digg.com/security/Hack_Your_ ... c_Hotspots

Thanks,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

Cutaway

User avatar

Jr. Member
Jr. Member

Posts: 96

Joined: Mon Nov 20, 2006 5:02 pm

Post Mon Apr 23, 2007 11:25 am

Re: [Article]-Free WiFi in Airports and Public Hotspots

In the News on Mike Rothman's blog: http://securityincite.com/TDI-2007-04-23#TBP1

Cutaway
Go forth and do good things,
Cutaway
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Apr 23, 2007 12:55 pm

Re: [Article]-Free WiFi in Airports and Public Hotspots

Nice find. Always good to know where we show up.  8)

Thanks,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

LSOChris

Post Mon Apr 23, 2007 8:31 pm

Re: [Article]-Free WiFi in Airports and Public Hotspots

yeah brian!
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Mon Apr 23, 2007 8:50 pm

Re: [Article]-Free WiFi in Airports and Public Hotspots

Wow I am a stud now. Just kidding I am very thankful to everyone that supports my work and this community. You guys here are the reason I write the papers and want to be active in the community. Anyway Let me know if you would like anything else covered with a paper or video I am sure that Chris G., Myself, or any other members here would be happy to whip somthing up.

Thanks,

Brian
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

greymore57

Newbie
Newbie

Posts: 1

Joined: Tue Aug 22, 2006 3:21 am

Post Wed Apr 25, 2007 4:14 am

Re: [Article]-Free WiFi in Airports and Public Hotspots

Hey Brian,
              Nice article, thanks for that, I am just a little confused about the use of Cain as a network sniffer, I understood that Cain would only sniff ethernet networks and not wireless, do you have a different version?

On a different note, and this is where I don my fireproof coveralls, and stick my tongue firmly in my cheek :) you said in the article -

I wanted to do this just to see if it could be done and to gage the security of this network.

And even though:

Please note I did pay for service after testing the AP, and I was not cracking anything.

Does this not break the code of ethical hacking :)

As I said tongue firmly in cheek and fireproof coveralls on so please don't flame me!  :)
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Wed Apr 25, 2007 6:13 am

Re: [Article]-Free WiFi in Airports and Public Hotspots

greymore57,


1) Cain & Able can sniff on Ethernet over wireless once you have connected to the AP if it is not encrypted or if you have the WEP/WPA key. To crack the WEP key you need a special WiFi dongle with cain but if you are on the network you sniff just as if your connection is a 10/100 Ethernet connection.

2) I would say that since I paid for the service I feel my actions where not too dark but yes the test I did would fall into a gray area. On the other hand I never said I that the MAC address I barrowed to surf was not my other laptop. So If I already paid for service with one laptop and then changed the MAC on my other laptop to see if it would surf; was I in the wrong if in the end I did pay for service on both laptops? Anyway alot of time the ethics you are faced with depend on what your personal ethics are. I do not believe I broke any ethics or hurt anything. By the actions I performed I was able to see how my computer worked on this network. Now if I was to enable the Password filters on Cain and start capturing other users sensitive information while doing my test i would of crossed the line. I do know that the state I was in when testing this AP I broke no laws. If you would like a link to the computer access/hacking laws for different states go here: http://www.ncsl.org/programs/lis/cip/hacklaw.htm


Thanks,

Brian

P.S. Nice 1st post and welcome to the forums feel free to PM me if you would like more information on this test I did or you can post your questions and comments here.
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

LSOChris

Post Wed Apr 25, 2007 5:02 pm

Re: [Article]-Free WiFi in Airports and Public Hotspots

who cares if he paid for it or not...

the point is the weak authentication and control schemes used and that basing full access on a MAC is not a secure means of access control.

the whole idea of hacking any type of OS or system usually entails breaking license agreements and EULA but everyone loves their 0-days so i guess we overlook that?
<<

Kev

Post Thu Apr 26, 2007 9:24 am

Re: [Article]-Free WiFi in Airports and Public Hotspots

I dont know of an "ethical hacker" that wouldnt have done what Slimjim did.
<<

1slorunner

Newbie
Newbie

Posts: 5

Joined: Mon Aug 13, 2007 10:36 am

Post Sun Aug 19, 2007 7:57 am

Re: [Article]-Free WiFi in Airports and Public Hotspots

"1) Cain & Able can sniff on Ethernet over wireless once you have connected to the AP if it is not encrypted or if you have the WEP/WPA key. To crack the WEP key you need a special WiFi dongle with cain but if you are on the network you sniff just as if your connection is a 10/100 Ethernet connection."

I am a little confused and need some clarification on this.  I thought that you must purchase AirPCap with USB adapter to accomplish this.  Can someone please elaborate on this?

Thanks in Advance.

Joe
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Sun Aug 19, 2007 2:40 pm

Re: [Article]-Free WiFi in Airports and Public Hotspots

Correct to use Cain to Break WEP you do need the USB AirPcap device but if you are on a non-secure AP you do not need to crack wep. Also there is alot of other tools you can use to crack WEP/WPA like Aircrack-NG (http://anti-hacker.info/video/Aircrack/Aircrack.html). Once you are on the network wired or wireless you can use all the tools in Cain & Able. Let me know if you need more info.

Thanks,

Brian

aka Slimjim100
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

1slorunner

Newbie
Newbie

Posts: 5

Joined: Mon Aug 13, 2007 10:36 am

Post Wed Aug 29, 2007 9:43 am

Re: [Article]-Free WiFi in Airports and Public Hotspots

Brian --
Thanks for the info but I am still need some clarification. 

"Once you are on the network wired or wireless you can use all the tools in Cain & Able"

I can associate with an AP but I am not able to use the full functionality of Cain and Able and I was told that this was not possible without purchasing the airPCap adapter and software.  Am I wrong or just doing something incorrectly?  I have no issues using Cain & Able wired but wireless I have no functionality.  Thoughts? Ideas?
<<

LSOChris

Post Wed Aug 29, 2007 3:27 pm

Re: [Article]-Free WiFi in Airports and Public Hotspots

what specifically are you not able to do?

also, is the AP giving you an IP or are you just connected?  sometimes you can can "connect" but not send packets because of the encryption
<<

1slorunner

Newbie
Newbie

Posts: 5

Joined: Mon Aug 13, 2007 10:36 am

Post Wed Aug 29, 2007 3:41 pm

Re: [Article]-Free WiFi in Airports and Public Hotspots

Chris --
I am trying to do ARP Poisoning via wireless.

Joe
Next

Return to Wilson

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software