how to bypass hotspot login page of connected wifi network
#21
(05-03-2017, 04:53 PM)enmafia2 Wrote: Any updates on this OP I would love to know if you managed to get in  Tongue

Hak5 just uploaded a video getting unlimited Wi-Fi on airplanes and it remembered me to this thread.
The trick is very simple, as they gave 50 free minutes to each MAC adress just keep changing your address every 50 min would do the job.

Watch the video here (go to 7m 16s for the specific part):

The issue here would seem to be that once you connect to the access point you get served a landing page, you can't just type in a URL and go from there. There is another authentication step you have to go through. If you authenticate at the landing page you get a session cookie which allows you to browse. To circumvent this one would need to hijack the session of another user. Cross Site Scripting would seem like a viable attack vector but you would need a way to serve your XSS payload to users that are already authenticated.

Here is an article that goes a little more in depth.
Reply
#22
If u are already connected, u could go for MITM and DNS poisoning. Do a MITM on all hosts, clone the login page on your machine and then redirect all DNS queries to your IP. Of course spoof your MAC first.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  How far does wifi pineapple reach? QMark 4 7,873 03-14-2019, 02:42 PM
Last Post: MuddyBucket
  What other ways are there to capture passwords on an open network besides sniffers? QMark 5 7,734 06-28-2018, 08:22 PM
Last Post: enmafia2
  Denying Someone's Device from a Public WiFi nats 0 4,965 06-11-2018, 06:20 PM
Last Post: nats
  What are some of the most efficient ways to learn how to hack into residential WiFi's Lucy77x77 2 5,641 05-08-2018, 01:28 AM
Last Post: Lucy77x77