Easy hotspot session acquisition

[IceBerg]

WARNING: Use this information in some areas of the world may be hazardous to your freedom. As always you and you alone are responsible for your action!

Because I can not release the software that does this automatically, I'm going to explain the process of how you do this manually. It is very simple and you should be able to follow this easily. There are some assumptions made here.

1. The hotspot uses http authentications

2. The hotspot does not use wep/wpa etc or you already have the key

3. you are using an OS and card that allows you to change your mac address (I will use Linux)

First you need to sniff out a MAC and an IP address with a sniffer such as kismet or wireshark or many others. Then you have to watch for the activity to stop. The reason you do this is if you jack a live session all kinds of bad things could happen that will give you away and could land you in free living quarters. So wait till the session has stopped. Once you are sure it has, set your IP and your MAC and surf away.

The way youchange your mac is simple in Linux and most other Unicies. Asuming the wireless interface is wifi0

ifconfig wifi0 down

iwconfig wifi0 mode managed //just to make sure your back in managed mode

ifconfig wifi0 hw ether {target mac address}

ifconfig wifi0 {target ip address}

ifconfig wifi0 up

Now there are a few things to consider here.

1. you need a dns server, for these I hard code a dns I know, you can look up how to do this.

2. some hotspots allow people to logout, most people don't but this will stop you

3. some sessions are timed and time runs out

Yes I know this is so very simple but there are some who may not have realized how simple it was, and many who have asked about the program that automates this. The reason I can not release the program is it was written under strict stipulations. If you think about it though it;s quite simple to write and in C/C++ should take less than 200 lines of code.

[Lord C]

I knew about cloning MAC addresses, but I never thought of doing it for this purpose.

Nice one IceBerg

[gEEEk]

1. you need a dns server, for these I hard code a dns I know, you can look up how to do this.

Great suggestion. :)

But..

Why would I need a DNS server?

[IceBerg]

Great suggestion. :)

But..

Why would I need a DNS server?

I wasn't quite clear on this. You need a DNS server to resolve off of since were not using dhcp we do not get assigned one. If we don't set a static one then we can not use name resolution. So I dont mean we need to run one, just have one in resolve.conf.

Sorry for the confusion on that.

[WhollyMindless]

Just hardcode dns to OpenDNS. It's faster and not managed by the network owners.

208.67.222.222 and 208.67.220.220

[IceBerg]

Just hardcode dns to OpenDNS. It's faster and not managed by the network owners.

208.67.222.222 and 208.67.220.220

Those are actually the ones I use in my software. I just was leaving it open for anyone to use what they wish.

[H@L0_F00]

nice! They used something like this at Utah State University when I went there for football camp.

You just had to call the IT department to get the daily code for visitors though.

this wouldn't work if they authenticate through cookies though right?

unless you captured one and forged it?