Piggyback On Paid Wifi

[DV22]

Hey guys,

I was wondering if anyone knew of a way to piggyback off of a client who's using paid wifi in a hotel, like say with ARP poisoning.

I know about ICMP and DNS tunneling, but I'd rather not have to go through setting all that up, plus my home internet connection isn't very fast.

Edited June 7, 2010 by DV22

[Sparda]

Pay walls often employ VLAN'ing to achieve there goal, in order to bypass this you would need to to pretend to be there computer, depending on the configuration you may or may not have to be attached to the same access point. However, having two computers on one network that appear to be the same will result in things not working.

[DV22]

Thanks for the reply. I wonder if you could just, rather than impersonate the target, just send packets with the target's IP address and parse the replies as they come over the air.

[mux]

Thanks for the reply. I wonder if you could just, rather than impersonate the target, just send packets with the target's IP address and parse the replies as they come over the air.

So how do you plan to differentiate the packets between what is yours and what is not? MAC Address redirection? Chances are you're going to be spoofing your MAC Address to pull off some sort of "impersonation" attack.

DNS tunneling is probably going to be the easiest way to do what you want to do. ICMP doesn't really work well at most places since ICMP port is usually blocked by default on the firewall.

If you're worried about not having enough equipment to setup a server for DNS tunneling, just use a virtual machine and turn it on and off as needed.

Edited June 8, 2010 by mux