kickarse Posted August 2, 2006 Share Posted August 2, 2006 So at a university where I worked there was a Radius server. This allowed login varification (AD integration). So basically you open up IE/Firefox, come to a login page and your session is authenticated. You basically put into a DMZ of sorts and then once authenticated your IP is then allowed to passthrough data (FTP, HTTP, etc). My idea is sorta that you setup a http server on your localhost. Allowing access from any IP and sending them to a "login page" that looks exactly like the Universities. But instead of authentication, it cancels them out with a "505" error and you have their username and password. Setup the wireless cards MAC and SID to match the AP that is closest to you. That way your stronger signal will be the one it connects with. In theory it might work. What do you guys think? Quote Link to comment Share on other sites More sharing options...
Sparda Posted August 2, 2006 Share Posted August 2, 2006 Scammers do this in hotels with open access points. The scammers will use ARP cache poising and a web server to trick people in to entering there cradit card numbers. This is esentialy the same thing. It is possible, but I don't know the exact software to use (Although it probably will requiere Linux). Quote Link to comment Share on other sites More sharing options...
stingwray Posted August 2, 2006 Share Posted August 2, 2006 Usually scammers then forward you on to the legitimate site after you have entered your details so that you think nothing is wrong. Banks etc. are now started to look into where logins come from more to try and stop this. Although the scammers still get the details. If your laptop uses the first details that you capture to be authenticated and then everybody else that uses your AP their details are just stored in a document. The radius server might not accept multiple logins from one computer, it looks suspicious. Quote Link to comment Share on other sites More sharing options...
metatron Posted August 2, 2006 Share Posted August 2, 2006 I talked about this some time ago on another thread, where someone wanted to know how to get by a pay for WIFI service. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.