Jump to content

VPN Initial connection insecurity


Lost In Cyberia
 Share

Recommended Posts

Hey everyone. I have a problem, but it may be my lack of understanding that is the cause. Ok so I attend a technical school, and needless to say there's a lot of wannabe hackers, pranksters and what not.

So from my laptop I'd like to connect to the wireless AP's around campus, but security is a concern of mine. So I'd like to use SSH to create a tunnel to the AP, and back to my house where I have an 'always on' connection. The whereabouts of my location doesn't matter, I'm doing it more just to have a secure connection to the wifi access point, from potential wireshark captures and man in the middle attacks. I expect the vpn tunnel to the wifi access point to be able to protect me from prying eyes.

My problem is thus, I want to do an ssh user@hostaddress -D 8080 from the terminal. This says create a secure connection to my user at my home address, and put all traffic through port 8080. But I can't execute this because my school has one of those "Login to use wifi" pages. Where you must supply your credentials that you are a student before any connections can be made.

So I'd have to put in my student ID and password, before I can even set up the tunnel to the wifi. This isn't just with my school, it's also at starbucks. You must supply a password to their wifi, unencrypted, before you can set up the vpn to the AP. So the ssh command doesn't work, until you input a valid password, but I don't want ANY of my credentials going out unencrypted. This first initial step may seem trivial, but it's the kind of thing I want to avoid. Is there anyway to set up the vpn to the AP before having to prove my access to the login page?

Link to comment
Share on other sites

Research how to by-pass captive portals and if you have a pineapple you can install the evil portal infusion and test by-passing it on there. I hope this sets you in the right direction and good luck!

Link to comment
Share on other sites

If using putty, there is a setting for adding the schools proxy login info that may work depending on how you login (connection > proxy > add schools info), and still be able to tunnel using the Connection > SSH > Tunnels part as well . In your browser though, you add the socks5 proxy settings for the SSH tunnel you setup and putty should log you through their proxy and then tunnel you to your home box(assuming you can SSH into it and its configured properly to work as a tunnel).

Then go to IPchicken.com, see what your IP is. If its the schools, your using their IP and tunnel is not setup properly. If its your homes, then you are using your home IP while putty passes the login details to the school portal for you and then sets the tunnel up. Just depends on how the schools portal works.

Edited by digip
Link to comment
Share on other sites

Thanks guys, I knew there had to be a way around it. Yea I need to get a pineapple.. and digip do you reccommend putty over using the ssh command from the cli? I'm using linux

Link to comment
Share on other sites

Thanks guys, I knew there had to be a way around it. Yea I need to get a pineapple.. and digip do you reccommend putty over using the ssh command from the cli? I'm using linux

Aside from wine and putty, regular SSHd should be able to pass it as well as use proxychains. look up the man pages on SSH though.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...