Jump to content

HotSpot Piggyback


Recommended Posts

There is "normal" concept of using the Pineapple in the field which essentially looks like:

wlan0 = "FreeWiFi" , wlan1 = client mode connected to "BoingoHotspot" : Under this configuration you as the pineapple owner are responsible for getting through the wlan1 "BoingoHotspot" splash page/portal first so that you are actually sharing their connection but no one on FreeWiFi knows this.

But, what I like to call HotSpot Piggybacking looks something like this:

wlan0 = "BoingoHotspot2", wlan1 = client mode connected to "BoingoHotspot" : With this configuration you are fishing for a legitimate BoingoHotspot user to authenticate themselves on what they believe is a legitimate Boingo AP. It looks and behaves exactly like the real thing because they are seeing the real splash page. But, once they authenticate themselves you and any other user on the Pineapple afterwards has internet. Also, you are still the MITM and can see all users traffic i.e. use tcpdump or ettercap or turn on sslstrip etc.

Does anybody else use this method? I realize it can take time, but I think it's a viable alternative if you don't have free wifi around or a cell stick/hotspot to use with your pineapple. And it can work in coffee shops or airports equally well, it just requires a high turnover of users who logon to their local account with the hotspot provider.

Link to comment
Share on other sites

Yep. that's why I have implemented WPA2 with Radius auth for my Hotspot AP... I was getting a lot of complain about user not being able to login while our system said they were loged in and being charged for...

Now they login to WPA2 as guest, purchase internet access using encrypted channel, then the portal send a WISPr message to the device which contain their personal WPA2 credential,... please hack that guy, you are the reason I have a job lol ;)

Edited by madhak
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...