Useful if you're ever wanting to get free wifi in airports, hotels, etc. Works for most networks that assign via MAC addy after the user pays for the service.
Free WiFi
Step 1 - Connect & IP identification
Connect to the wireless network as if you were going to pay for it. When you connect to the hotspot, you're issued an IP which you verify by entering ifconfig and hitting enter. In the output, you'll want to note two IP addresses... the first is the third line down next to "inet" (that's your assigned IP) and then the IP next to "broadcast" (that of the hotspot.)
Step 2 - Ping networks for IPs of devices that already paid
So here just enter the ping command followed by the broadcast IP of your hotspot. When the command runs, you're going to see a bunch of different IP addresses. After you see some of the IP's repeating themselves, hit 'ctrl-c' or the equivalent for your OS.
Step 3 - Grabbing MACs from arp cache
Type arp -a into your command line and obtain the MAC addresses in your arp cache. In the same line, is the IP that's associated with the MAC. So implicitly, the majority of MACs in the cache are connected devices who already paid.
Step 4 - Spoof MAC
Grab a couple of MAC addresses from your cache list (sometimes the first one doesn't always work, you never know now w/ the way that some laptops, smartphones and tablets passively connect to neighboring wifi networks automatically). Spoof your MAC to one the connected ones by typing "sudo ifconfig en1 11addr 5c:ae:3c:84:d0:65" (replace the example MAC with yours obviously)
Step 5 - Enjoy
Disconnect from the wireless hotspot and then reconnect after you've changed your MAC. This will grab a new IP address and since the router already has your (the spoofed) MAC address in its cache, you'll be assigned the same one as the original MAC device. Most hotspots keep track of who is connected via MAC address, so now you can enjoy your free internet
Notes:
The MAC address change won't survive a reboot (sleep mode seems to retain it for me, however)
If you do this and the user is actively connected, you'll automatically boot them off the network. That's the devious part. And if they reconnect, you get booted. So the technique works better in a hotel or area where your chances of being online at the same time as your spoofed MAC user are minimal.
Not all MACs in the arp cache have necessarily paid to access the internet, so be sure to grab a few to use.
The original MAC user gets kicked off the network. Then the original MAC user tries to reconnect and kicks you off.
Not everyone is an active user, which is why I suggest grabbing a couple to use. People may purchase 24 hrs of time and only use it for an hour, leaving you with 23 hours of potential use.
It's kind of like dumpster diving or being a freegan. You're just getting the scraps, but at least it's free xD
Tuesday, February 5, 2013
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment