I’ve been looking into captive portal WiFi implementations and on a few I’be been able to easily bypass their login with the following steps:
- 1) Open Wireshark and run a report getting the most used IPs in my network (except the router’s IP and mine)
- Chang my mac address to that IPs associated mac
- refreshing the NIC
My rational was that it seemed like most captive portal just redirect all your traffic to a login page, once you login it seems to whitelist your mac. So I just found the IPs that had the most traffic that were on my network and assumed they are probably already authorized to use the internet. Sometimes it takes a few tries to get the right mac, but this normally works. I’m wondering what other better authentication methods are out there that solve this problem.