Connecting to a public network might be a simple task to most, but not all. It can be challenging, especially if one is not aware of the tricks that should be done or tools to be used. This write-up is intended for the beginners, who are new to wireless penetration testing.
While waiting for my friend to finish his work, I’ve decided to wait outside and obtain a free Wi-Fi connection. Of course, nobody gets a password without ordering at least $3 cup of coffee. I’m not a fan of overpriced caffeine, so I ended up connecting to their network using some tweaks.
Since I don’t have any password, I landed on this portal after establishing a connection to the access point.
If you’re a Windows user, you might not be able to follow along but stay with me, for learning’s sake.
I am using Ubuntu 18.04 and started opening a terminal window. A random ping test shows that there is a firewall blocking my packets.
The tool I used is aircrack-ng. In a nutshell, Aircrack-ng is a well-known tool used by different cybersecurity experts in network and penetration testing. That said, this baby is capable of password cracking.
I fired up this tool and enabled monitoring mode using the following command:
Then, I ran this command to show the list of Wi-Fi names present (a.k.a. SSIDs).
Since The Coffee Paradise (TCP) is a public place, there were obviously a lot of access points that were being broadcasted (and being exposed). Our target SSID will be “CP WIFI”.
Execute an airodump with the MAC address or BSSID of the target access point.
Then, monitor your target access point to see all the connected users on the AP.
Select any STATION mac address and save it to your notepad.
Turning off the monitoring mode of my wireless interface.
Turning off the wireless interface itself.
Changing the MAC address of my wireless interface to the MAC that I’ve copied from the STATION.
Let’s turn on the interface.
Once I’ve changed my wireless interface MAC address, I received an internet connection.
Done! I have an internet connection.