Forum Thread: Pentesting on WiFi

Hello people ...
I have a question related to pentesting on someone's WiFi network.

That WiFi network is located in pizzeria near my house. Is it legal to scan that network, do recon, find vulnerabilities and try security of devices? There is main computer that is using Windows 8/10 and is being used to sync orders with pizzeria's website and to things related to that. So if I will try to put backdoor to that PC and it will success, and then I'll report vulnerabilities to that pizzeria's boss (manager), am I breaking the law? I mean if I'll do pentesting without permission before that.

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

24 Responses

Yes, you are breaking the law.

Ok, and if I'll ask for permission?

If they give you permission its not breaking the law, but I strongly suggest that you don't do that since they may say that they didn't actually give you permission, or that the contract you signed was invalid.

Stick with you own devices now, or make a pen testing lab.

Thanks for warning, Washu, but I think they care about security of their clients and I think they will allow me to do that and they won't say they didn't.

Life can be a lo more complicated than that, you may both have good intentions but you never know what could happen. At least you've been warned :)


I won't do that, because of your warning, thanks. I will stay on hacking on my home and school network, thanks.

In case they kick you out and tell you to never come back to their pizzeria, make sure there's another Pizzeria around first :)

I read a story about how a witty security engineer hacked into the Times journal and reported all the simple vulnerabilities to them. They immediately pressed charges against him and refused to accept his report.

Sometimes the intelligence of a company is lacking when it comes to the field of security. Regardless of your intentions, if they know nothing about hacking or pentesting there is a high chance they will try to charge you simply because they don't know what a benefit the service is.

Might as well do it from an anonymous laptop and email a report using a disposable email.

Seriously? You're still debating over whether something is legal or not?
I mean don't you get why this platform is here in the first place?

YES, IT IS TO EXPLOIT. The "Educational Purpose Only" is only a fancy facade to evade the law enforcement. YES, WE ARE ALL HERE TO LEARN HOW TO HACK SO WE COULD EXPLOIT OTHERS. There's NOTHING called "Ethical". And there's nothing called Illegal. Exploit all you want because you are intellectually superior and make them realise how it feels like when they can't even detect a freaking intrusion.

This is an example of what Null Byte is against.

People who only seek our help to hack and exploit others.

But that's not me! I am not going to exploit anybody without authorization!!!

I was replying to Hamza. You actually posted a question in the correct format.

Ok, sorry about that.

Don't wanna burst your bubble but everyone learns hacking for one purpose i.e. to EXPLOIT others.

The only people that come here to "exploit others" are quickly chased off by TRT.

Lol, TRT? Who's he? Some sort of moral police bent on cultivating internet ethics while teaching how to hack at the same time? The irony is strong with this one.


That's not true. Your comments reflect your own intentions. Many people learn hacking for pentesting and other legitimate purposes

Those are very few in numbers.
Why are we even fooling each other? We all know the basic purpose of learning hacking is to exploit people.

What the hell? I am pentesting because of trying to prevent people getting hacked. I do not want to exploit anybody!

True. I am learning hacking for pentesting and helping others.

I am just asking, calm down.

Share Your Thoughts

  • Hot
  • Active