I've recently been on holiday in Europe, staying in a hotel that was part of a big chain that included many in the local area. A quick review of the wi-fi within range of my room showed that there was another in the chain that was in range of my Yagi Turbotenna, which naturally got me thinking. If I wanted an anonymous internet connection, this could be quite handy.
After packing off the family so that I could have a couple of hours to myself I wandered over to the nearby hotel, carrying a beach bag, wearing shorts and looking like exactly what I was, a tourist. The hotel operated exactly like my own, in that it had no security on the entrances and people were free to wander in and out as they pleased. I settled myself by the pool and began people watching, behind my inconspicuous sunglasses.
After a while I spotted exactly what I was looking for; the guests here used keycards that were identical to the one I used in my hotel. Unsurprising as they were part of the same chain. I packed my bag and headed for the foyer.
Carrying my Kindle in my hand, and with my hotel keycard plainly visible on top, I approached the reception desk and explained that when I arrived I had not asked for the wi-fi login details. Note that I did not say that that I had not requested them when I "checked in"; if I had done so and the receptionist had asked for my name and room number I'd have been screwed. As it was, if she'd asked for more info I'd have said I was visiting a guest but did not know their room number as we were chilling by the pool.
In any case she simply reached under the desk and produced a small slip of paper upon which were written the login and password for the hotel wi-fi. Result! I went back to the pool, bought a beer and caught a few rays before heading back to my own hotel with the ability to log onto a separate wi-fi system that would have been almost impossible to track back to me. No need to aircrack, reaver or pixie-dust, just a bit of forethought and the balls to blag it. A simple example of why the human element is most probably going to be the easiest way to compromise a system.
Happy hacking folks.
Want to help support Null Byte and start making your own money as a white hat hacker? Jump start your White-Hat Hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from Ethical Hacking Professionals.