Hacking Wireless Networks with Windows
by Carbide
First, the necessary disclaimer: gaining unauthorized access to wireless networks, especially when someone wants you to pay, is probably illegal. This article is provided for information only.
I was recently on a business trip, and I took the company-provided Windows laptop with me.
The hotel I was staying in had Wayport wireless access for a fee.
Opening up Firefox took me to the page that explains the pricing and service. The hotel I was in happened to have only unlimited plans, which I'll explain later.
My friend once told me that he had read in 2600 a way to gain access to wireless networks by MAC address spoofing in Linux. He basically described that you find other computers on the wireless network, then find their MAC addresses, then change your MAC address to match theirs. Once this is done, the wireless router routes every other packet to your computer. The way it was described, the wireless router thinks both computers are one computer because they have same hardware address.
Not having Linux with me at the time, I made sure I had two very important programs: Kaboodle and Technitium MAC Address Changer.
First, I connected to the wireless access point of interest and opened up Firefox to ensure that the correct page was displayed.
Second, I opened up Kaboodle and waited for every computer on the network to be scanned. This may take a while if the network is really busy. Then, the computers were displayed; some are shown as computer names like NANCY, others as IP addresses.
Double-clicking on one of them shows the computer's MAC address:
The next step is to change your MAC address to the one that is displayed.
There are several ways to do this in Windows. One way that I'm familiar with is to edit the registry to change the address, but I prefer the Technitium MAC Address Changer for frequent changes.
Open up this program, and change the MAC address to the one that is displayed by Kaboodle.
The wireless card should be disabled and then re-enabled, and then it should reconnect to the network of interest.
Navigate to your homepage and it should display.
Some problems that might be encountered are slow page load times, frequent disconnects and reconnects to the access point, and a complete inability to access the AP at all.
I encountered slow page load times. This might be attributed to both computers trying to access a lot of information at one time or downloading or uploading large amounts of data. If this happens, changing to a different MAC address might be useful.
The second problem might be the router trying to defeat this method, detecting two identical MAC addresses, and not allowing either to connect.
The third problem might be that the router has detected one MAC address first and will not allow an identical one to connect because it has already associated.
Several moral and ethical problems might be considered.
For example, if this is not an unlimited plan, then each byte might cost the customer money. Common courtesy would dictate that you make sure you're using an unlimited plan.
Also, if the user suspects that activity has been going on when they were not using the service, it might raise some questions.
Another potential problem would arise if the customer gets randomly kicked off; they might call technical support to investigate, which could further complicate matters.
The last moral dilemma is charging for wireless access in the first place, which should put people at unease, but, surprisingly, doesn't.
One problem with this is charging for a substandard service when other services are available that people would have no objection to paying for, such as Ethernet and fiber optic connections.
The other problem with charging is that offering free wireless access attracts customers to whatever service you are offering, whether it's staying at a hotel or getting a cup of coffee.
I apologize for the digression and for any disagreeing letters that might follow.
Thanks: Droid for telling me about this method and the author of the 2600 article about it.