Unlimited WiFi: Bypass Captive Portals and Proxies with a Twist!
Presenter: Sajeeb Lohani & Maeesha Lohani
Format: 30 mins
Location: The Studio
Have you ever been stuck in the airport and run out of the one hour free WiFi? Have you ever been in a hotel that makes you pay for WiFi? Our talk, Unlimited WiFi, helps understand the common flaws within captive portals and proxies. On restricted networks, these methods can be used to exfiltrate information, where it may seem rather difficult, and download necessary exploits (please stop blocking exploit.db… makes pen testing a pain!).
Finally, we will talk about how we developed a mini-authentication framework over DNS, allowing us to turn on IoT devices when stuck in a plane and WiFi connectivity is questionable!
This talk brings in the concepts of misusing whitelisted software, writing scripts to bypass restrictions, writing your own authentication, and general software vulnerabilities. Our audience should gain a good understanding of the most common weaknesses within our target software and interesting ways to use the flaws they expose to our advantage!