G
G
good_sefore2020-03-03 18:14:34
linux
good_sefore, 2020-03-03 18:14:34

Is it possible to inject Captive-Portal via arp-spoofing?

At our department, we asked ourselves such a research question: is it possible to implement Captive-Portal via arp-spoofing? So what we have at the moment: a Wi-Fi network in the department with WPA2, our computer with Kali Linux which is on the same network and several other machines that are connected to the same network, but with Windows. Ah.. and a few Android phones are also on the same network. The task is to enable arp-spoofing on our Kali Linux machine and then, in fact, implement our Captive-Portal through our Kali machine. The result should be such that when the device is reconnected (let's say Android), it will be redirected to the page of our Captive-Portal. What will be the ideas gentlemen?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
Armenian Radio, 2020-03-03
@gbg

Normally, your idea will not work - HTTPS sites (and most of them are now, more or less adequate admins know about LetsEncrypt) will send you on foot to the erotic site right away.
Further, normal Wi-FI points (that is, not D-Link ten years old) have protection - they push clients into personal tunnels and do not allow client-client connections. So you can at least spoof , the whole department.
In total, your "hack" will work on shitty Wi-Fi and crap sites with HTTP.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question