Bypassing Mikrotik Access Point Login

From OnnoWiki
Revision as of 03:46, 30 September 2010 by Onnowpurbo (talk | contribs) (New page: Sumber: http://www.toolshowto.com/?p=162 I want to start with a simple question here…’How secure was your Hotspot Area?‘..In some case, there’s a bored thing when we got an access...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Sumber: http://www.toolshowto.com/?p=162

I want to start with a simple question here…’How secure was your Hotspot Area?‘..In some case, there’s a bored thing when we got an access point with a login form. Why we should fill this form if we could passing away??And the second question is ‘How to bypass this mikrotik security?‘

So, let’s begin :

1. Let’s recognize what metode that used :

This is an important step, except you’ve already knew what security methode that has used by the administrator. If the administrator using the Aunthentification method, all you have to do is :

  • Get connected to the network
  • Make sure you got the IP address and the DNS address
  • Run the “NetCut” tool (For win***s), or “wireshark (for linux” then scan your entire network.
  • Look at the clients that already connected to the network. Copy the MAC address to your MAC address.
  • Restart the network, and then re-connect to the network
  • …that’s it..!!! You got it man…

2. If the administrator using the Authorization method, all you have to do is :

  • Try to follow the first step method. If you still can’t browsing, use the wireshark to listening any communication around the network. You can try change your MAC address to the connected client MAC address before connecting the network, or you can try to edit the IP address configuration manually, including the DNS configuration.
  • If still doesn’t works. Try to disconnect the already connected client that you’ve copied the MAC address.
  • Still doesn’t work??wow..the admin must be an expert !!!

3. If the admin using Accounting method, all you have to do is :

  • Try the first step. Then run the wireshark
  • Classified the client IP’s (in case the admin made a different class for each client, usually in Accounting method, there is a VIP customer)
  • Try to change your MAC address to each client class. This step is used to attemp we could have a VIP customer facility.

So, that’s all folks…Hope you can try this out..

If you are administrator, you have to patch this. You can read the how to at http://whitesecure.com.


Referensi

Pranala Menarik