Date: Fri, 20 Dec 2013 01:23:18 +0100 From: Rainer Duffner <rainer@ultra-secure.de> To: Lars Engels <lars.engels@0x20.net> Cc: freebsd-mobile@freebsd.org Subject: Re: Wifi && connect from Android YourFreedom App (a bit OT) Message-ID: <F4D6CE41-AFC8-4BC8-A582-2F5870BEFFBE@ultra-secure.de> In-Reply-To: <b38726e23194ae64ae3e9aad2c9fcf02@mail.0x20.net> References: <20131218122702.GA1609@tiny-r255948> <b38726e23194ae64ae3e9aad2c9fcf02@mail.0x20.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 18.12.2013 um 15:06 schrieb Lars Engels <lars.engels@0x20.net>: > Am 2013-12-18 13:27, schrieb Matthias Apitz: >> Hello, >> I returned last night from Havana, Cuba. They have now Wifi in the >> hotels and my FreeBSD netbook (10-CURRENT) connected fine, on start = of >> WPA you get an IP addr by DHCP and the first page in a browser (FF = 24.0) >> re-directed you to a page to enter the credentials (login, password = for >> around 4 USD per hour); a lot of cubans were sitting around with = their >> laptops and Android based tablets using the Wifi zone of the hotel; >> I talked to someone and he said he was using some App 'Your Freedom' >> (or something like that) and was not asked for credentials to connect >> to his Facebook account, etc. This surprised me a bit, how this could >> work technically, and that's why I wanted to ask it here: how this = could >> bypass the credential page, because I could not route traffic through >> the assigned IP on the WLAN interface without passing the credential >> page... how this could work with this App? My interest is only >> technically or due to the surprise, I do not want to use such trick = on >> FreeBSD and I do not have any Android device. >=20 >=20 > It's possibly tunneled via port 53 (DNS)? Most likely, yes. Professional penetration testers have whole suite of programs that allow = them to tunnel all kinds of stuff front and back through firewalls that = allow random outgoing DNS traffic. I=92ve never tried them myself, but I imagine it=92s a bit slow. But fast enough to siphon data out...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F4D6CE41-AFC8-4BC8-A582-2F5870BEFFBE>