Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Captive Portal Hacked
« previous
next »
Print
Pages: [
1
]
Author
Topic: Captive Portal Hacked (Read 2683 times)
xaxero
Newbie
Posts: 23
Karma: 1
Captive Portal Hacked
«
on:
November 28, 2018, 06:16:27 pm »
We had our captive portal hacked and some research showed duplicate IP/MACs
Doing some research it appears very simple to compromise layer 2 by doing an ARP scan and finding who is authenticated by spoofing the MAC and IP address and hijacking an authenticated session.
I downloaded a proof of concept script here :
https://github.com/systematicat/hack-captive-portals
Worked after 3 tries.
Does OPNSense have any defense against this ?
Thanks
Jonathan
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Captive Portal Hacked
«
Reply #1 on:
December 03, 2018, 09:19:29 am »
Hi Jonathan,
For better or worse this is the norm since unrestricted network access means unrestricted access via any MAC or IP unless smarter components or SDN (software-defined networking) are used to counter such attempts.
From a firewall perspective that sits in front of your WAN but doesn't know the possibly vast setup of your internal networks, switches, WIFI bridges, etc. there's nothing to be done.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Captive Portal Hacked