Revisiting the Free Wifi on Destination Gotland

I'm on the boat from Gotland again after having spent a week there with my family. Again I find myself in need of some preferably free Wifi. Although with a new linux OS, I find myself having to find the new command ip as opposed to the ifconfig command last time.

So this is one way of getting "free" Wifi on the Marlink Internet at Sea service found on the Destination Gotland ferry and I guess other ferries.

The attack is very simple, again all we need to do is spoof the mac address of an authenticated device. We can find an authenticated device quite easily using a wireless sniffer. I use Wireshark for this. Look for any packets going to an external network. I suggest filtering for TLS or HTTP, all we need is the MAC-address.

Once you have what looks like authenticated device, bring the device down, spoof for the mac you want. These are the ip commands used. Where <device> is the name of your wireless interface. In my case wlp4s0.

ip link set <device> down
ip link set <device> [MAC ADDRESS TO SPOOF]
ip link set <device> up

Take this post as a good reminder to RTFM every now and then. It's a bit of a challenge to do stuff without the almighty Google, but the man command and some patient reading does a good job when you are stuck offline :)