I’m on the boat from Gotland again after having spent a week there with my
family. Again I find myself in need of some preferably free Wifi. Although
with a new linux OS, I find myself having to find the new command ip as
opposed to the ifconfig command last time.
So this is one way of getting “free” Wifi on the Marlink Internet at Sea service found on the Destination Gotland ferry and I guess other ferries.
The attack is very simple, again all we need to do is spoof the mac address of an authenticated device. We can find an authenticated device quite easily using a wireless sniffer. I use Wireshark for this. Look for any packets going to an external network. I suggest filtering for TLS or HTTP, all we need is the MAC-address.
Once you have what looks like authenticated device, bring the device down, spoof
for the mac you want. These are the ip commands used. Where <device> is the name
of your wireless interface. In my case wlp4s0.
ip link set <device> down
ip link set <device> [MAC ADDRESS TO SPOOF]
ip link set <device> upTake this post as a good reminder to RTFM every now and then. It’s a bit of
a challenge to do stuff without the almighty Google, but the man command and some patient
reading does a good job when you are stuck offline :)