Wifi && connect from Android YourFreedom App (a bit OT)

Rainer Duffner rainer at ultra-secure.de
Fri Dec 20 00:33:07 UTC 2013


Am 18.12.2013 um 15:06 schrieb Lars Engels <lars.engels at 0x20.net>:

> Am 2013-12-18 13:27, schrieb Matthias Apitz:
>> Hello,
>> I returned last night from Havana, Cuba. They have now Wifi in the
>> hotels and my FreeBSD netbook (10-CURRENT) connected fine, on start of
>> WPA you get an IP addr by DHCP and the first page in a browser (FF 24.0)
>> re-directed you to a page to enter the credentials (login, password for
>> around 4 USD per hour); a lot of cubans were sitting around with their
>> laptops and Android based tablets using the Wifi zone of the hotel;
>> I talked to someone and he said he was using some App 'Your Freedom'
>> (or something like that) and was not asked for credentials to connect
>> to his Facebook account, etc. This surprised me a bit, how this could
>> work technically, and that's why I wanted to ask it here: how this could
>> bypass the credential page, because I could not route traffic through
>> the assigned IP on the WLAN interface without passing the credential
>> page... how this could work with this App? My interest is only
>> technically or due to the surprise, I do not want to use such trick on
>> FreeBSD and I do not have any Android device.
> 
> 
> It's possibly tunneled via port 53 (DNS)?


Most likely, yes.
Professional penetration testers have whole suite of programs that allow them to tunnel all kinds of stuff front and back through firewalls that allow random outgoing DNS traffic.
I’ve never tried them myself, but I imagine it’s a bit slow.
But fast enough to siphon data out...



More information about the freebsd-mobile mailing list