Capative portal bypass

1. Discover

# Setup monitor mode
sudo airmon-ng check kill
sudo airmon-ng start wlan0

# Scan networks & AP's
sudo airodump-ng wlan0mon

Pick target and check for capative portal:

2. Find authenticated clients

3. Change our own mac to authenticated mac

4. Connect to network

Once we know your ESSID we can connect to the network, for that we create a “free.conf’ file to connect from bash using “wpa_supplicant”.

Start network

In another terminal as root (get IP):

Successfully bypassed!