Astaro.org (Read-Only)

UTM 9 WiFi & Hotspot [8.920][MYTH] Hotspot password sent in clear text

[8.920][MYTH] Hotspot password sent in clear text

wingman over 13 years ago

Hi All

The hotspot password is transmitted in clear text which is not a good idea. All logons should use SSL

POST /?action=login HTTP/1.1
accept=true&token=iwojeret62&login=Login&location=http%3A%2F%2Fwww.apple.com%2FHTTP/1.1 302 Found

Thanks

Parents

0 frickler over 13 years ago

If an attacker has found the MAC address of another user and spoofs it, he doesn't even need the credentials to login.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 saeid1778 over 13 years ago in reply to frickler

If an attacker has found the MAC address of another user and spoofs it, he doesn't even need the credentials to login.

Sent from my iPhone using Astaro.org
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 saeid1778 over 13 years ago in reply to frickler

If an attacker has found the MAC address of another user and spoofs it, he doesn't even need the credentials to login.

Sent from my iPhone using Astaro.org
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 trollvottel over 13 years ago in reply to saeid1778

Sent from my iPhone using Astaro.org

Made my day. [:P]
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel