I am trying to make it so a raspberry pi with no javascript can connect to Micky D's Wifi.
This wifi is free, so all you have to do is hit a button and then it whitelists your mac address.
The HTML of the captive portal page that has this button has a form.
The form looks like this by default:
https://pastebin.com/9jH4Fnne
I have tried reading the form, copying its data to a new form with no onSubmit field, and then submitting it but that didn't work.
Feels like that was a shitty hack. My question is: what is the right way to do this? It can be done with python right?
See thatValidationHash? It means the developer behind the form isn't absolutely retarded like 97% of webdevs and made it impossible for you fuckheads to break in.
>>59921912
Doubt it because all you would need to do to break in is run their shitty javascript
It isn't even breaking in, the wifi doesn't cost anything
You can probably do it in a bash oneliner by using a cli web browser and a little automation
Also why not just spoof a currently connected client's MAC address and save yourself the trouble?
>>59921912
Isnt that for trying to mitigate CSRF?
>>59922007
Basically something like this: http://phantomjs.org/
Good for you fulfilling stallmans request to be able to use McDonald's Wi-Fi without proprietary JavaScript
>>59922007
>>59922032
Yeah I looked into phantomJS: I would run into the same issues.
And spoofing my MAC address wouldn't work because you need to submit a form containing your MAC for them to auth you
Don't know what exact problem you have, but that's how I would try to help RMS connect to MCWifi without running non-free JS code.
I'd write a python script that would:
0. Change a MAC address.
1. Receive whole web page.
2. Store all cookies.
3. Find a form.
4. Get all pre-set data from a form.
5. Set all non-set data to a form if necessary.
6. Execute POST or whatever to submit that form, in the same way that your browser would (intercept that request in browser developer tools to compare), not forgetting cookies.
7. Store resulting cookies, if they are of any use - return them to user.
...
9001. Create 30 different MAC addresses and swap them continuously in a pseudo-random fashion, while being connected to a remote VPN, ensuring x30 download speeds.
>>59922181
Way overkill. It is extremely simple.
>>59922093
It started as that
then I realized you can get authed to some dank wifi easily at McDonalds, which is very conveinient for me
I have a perfect enclosure that looks unassuming and can hold a raspberry pi, as well as an open wall plug at my local McDonalds
I'm gonna use it for port scanning
>>59922286
Well, that overkill may work, unlike your simple solution that doesn't.
My bet is that you've forgot about cookies and CSRF protection fugs everything up.
>>59921785
Use mechanize?
>>59921785
If you figure it out, let Richard Stallman know. He's specifically been asking for help with this.
>>59922135
spoof your own Rasp MAC with a phone, click on the button, now that MAC is whitelisted and you can connect with the Rasp
>>59922816
I need it to be able to auth itself
OK I think I might have gotten it, gonna go test it out
https://github.com/ussjoin/portalsmash
Maybe this will be of some help?