Chris "Hack The Planet" Varenhorst
@varenc.bsky.social
I'm now arriving in Chicago and shutting down free janky wifi. I had 24 total happy customers! They used nearly 30GB of cellular data. Based on bandwidth usage, seems like a lot of people have phones silently uploading their photos in the background. Need to figure out a good solution to that for v2
May 8, 2025 at 7:36 PM
I'm now arriving in Chicago and shutting down free janky wifi. I had 24 total happy customers! They used nearly 30GB of cellular data. Based on bandwidth usage, seems like a lot of people have phones silently uploading their photos in the background. Need to figure out a good solution to that for v2
Chris's janky free train wifi has its first set of happy customers!
May 7, 2025 at 12:22 AM
Chris's janky free train wifi has its first set of happy customers!
If you setup your own bespoke proxy over HTTP, all your requests to it would work as long as you had 'Host: unitedwifi.com' in the header. Of course they already allow unfiltered DNS requests and IP messaging apps, so other ways to make a proxy.
February 21, 2025 at 8:17 PM
If you setup your own bespoke proxy over HTTP, all your requests to it would work as long as you had 'Host: unitedwifi.com' in the header. Of course they already allow unfiltered DNS requests and IP messaging apps, so other ways to make a proxy.
Sending an invalid Host header like "Host: unitedwifi.com www.google.com", satisfies both United and Google! Google is happy just seeing 'www.google.com' in the header. The real bug is that United permits requests to any IP as long as the Host header starts with “unitedwifi.com"
unitedwifi.com
February 21, 2025 at 8:16 PM
Sending an invalid Host header like "Host: unitedwifi.com www.google.com", satisfies both United and Google! Google is happy just seeing 'www.google.com' in the header. The real bug is that United permits requests to any IP as long as the Host header starts with “unitedwifi.com"
Explanation: United redirects all HTTP requests to their WiFi portal unless the Host header starts with "unitedwifi.com". Setting this as the only Host header value lets you send an HTTP request to Google, or anyone, but Google rejects it due to it not matching google.com.
February 21, 2025 at 8:16 PM
Explanation: United redirects all HTTP requests to their WiFi portal unless the Host header starts with "unitedwifi.com". Setting this as the only Host header value lets you send an HTTP request to Google, or anyone, but Google rejects it due to it not matching google.com.
Above is a gif from tshark showing the ~60 broadcast packets/sec. Which is pretty high. Public Wi-Fi networks typically isolate clients to improve security and performance. Clearly everything is mostly fine, but enabling client isolation could make it even better!
February 17, 2025 at 8:02 PM
Above is a gif from tshark showing the ~60 broadcast packets/sec. Which is pretty high. Public Wi-Fi networks typically isolate clients to improve security and performance. Clearly everything is mostly fine, but enabling client isolation could make it even better!