Tuesday, 16 February 2016

Bypassing Costa Wifi Time limit

UPDATE: This method has been patched, but at the bottom of this post, there is a much simpler solution that works and hasn't been patched yet, you will need to read the whole thing in order to understand the process.

Costa coffee shops, provide free wifi for their customers for about 2 hours, and then your time limit expires, asking you to register their costa club card(free as well) in order to have unlimited access.
Well you could do that, but if you are lazy like me, going through the process of acquiring a card and then registering it, you could just try this instead.

When your time limit has been reached, a Costa web page appears when you try to browse:

Behind the scenes there is a mechanism(probably their wifi controller) that has identified your computer and redirects to that page when you reach your time limit. To see proof of that, we just need to press back once.

The page above is the actual rediretion that happened too fast to see before. And in the address bar we can see the whole query that was sent. What we can identify from that request is that our computer is tracked by its mac address. If we delete from that query the mac address bits as per the image below:

And press enter to resend the request, we can then successfuly bypass this security mechanism. The same thing could probably be achieved by changing your computer's mac address, but that's too much hustle... Obviously this whole post serves no purpose as you could just register their card... But it might help another lazy or curious soul.


Instead of deleting the all the personal info from the url bar, just change some digits from your mac address and hit enter!