This guide is not to meant to be used in cheating anyone or stealing anything. It is specifically for programmers and security consultants to know about exploits that may be encountered on their systems.
By reading or attempting this exploit, you agree to hold yourself completely liable for your actions. Actually performing this exploit for any gain whatsoever is probably illegal, but this exploit is all over the web. It is very important that admins don't rely on something so easily spoofed.
T-Mobile has offered out 3 months of free Wi-Fi access at T-Mobile hotspots for new Vista users. It turns out that the programming behind this was actually done very basically and can easily be exploited giving free Wi-Fi time to anyone.
- Download the user-agent switcher firefox extension
- Restart firefox and go to: Tools > User Agent Switcher > Options > Options...
- Click "User Agents" and then "Add"
- Fill out the window with following info:
Description: Internet Explorer 7 (Windows Vista)
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Application Name: Microsoft Internet Explorer
Application Version: 4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Platform: Win32
- Save it, goto Tools > User Agent Switcher > Then click the newly added one. Head to the Vista T-Mobile Trial sign-up and exploit away.
The rationale behind the exploit is that the T-Mobile site merely checks the browser's user agent string. Whenever a visitor goes to a web page, the browser transmits (among other things) a string called the "user agent string". Because this is so incredibly easy to spoof, the offer is easily exploited.
Post Last Updated: Feb 9, 2007 7:39 pm
