"freewifi" via ESP8266 Captive Portal

Many outdoor places do not have permanent Wi-Fi access points. Occasionally I can get a weak unencrypted WiFi signal from a nearby shop; otherwise, I'll have to face the fact of not having WiFi, and resort to my slow and expensive SIM card for cellular Internet access.

Since I learned that the ESP8266 can serve as a WiFi hotspot, I got an idea. I can make the ESP8266 as a Wi-Fi access point (AP), and provide free WiFi to everyone at the outdoor venue. Except that, this is a freewifi prank: I am providing free WiFi, but my WiFi does not offer Internet access.


ESP8266 makes a freewifi WiFi access point SSID:

freewifi SSID

When a user connects to the freewifi and attempts to access any webpage, they are redirected to a captive portal:

captive portal login page

After submitting an email address, you are pranked!

captive portal connected page

I know who were on my WiFi:

log file

Arduino sketch for "freewifi" on ESP8266

The following code can be flashed on an ESP8266 microcontroller, such as the ESP8266 Witty Cloud board. Four files are required:

  • CaptivePortal.ino is the main Arduino sketch code.
  • data/index.htm.gz is shown when a user attempts to connect to WiFi.
  • data/connect.htm.gz tells the victim that our WiFi does not have Internet.
  • data/pure.css.gz is a CSS framework used in webpages.


This sketch establishes a WiFi access point named freewifi on the ESP8266. A DNS server is running on the ESP8266, which responds to every DNS request with the ESP8266's own IP address Effectively, this DNS response makes the ESP8266 AP as a captive portal.

When a user connects to the freewifi and attempts to access any webpage, they are redirected to http://freewifi.lan/ and then presented with a login page data/index.htm.gz. If the user chooses to log on, they will be presented with the data/connect.htm.gz webpage.

The code also creates a log file named log.txt in the SPIFFS storage, which records every client that associates with the free WiFi AP, as well as hits to the HTTP server. The log file can be downloaded at http://freewifi.lan/log.txt.

#include <FS.h>
#include <ESP8266WiFi.h>
#include <DNSServer.h>
#include <ESP8266WebServer.h>
#include <PString.h>
#include <Streaming.h>

const IPAddress apIp(192, 168, 0, 1);
DNSServer dnsServer;
ESP8266WebServer server(80);

struct PrintMac
  const uint8_t* mac;

operator<<(Print& p, const PrintMac& pmac)
  const uint8_t* mac = pmac.mac;
  for (int i = 0; i < 6; ++i) {
    if (i > 0) {
      p << ':';
    int b = mac[i];
    if (b < 0x10) {
      p << '0';
    p << _HEX(b);
  return p;

File logfile;
char logbuf[256];
PString logline(logbuf, sizeof(logbuf));
  Serial << millis() << ' ' << logline << '\n';
  logfile << millis() << ' ' << logline << '\n';

wifiStaConnect(const WiFiEventSoftAPModeStationConnected& evt)
  logline << PrintMac{evt.mac} << " assoc";
WiFiEventHandler wifiStaConnectHandler;

wifiStaDisconnect(const WiFiEventSoftAPModeStationDisconnected& evt)
  logline << PrintMac{evt.mac} << " deassoc";
WiFiEventHandler wifiStaDisconnectHandler;

  logline << server.client().remoteIP() << " redirect";
  server.sendHeader("Location", "http://freewifi.lan/", true);
  server.send(302, "text/plain", "");

  if (server.hostHeader() != String("freewifi.lan")) {
    return httpDefault();

  logline << server.client().remoteIP() << " home";
  File file = SPIFFS.open("/index.htm.gz", "r");
  server.streamFile(file, "text/html");

  logline << server.client().remoteIP() << " connect " << server.arg("email");
  File file = SPIFFS.open("/connect.htm.gz", "r");
  server.streamFile(file, "text/html");

  File file = SPIFFS.open("/pure.css.gz", "r");
  server.streamFile(file, "text/css");

  logline << server.client().remoteIP() << " log";
  logfile.seek(0, SeekSet);
  server.streamFile(logfile, "text/plain");
  logfile.seek(0, SeekEnd);


  logfile = SPIFFS.open("/log.txt", "a+");

  wifiStaConnectHandler = WiFi.onSoftAPModeStationConnected(wifiStaConnect);
  wifiStaDisconnectHandler = WiFi.onSoftAPModeStationDisconnected(wifiStaDisconnect);
  WiFi.softAPConfig(apIp, apIp, IPAddress(255, 255, 255, 0));
  WiFi.softAP("freewifi", nullptr, 1);

  dnsServer.start(53, "*", apIp);

  server.on("/", httpHome);
  server.on("/connect", httpConnect);
  server.on("/pure.css", httpPureCss);
  server.on("/log.txt", httpLog);

  Serial << "ready" << endl;



This is the login page. The code should be saved as index.htm and then gzipped. ESP8266WebServer is capable of serving gzipped files to the client. Using gzip significantly saves space in the SPIFFS storage.

<!DOCTYPE html>
<title>Free WiFi</title>
<meta name="viewport" content="initial-scale=1.0">
<link rel="stylesheet" href="pure.css">

<h1>Welcome to Free WiFi</h1>

<form action="/connect" class="pure-form pure-form-aligned">
<div class="pure-control-group">
  <label for="email">Email</label>
  <input name="email" id="email" type="email" required placeholder="someone@example.com">
<div class="pure-controls">
  <label class="pure-checkbox">
    <input type="checkbox" required>
    I've read the terms and conditions
  <input type="submit" class="pure-button pure-button-primary" value="Connect">

"terms and conditions" does not have a hyperlink. But nobody would read them, so why bother?


This web page reveals the free WiFi is actually a prank. The code should be saved as connect.htm and then gzipped.

<!DOCTYPE html>
<title>Free WiFi</title>
<meta name="viewport" content="initial-scale=1.0">
<link rel="stylesheet" href="pure.css">

<h1>Connected to Free WiFi</h1>

<p>No, you don't get Internet access.
We offer free WiFi, but we didn't offer Internet access through WiFi.</p>


This is Pure CSS v0.6.0, gzipped.

How to flash this sketch?

The program code can be flashed to the ESP8266 through the Upload button normally. If you are using a Witty Cloud board, you can flash it with just six wires.

Contents of the SPIFFS storage should be placed in data/ sub-directory, and they need to be uploaded separately via Tools - ESP8266 Sketch Data Upload:

Arduino ESP8266 Sketch Data Upload menu option

Arduino IDE can only upload SPIFFS to ESP8266. There is no built-in command to download contents of the SPIFFS storage from the ESP8266. That is why I made a http://freewifi.lan/log.txt URI to download the log file over WiFi.

Field Test

2nd Saturdays Downtown Tucson, 10JUN2017

I brought the "freewifi" access point in my backpack, powered from a USB power bank, to 2nd Saturdays Downtown Tucson. I stayed there for a little over one hour, and then downloaded the log file after I have left the festival.

09JUL2016 field test results

Three unique devices associated with "freewifi" AP. Among them are two LG devices and one Apple device, according to the Wireshark manufacturer database. None of them accessed any webpage.

1013526 00:34:DA:xx:xx:E6 assoc
1055404 A0:91:69:xx:xx:32 assoc
1086522 A0:91:69:xx:xx:32 deassoc
1105990 A0:91:69:xx:xx:32 assoc
1315523 00:34:DA:xx:xx:E6 deassoc
1457988 A0:91:69:xx:xx:32 deassoc
2233390 E0:B9:BA:xx:xx:A7 assoc
2559386 E0:B9:BA:xx:xx:A7 deassoc
(10 records of my own connection and log downloading omitted)

10JUN2017 field test results

One Amazon and one Huawei device associated with my "freewifi". The Amazon user tried 7 times over a span of 44 minutes, and submitted 2 different email addresses 6 times. You have been pranked!

1696817 F4:CB:52:xx:xx:97 assoc
1697039 F4:CB:52:xx:xx:97 deassoc
2113706 F0:27:2D:xx:xx:5B assoc
2116548 redirect
(12 redirect/home records omitted)
2141937 home
2142675 redirect
2142930 redirect
2157340 connect sa...@hotmail.com
2157543 redirect
2157641 home
(15 redirect/home records omitted)
2195280 home
2209486 connect sa...@hotmail.com
2211928 redirect
2212283 home
2251723 F0:27:2D:xx:xx:5B deassoc
2254323 F0:27:2D:xx:xx:5B assoc
2580174 F0:27:2D:xx:xx:5B deassoc
2868511 F0:27:2D:xx:xx:5B assoc
2873737 redirect
2880483 redirect
2880567 home
(8 redirect/home records omitted)
2899386 home
2904325 connect sa...@hotmail.com
2904358 connect sa...@hotmail.com
2904372 redirect
2904384 redirect
2904386 redirect
2904475 redirect
2904502 home
2904943 redirect
2933490 redirect
2933586 home
2934456 redirect
2934479 redirect
2987757 connect 14...@gmail.com
2988460 redirect
2988503 redirect
2988527 home
2989658 redirect
3003795 F0:27:2D:xx:xx:5B deassoc
3156399 F0:27:2D:xx:xx:5B assoc
3160296 redirect
3187307 redirect
3187332 home
(9 redirect/home records omitted)
3190046 home
3215609 F0:27:2D:xx:xx:5B deassoc
3215754 F0:27:2D:xx:xx:5B assoc
3234420 redirect
3244858 F0:27:2D:xx:xx:5B deassoc
3248007 F0:27:2D:xx:xx:5B assoc
3249139 redirect
3254925 redirect
3254977 home
(38 redirect/home records omitted)
3325030 home
3326815 redirect
3326853 home
3491948 F0:27:2D:xx:xx:5B deassoc
4719211 F0:27:2D:xx:xx:5B assoc
4722230 redirect
4729892 redirect
4729918 home
(26 redirect/home records omitted)
4759175 home
4760062 redirect
4760067 redirect
4760171 redirect
4784634 connect sa...@gmail.com
4784757 redirect
4784791 home
(11 redirect/home records omitted)
4805342 home
4805700 redirect
4805711 253871 00:09:22:xx:xx:41 assoc
(33 records of my own connection and log downloading omitted)

The last line shown 4805711 253871 00:09:22:xx:xx:41 assoc is strange: it seems that the Witty Cloud board was reset while writing the log file, and then it was restarted to accept my own connection. Maybe the power cord was loose?


I played a prank by establishing a "freewifi" on downtown Tucson streets with an ESP8266 serving as WiFi access point. The ESP8266 AP has a captive portal, but does not actually offer Internet connectivity. Arduino sketch running on the ESP8266 reads web pages from the SPIFFS storage, and writes a log file to the SPIFFS storage detailing every action taken by WiFi clients. I got one victim desperately trying to connect to my free WiFi during one hour of field test.

If you reproduce this prank:

  • Do not collect credit card numbers or other sensitive information using the login page: they will be transmitted in plaintext and visible to any eavesdropper.
  • Use this AP only in public places; do not enter a private property.
  • Refrain from naming the SSID as a nearby shop or the public event, as that would infringe their trademarks.

Tags: ESP8266 WiFi