Build your Hacker Dropbox with Twingate (it’s free): ntck.co/twingate_ztna In this video, we’re building a Hacker Dropbox, a device that can be dropped into any network and give us remote access. This can pretty much be any device, including a Raspberry Pi…which is what I’ll be showing you. And no….it’s not using VPN, it’s ZTNA (Twingate) which is much more secure and easier to setup. Why do this? If you’re like me, you are by default the helpdesk support of every circle you’re in. I am that for my church, my parents, my grandma…and I need a very quick and easy way to remotely access these networks…even when I don’t know the subnet info. This is where the Hacker Drop box comes in handy, operating as a magic device for remote IT support. It also doubles as a penetration testing tool, giving pentesters easy access to a remote network in seconds. RESOURCES: 📝GUIDE/WALKTHROUGH: ntck.co/hackerdropbox 💻 Raspberry Pi Imager: www.raspberrypi.com/software/ 🛒 Buy a Raspberry Pi: Raspberry Pi 4: geni.us/mzJF55 Raspberry Pi 5: geni.us/z0BVIc 📚 Exploring Twingate APIs: www.twingate.com/docs/exploring-the-apis 📖 Twingate Quick Start Tutorial: www.twingate.com/docs/quick-start 🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy **Sponsored by Twingate
I'm always very very wary of any sort of service that relies on an external connection to some company, that 'free' is usually temporary, or they cut you off claiming you're using it commercially, or they shut down or get bought out and and it just quits working.. have learned not to trust hosted solutions for anything, if all the software is not under your control, it's going to go wrong, and you wont be able to fix it. might work for now, but , years down the line, when you need to get back into something, it's just all gone. You know as well as i do, the cloud is just somebody else's computer.
It's still a VPN it just uses a thirdparty in between, and you better trust that company because it has access to your network now and also that of the church. If some goverment organisation would subpoena this company and tell them to add malware to your network or just listen in on your internal network traffic, they would be able too. That is something to keep in mind. Also the fact that it wants you to authenticate double with an external provider like google or apple or whatever is purely because they want to know your real identity for every setup. Why not make your own open-source in between server on a VPS somewhere?
@@RealSapHead no he doesn't own twingate. He's just being paid or sponsored to make this content. That's always how it works. And i'm no saying it's a bad solution or anything, just be aware you rely on a thirdparty. Personally i'm not in to that. I want full control.
I prefer to self host my own VPN for both personal and at work for privacy and security reasons. Others prefer a managed VPN solution such as TwinGate.
Been in IT ~25 years and when I need some motivation, inspiration, feeling stale, I come here and watch your videos. And with my coffee. I got multiple PIs laying around and going to try this and the monitoring you mentioned.
basically setting up VPN + reverse proxy forwarding. I used to do that with zerotier and setting proxy on my raspberry. This is cool setup if you wanna hide your devices behind a proxy server on cloud as well.
First of all, love your videos, in a world where new cool technologies appear every day channels like yours really help people find them through actually seeing what the product can do. But just a small point, blur is non-destructive, even right now there exist technologies/projects that can create a set of dictionaries blurred with different settings and match them to a frame from the video to get the closest match (this is also a public resource which people can easily access and get all the fonts and exact colors for matching) and if you really plan to keep using those devices in a real environment its better to regenerate all the keys/tokens shown in this video and use solid color as a replacement. Stay safe everyone and happy holidays
From Pakistan, working in Turkey. I saw author's previous TwinGate video & used it to connect to my paperless-ngx docker. It works. I set it up on Radxa Zero 3E. Thanks for another Twingate video
Man, I really love your energy and your passion! Your videos are an inspiration for many projects I do with new employees... and projects I do for myself. You manage to remind me time and time again why I chose IT for a career. Thank you!
Hey Chuck! Thanks for putting out quality content man… I know it’s a grind for you and I really appreciate it. I’ve been watching you since I started IT in 2019 and I’m currently a Jr Sys Admin and will be likely promoting to Sr Sys Admin in a couple years and you helped me a ton. Thank you for everything brother. Merry Christmas and Happy New year 🙏🏼
Do you have a recommended case that includes a ups for the pi? ideally 18650 or something that will last a couple days. 8:19 why woudl you have another connector? Would that be another pi 14:05 - if the public ip changes all the time, does that matter? can you show us how to et it up to help fix a windows pc? or to remote into an iphone on the network that ya know about? Moms always breaking stuff. :)
Just learnt about twingate couple weeks ago from my company’s IT. One of the issue of twingate is that it doesn’t recognize if you are already in the same network, making things a lot slower in house. I use it on a laptop that’s in and out of the office from time to time and kinda annoying. Other than that, it works pretty well. I wish it had a Windows client tho.
I’ve been watching your videos since I was in college. Many of your guides I have used to help with network management at my church as well. I currently use remote software to access our machines, but this is still a cool idea!
I did something similar using cloudflare private tunnel and raspberry Pi 4B. Interesting to know that this can also be done using twingate. Thanks for sharing 🙏
I did exactly something like this. In my college computer lab most of the time my favorite computer gets occupied by someone so what i did is that i ran a socket python script that will fire on startup in background and i will be able to connect to it using my mobile by same network. Then i could run windows commands like shutting down the pc, opening some stuff on chrome, close their running task, type something The person sitting would eventually think that the computer has virus and leave. :) IT's a bit evil but it works...
i feel that first minute my mom just signed me up as tech support for her parents and now I have to over face time explain how to install windows 10 when they weren't even sure what the icon of google chrome was
10:18 Is your Church 3hrs away or something? What's with the Supercharger stop when you have a garage? Reminds me I meant to plug in tonight... I could see something like this being useful to drop off at my Dad's place. Though these days he doesn't need as much tech support as he used to.
Twingate is a nice tool to use. Similar programs are Tailscape and Zerotier. The only downside is that twingate isn't open-source and you can't perform selfhosted management.
question, im guessing this only allows you to see the network side of things u cant actual view there screens to help see what the issue is u would have to use things like abtuter ??
Now here the question if you don't want something like this your network can you find it if you aren't the end user and is their anyway to block the device access if it is on your network?
Chuck can you please make a video on cybersecurity projects to do, even if I got all the certs (i.e., network+, security+, A+ (that should have been first in the list), Linux+, Pentest+ etc). No one is going to look my way without experience. Please provide some ideas and recommendations
@tenkoalaking5696 you can have a wireguard client on the RPI, which will try to connect to a server you own with a public IP. Then from your server you will be able to talk back to the RPI without knowing its IP
Well they require a port right? I like not having an open port to brute force. Plus tls and wire guard have had some vulnerabilities that are more well known
Yep, still kinda prefer ZeroTier, since you can host your own Moons. Planets (the devices you use: Pi, computer, etc) revolve around the Sun (ZeroTier's main servers) but can also use a Moon (self hosted, your own server). So can be used off-line locally. Everything shown on the video can be done as well, albeit a bit more difficult.
Good evening, you can also use python to create apis and services that achieve reverse ssh connections, forward SMB ports and access the remote network, something I already have designed.
If there is a VLAN structure in the network, how will this work? For example, if the port you have connected or the access point you have connected only creates end-user devices, how will you access the server or firewall devices or system devices in the location?
Company my old friend worked at used a similar program, they had most of their employees out in the field or working from home. It's a great solution and also works a bit like MAN software as it has many of its features.
I have had issues with Tailscale where my homelab and the hotel's wifi I was trying to connect from had the same IP Address range. How will twingate handle that.
For the past few months, I've been making a lan turtle clone with a raspberry pi zero w with some basic bash and python. I took apart a usb to ethernet adapter and soldered it on with the help of a 7 year old Seytonic video. Saw this on my feed and began cracking up since this is similar to what I'm trying to do 😆
Twin gate is nice, but it uses an access cookie that doesn’t seem to change, if anyone grabs that cookie, they have unrestricted access to your account it seems
How did you access the RP from within Windows so that I can update its OS version?! How can I connect Wirelesly/through WiFi to my Wireless router? How can I see RP's IP address?! Was it supposed Raspberry Pi's IP address to be seen in the active connected Wireless devices? If so, shouldn't I first connect Wirelessly RP to the router, an if so how can that be done?!
Bro.. couldn't you make this video a week prior I just used first twingate first time using your old video... but because of the gui changes it was difficult...
That will work for you because you are a "one man IT guy", for a small organisation. But most organisation have multiple levels of staff and you would not be allowed to even bring your little device and plug it in without being warned and then if you continue, get fired. This is only good for a network for which you are the only guy and no one else has any say in what you are doing.
Nice man I been documenting my Python programming journey here on TH-cam and I’m definitely going to try this out and make a video about it thanks for the idea 💪🏿🔥
Thanks for the breakdown! I have a quick question: My OKX wallet holds some USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How can I transfer them to Binance?
Does it have to be installed on a device to access your network Like if I wanted to access my desktop rom work could I simply use the browser at work to access my computer?
Build your Hacker Dropbox with Twingate (it’s free): ntck.co/twingate_ztna
In this video, we’re building a Hacker Dropbox, a device that can be dropped into any network and give us remote access. This can pretty much be any device, including a Raspberry Pi…which is what I’ll be showing you. And no….it’s not using VPN, it’s ZTNA (Twingate) which is much more secure and easier to setup. Why do this? If you’re like me, you are by default the helpdesk support of every circle you’re in. I am that for my church, my parents, my grandma…and I need a very quick and easy way to remotely access these networks…even when I don’t know the subnet info. This is where the Hacker Drop box comes in handy, operating as a magic device for remote IT support. It also doubles as a penetration testing tool, giving pentesters easy access to a remote network in seconds.
RESOURCES:
📝GUIDE/WALKTHROUGH: ntck.co/hackerdropbox
💻 Raspberry Pi Imager: www.raspberrypi.com/software/
🛒 Buy a Raspberry Pi:
Raspberry Pi 4: geni.us/mzJF55
Raspberry Pi 5: geni.us/z0BVIc
📚 Exploring Twingate APIs: www.twingate.com/docs/exploring-the-apis
📖 Twingate Quick Start Tutorial: www.twingate.com/docs/quick-start
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by Twingate
FATHER POSTED
You should make a couple videos about how to make a good youtube channel.
I'm always very very wary of any sort of service that relies on an external connection to some company, that 'free' is usually temporary, or they cut you off claiming you're using it commercially, or they shut down or get bought out and and it just quits working.. have learned not to trust hosted solutions for anything, if all the software is not under your control, it's going to go wrong, and you wont be able to fix it. might work for now, but , years down the line, when you need to get back into something, it's just all gone. You know as well as i do, the cloud is just somebody else's computer.
Chuck. Remember to update those drivers. 16:35
There is no god but Allah Muhammad is the messenger of Allah
I'm transitioning from automotive to IT, so on top of being everyone's mechanic, now I'm their IT guy too.
Look… I’ve got framerot on my 05 4Runner - how much do you think a frame swap would run me?
If you have a pickup truck, you’re the help me move some stuff guy too
Haha me as well. Worked at a Ford dealer, now moving into the tech world with UoT.
@nick oh snap we even have the same name 🤣
@@nicholasbabcock8418 flat rate was abysmal. I couldn’t take the roller coaster paychecks anymore.
It's still a VPN it just uses a thirdparty in between, and you better trust that company because it has access to your network now and also that of the church. If some goverment organisation would subpoena this company and tell them to add malware to your network or just listen in on your internal network traffic, they would be able too. That is something to keep in mind. Also the fact that it wants you to authenticate double with an external provider like google or apple or whatever is purely because they want to know your real identity for every setup. Why not make your own open-source in between server on a VPS somewhere?
I believe this church IT guy also runs this third-party site, so at least he can trust it.
@@RealSapHead no he doesn't own twingate. He's just being paid or sponsored to make this content. That's always how it works. And i'm no saying it's a bad solution or anything, just be aware you rely on a thirdparty. Personally i'm not in to that. I want full control.
I prefer to self host my own VPN for both personal and at work for privacy and security reasons. Others prefer a managed VPN solution such as TwinGate.
True but having an open port for a site to site or remote tunnel leaves you somewhat vulnerable to the world. Pick what technology you trust the most.
@@csparty11 this right here..
I remember when the Pi3 came out. The UK police were genuinely worried that Hackers will use them as portable, pocket hacking computers.
Literally an android phone, smartwatch or tablet as well, but nobody talks about them.
You got a loicense for those transistors, mate?
Lol... look up jackpotting atms and you see why
I am disappointed more people aren’t doing it already
You mean a laptop?
Been in IT ~25 years and when I need some motivation, inspiration, feeling stale, I come here and watch your videos. And with my coffee.
I got multiple PIs laying around and going to try this and the monitoring you mentioned.
Video two of asking you for what keyboard/switches you use. That thing sounds super smooth!
Great video BTW!
Love your videos Chuck! Keep it going!
basically setting up VPN + reverse proxy forwarding. I used to do that with zerotier and setting proxy on my raspberry. This is cool setup if you wanna hide your devices behind a proxy server on cloud as well.
just did this at my church and this is awesome! another great video! thank you so much networkchuck!
Is it like tailscale?
Yeah essentially, same thing as Netbird too
exactly my question
Yes
tailscale would work too
youll have to set up routes and exit node though
Basically
I have been looking for a video like this for months!!!! Thanky you for making this!!!!!
I’m a landscaper who loves learning from your videos!
First of all, love your videos, in a world where new cool technologies appear every day channels like yours really help people find them through actually seeing what the product can do. But just a small point, blur is non-destructive, even right now there exist technologies/projects that can create a set of dictionaries blurred with different settings and match them to a frame from the video to get the closest match (this is also a public resource which people can easily access and get all the fonts and exact colors for matching) and if you really plan to keep using those devices in a real environment its better to regenerate all the keys/tokens shown in this video and use solid color as a replacement. Stay safe everyone and happy holidays
I highly suggest that you name virtual environment directory simply "venv". No guessing which directory is the one needed for activation.
Love this Chuck! Great content.
Περαστικα μας ολους και καλο νεο ετος. ΑΜΗΝ.
From Pakistan, working in Turkey. I saw author's previous TwinGate video & used it to connect to my paperless-ngx docker. It works. I set it up on Radxa Zero 3E. Thanks for another Twingate video
Dude, that is a POWERFUL tool
Hey! I'm the Church IT guy too!
I own your ProPresenter. See you on Sunday!
Man, I really love your energy and your passion! Your videos are an inspiration for many projects I do with new employees... and projects I do for myself. You manage to remind me time and time again why I chose IT for a career. Thank you!
Thank you chuck. happy holidays buddy
Alright I'm only to your first sip of coffee and this is looking like something I'm not only interested in but probably need.
wow, I used to live 2 miles from that church, only it wasn't a church then. Nice video. I haven't tried Twingate, but def want to try it.thanks
Super fun Brother Chuck. Merry Christmas.
Hey Chuck! Thanks for putting out quality content man… I know it’s a grind for you and I really appreciate it. I’ve been watching you since I started IT in 2019 and I’m currently a Jr Sys Admin and will be likely promoting to Sr Sys Admin in a couple years and you helped me a ton. Thank you for everything brother. Merry Christmas and Happy New year 🙏🏼
Always great to watch.
I run twingate with casaOS monitoring using uptime Kuma, works great and upgrading twingate is simple.
Do you have a recommended case that includes a ups for the pi? ideally 18650 or something that will last a couple days.
8:19 why woudl you have another connector? Would that be another pi
14:05 - if the public ip changes all the time, does that matter?
can you show us how to et it up to help fix a windows pc?
or to remote into an iphone on the network that ya know about? Moms always breaking stuff. :)
Thank you for your videos, you helped me a lot with my IT Problems
This sounds great. Ive gotta build that. Would make my life this much easier to find problems at remote sites
Just learnt about twingate couple weeks ago from my company’s IT. One of the issue of twingate is that it doesn’t recognize if you are already in the same network, making things a lot slower in house. I use it on a laptop that’s in and out of the office from time to time and kinda annoying. Other than that, it works pretty well. I wish it had a Windows client tho.
That sounds like a misconfiguration that would be largely independent of the twingate setup
Very cool vid dude! Great explanations
Fancy SSH tunneling tool. Thx for the ad.
Thank you so much for everything on your channel!
IT Church guy checking in...
9:03 "Merry Christmas, I control your network" 🤣🤣🤣🤣🤣
I’ve been watching your videos since I was in college. Many of your guides I have used to help with network management at my church as well. I currently use remote software to access our machines, but this is still a cool idea!
literally the most wholesome and most interesting youtuber!!! thank you so much for all you’ve taught me!!!!!
Really interesting video Chuck, that's for sharing that amazing resource. love the vids too
Love you sir from bangladesh❤
I was a bit confused because you said that it wasn't a vpn, bit in fact it is.. Is just another tool like tailscale or zerotier
I like your content because you're teaching and doing fun with this teaching, thank you for your content. ))
What keyboard do you have? Sounds crisp
Pretty cool! Thanks Chuck!
Thanks Chuck !
Please your keyboard setup + switches ?!
Sound amazing.
Hes done it again guys!!!🔥
That's why Cisco created ISE, thank you for the video
Yo this is awesome. I just set mine up.
Seems great for enterprise or corporate applications but RDC or even something like teamviewer would be insanely easier to setup and deal with
on premises - premise is something assumed or taken for granted
I did something similar using cloudflare private tunnel and raspberry Pi 4B. Interesting to know that this can also be done using twingate. Thanks for sharing 🙏
Yeah I always use this service it’s awsome plus when I watch your video long ago is how I first found out about the service
I did exactly something like this. In my college computer lab most of the time my favorite computer gets occupied by someone so what i did is that i ran a socket python script that will fire on startup in background and i will be able to connect to it using my mobile by same network.
Then i could run windows commands like shutting down the pc, opening some stuff on chrome, close their running task, type something
The person sitting would eventually think that the computer has virus and leave.
:)
IT's a bit evil but it works...
hey how did you do that, can explain please
i feel that first minute my mom just signed me up as tech support for her parents and now I have to over face time explain how to install windows 10 when they weren't even sure what the icon of google chrome was
Stop giving our secrets away, Chuck! 😭😋
10:18 Is your Church 3hrs away or something?
What's with the Supercharger stop when you have a garage?
Reminds me I meant to plug in tonight...
I could see something like this being useful to drop off at my Dad's place. Though these days he doesn't need as much tech support as he used to.
do not enter the "church", it is just an indoctrination center, all about power over the meek.
Twingate is a nice tool to use. Similar programs are Tailscape and Zerotier. The only downside is that twingate isn't open-source and you can't perform selfhosted management.
Thanks ! Network Chuck .. Twingate's very useful. I'm looking fwd to use it .
This is a LEGIT gamechanger!
what will be their reaction when a random person's phone gets a notification saying " hello😹"
say hello back cause i don't have friends
You can’t do that as you aren’t hacking you just got the access of that network
@@ark2737 i know just a joke
The thumbnails are too good
question, im guessing this only allows you to see the network side of things u cant actual view there screens to help see what the issue is u would have to use things like abtuter ??
Isn't Tailscale the same thing?
Does your "the church" connector have a Depeche mode so you can reach out and touch faith?
Seeing you without a beard was something I didn't know I wanted to see
Now here the question if you don't want something like this your network can you find it if you aren't the end user and is their anyway to block the device access if it is on your network?
What's with the 'nuthatch' and 'oxpecker'?
Did they pick those out just for you Chuck? 🙂
Nice video. I didn't know about twingate tool. I used zerotier in the past and it is easier to configure.
Chuck can you please make a video on cybersecurity projects to do, even if I got all the certs (i.e., network+, security+, A+ (that should have been first in the list), Linux+, Pentest+ etc). No one is going to look my way without experience. Please provide some ideas and recommendations
That was pretty cool. I use Tailscale for my networks. That was pretty cool.
wireguard and ssh just works
Wireguard and similar VPNs don't work if the internet service provider uses CGNAT. Then you need something like twingate or tailscale.
This solution is when you don't know the ip.
@@tenkoalaking5696 you can have it dial out to a peer endpoint
@tenkoalaking5696 you can have a wireguard client on the RPI, which will try to connect to a server you own with a public IP. Then from your server you will be able to talk back to the RPI without knowing its IP
Well they require a port right? I like not having an open port to brute force. Plus tls and wire guard have had some vulnerabilities that are more well known
Bro we love you but high never shave your beard 😂. Excellent video as always ✊🏿✊🏿 #hacktheplanet
Why not using tailscale & headscale = more privacy
Oh I am for sure going to do this Chuck I have 2 Raspberry Pis at home and this will be perfect for them
Tesla ? .......... Ok and where twingate has access? What's the catch dude ? 😎
Yep, still kinda prefer ZeroTier, since you can host your own Moons. Planets (the devices you use: Pi, computer, etc) revolve around the Sun (ZeroTier's main servers) but can also use a Moon (self hosted, your own server). So can be used off-line locally. Everything shown on the video can be done as well, albeit a bit more difficult.
Thanks for your sharing
Good evening, you can also use python to create apis and services that achieve reverse ssh connections, forward SMB ports and access the remote network, something I already have designed.
If there is a VLAN structure in the network, how will this work? For example, if the port you have connected or the access point you have connected only creates end-user devices, how will you access the server or firewall devices or system devices in the location?
Company my old friend worked at used a similar program, they had most of their employees out in the field or working from home. It's a great solution and also works a bit like MAN software as it has many of its features.
I have had issues with Tailscale where my homelab and the hotel's wifi I was trying to connect from had the same IP Address range. How will twingate handle that.
The spill on the laptop hurt!
Thats perfect to see i was about to leave company
For the past few months, I've been making a lan turtle clone with a raspberry pi zero w with some basic bash and python. I took apart a usb to ethernet adapter and soldered it on with the help of a 7 year old Seytonic video. Saw this on my feed and began cracking up since this is similar to what I'm trying to do 😆
Twin gate is nice, but it uses an access cookie that doesn’t seem to change, if anyone grabs that cookie, they have unrestricted access to your account it seems
This cookie also isn’t hidden, you can copy paste it on any machine in the world and gain access to that twin gate account
Rosa genius he makes it so you have to use the sponsor to do the project
How did you access the RP from within Windows so that I can update its OS version?! How can I connect Wirelesly/through WiFi to my Wireless router? How can I see RP's IP address?! Was it supposed Raspberry Pi's IP address to be seen in the active connected Wireless devices? If so, shouldn't I first connect Wirelessly RP to the router, an if so how can that be done?!
Bro.. couldn't you make this video a week prior I just used first twingate first time using your old video... but because of the gui changes it was difficult...
Hey Chuck, Why do you no longer use Solar-PuTTY? (Great video btw).
Anyone else notice the Amplifi Alien router??? Love that machine
That will work for you because you are a "one man IT guy", for a small organisation. But most organisation have multiple levels of staff and you would not be allowed to even bring your little device and plug it in without being warned and then if you continue, get fired.
This is only good for a network for which you are the only guy and no one else has any say in what you are doing.
Does the pie box support POE?
BOSS BIG FAN BROOOO!!!
but what if IEEE802.1X is used in the network? Sorry for my bad English, i am a German Guy
Thank you! I‘m creating networks using NAC and I hope this is not possible. But Chuck is referring to friends and family 😏
configure MAC bypass on the port. or, if you are evil.. don't try these things
Sticky Port and mac filter and youre done.
Nice man I been documenting my Python programming journey here on TH-cam and I’m definitely going to try this out and make a video about it thanks for the idea 💪🏿🔥
yo if chuck connected to the printer can he make it print things
@networkchuck you gotta tell us what keyboard/switches you use! It sounds so good I'm dying to buy one!
Thanks for the breakdown! I have a quick question: My OKX wallet holds some USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How can I transfer them to Binance?
Can you make a video on what you would do if your church got cyber attacked. Would that be incident response?
This would work really well with the POE+ hat
Does it have to be installed on a device to access your network Like if I wanted to access my desktop rom work could I simply use the browser at work to access my computer?