This is pretty old stuff guys. I personally have not seen a Vampire Tap device since the early 90s. Also with the rise of SSL and TLS for mail transport this is not going to work at least for raw sniffing anyway. Cool video though.
Thats why you MITM with this and decrypt the SSL. Too easy. Either way, yes there are better attack vectors, but if you had time, and the correct place to do this, like an accessible basement, with a tap, and some specific hardware you would leave in place that I won't name, This could indeed be very effective.
@@phillipgilligan8168 how do you plan on decrypting the SSL traffic without the private key? Granted there are some tools where you can strip SSL out of a session but the end-users going to know.
@@LP-fy8wr your MitM proxy replaces the ssl cert so you actually own the private key in that configuration. Look for “Mitmproxy” also, never use these kinds of tools on systems you don’t own. (Sorry had to add a disclaimer there)
@@LP-fy8wr you would not believe how many users will click "whatever, just get me to the site". Not to mention that you actually can make it TLS again. All this cryptomumbojumbo is good, but cert managing infrastructure is really bad. It's so bad, I actually think it was made this way by design by some NSA or whatever. Getting your hands on "good" certificate is not as hard as one would've expect. And after that the only thing standing between you and plaintext would be cert pinning, which is like a dad who went for a pack of cigaretts twenty years ago. Downgrading TLS is still a thing too, as far as I can tell. So yeah, mitm is still possible in modern internets. Although I have no idea why this dude invoked mitm in context of passive sniffing.
Many years ago, a telco I worked for had a large office building in a city, they decided this building was no longer suitable so they moved over to a new one. One of our competitors ended up taking over the old office building. Then one of our techs had a startling realisation, that building was fed with fibre, and there would have been all the necessary associated equipment in there, as in fibre to the corporate network as opposed to the internet. So one of our techs paid a visit (high, just chasing a phone fault, can we have the basement keys) and yes it was all still there, powered up, gigabit feeds of all our internal corporate systems...... not for long...... That's what you get from a building full of sales execs etc. no technical knowledge at all.
The point is to do this after the router. There is no point doing this before the router (in the company's LAN). Since you're already in the company, no need to cut cables. In a pentest scenario you want to get it and get out as stealthy as possible.
I remember a late 90s LAN party. A heavy kiddo sat in the corner, smirking. I walked over and sat down next to the pale, bespectacled boy. When his blubber had stopped jiggling after to our seated collision, he lifted his meaty arm and pointed at the screen. He was running something named Lunix. His screen was full of terminals. He adjusted his glasses and took a breath from his asthma inhaler, before finally speaking. "See that? I have ARP poisoned the network. All traffic is routed through my computer. See those website passwords scrolling on the screen? That's people on this network who are logging into websites." I was too impressed to report him to anyone.
Why hide the commands? This basic stuff can be easily found. Information wants to be free. This is just silly as there are legitimate reasons for sniffing packets. I do it all the time as part of my job. Come on no one is using FTP or telnet where passwords are sent in clear text any more.
@@solarsombrero227 they only ban videos involving dishonest behavior, but learning network sniffing can be used for good... Usually I just see channels like these mention that it's for educational purposes or whatever and mention it's illegal to do it without permission. Same reason why hacking is taught in general. The black-hats already have their resources for learning this stuff.
@@ahmedmahomed working with RJ45 and Cat5E cabling, exploiting things and breaking them down can give you a greater understanding of how they work and how data is transferred through them.
@Ahmed Mahomed Yes. There are hackers that get paid by companies to hack them, then produce an exhaustive writeup on all their security failings, that way the company can clean up the low hanging fruit and make their systems more secure. Its called penetration testing, or more generally, whitehat hacking.
There's also blackhats, who are malicious hackers, greyhats, that sit somewhere in the middle, hacking just for fun but usually telling the victim if they find anything serious, and greenhats, who are only in it for the money, normally doing penetration testing and bug bounties, but they aren't afraid of selling malware if the bug bounty doesn't pay well.
Great video! Makes it’s easy to understand for the average joe. My only gripe is nitpicking. But it’s bugging me how he keeps calling it an rj45 cable. It’s a copper twisted pair cable or more specifically, likely a cat5, cat5e or cat6 cable
Hey! Thanks for your comment 🙂 We constantly improve our products and take into consideration any feedback. In order to provide a detailed answer to you we'd like to take a closer look at your case. Please share it with us by dropping us an email at Pr@sumsub.com
A bad actor can just store the SSL encrypted network traffic and wait few years for the quantum computing to get cheaper. For example, they can track network of government officials, since there influence will not go away in few years, it makes sense.
Of course when someone cuts pairs to turn 1000 MB in to 100 MB that may be enough to get some people to take a look at their network if it goes on too long. They might go to the room where they have the router looking for a bad cable. If they are smart enough they might even look at exposed cables if there are any. You can also run your cables in conduits to make things harder to mess with. That won't make it impossible at all but it might make them move on to an easier target unless they are after you specifically for some reason.
We really going to redact things like wireshark lol? Come on now. Either way, loved the way the video was edited and the cadence of the video. Despite people feeling one way or another, it was creative and cool. Thanks for the video.
Hey! Thanks a lot! Really happy to hear that you liked it.😍 Recently, we've been going through some changes and some of our old fans are not happy about it. However, we really appreciate every feedback, it helps us to become better
It's ok to call yourself a hacker if you're cybersecurity specialist and know how to pen test. People will misunderstand though that's for sure. EC-Counsel, who offers the Ethical Hacker certifications, offers the exact same cert by an alternative name. In case you worry about making a potential employer nervous by having the word "hacker" refer to you on your resume 🤣.
Bro they just steal my stuff and replace it with garbage from the courts. They think I can't tell the difference but the materials the device that I purchased are completely different in texture and weight. I'm not going to a judge just to complain about espionage.
If you have physical access a hacker wouldn't typically do something like this. This is probably how people hacked in the 90s-early 2000s. There are so many other modern ways to accomplish the same thing. There are so many legit videos about hacking on youtube I am not quite sure why you're hiding things.
They are hiding things for arse covering. TH-cam policy says you can't make instructional hacking videos. Also, this is simple for a noob audience, since it gets people to think about what's around them and how it can actually be abused. Hacking isn't magic, it just looks like magic if you squint at it from a distance, so seeing real hacking close up, even if its old techniques, demystifies it. Modern things like USB Rubber Duckies are fun, but if you aren't used to thinking about how to use things in unconventional ways, it'll just look like a magic USB stick.
Tipping an ethernet cable is already ass enough, imagine now adding aligator clips to each wire and then connecting it to each wire of the tapped device without crossing any of them. Unrealistic
So you're willing to get the viewing audience most of the way there in terms of understanding but there's a little bit of homework at the end. That's job security right there.
Any programming language would do to get started. I'd personally recommend Python, since its good for scripting (short programmes that automate tasks) but if you're serious about cyber security I would point you towards Linux. Linux, or sometimes GNU Linux, is an operating system that is good for learning since most industry machines (servers, routers, robots, all sorts) run a variation of Linux. If you're new, buy a Raspberry Pi (Raspberry Pi OS is based on Linux) and talk with people in the forums about learning the command line, simple networking projects, more advanced networking projects, and whatever tinkering ideas take you.
I liked this video until he started to censor some words and commands, that's really dramatic and paranoid, how this video could prevent attacks that are deprecated? That's no sense...
Passive sniffing, as show in this video, does not work on 1 Gb/s or above. It only works on 10 and 100 Mb/s. You can force a +1 Gb/s connection to downgrade to 100 Mb/s. By cutting one or more of the wires in the blue and brown pair. But then the attack is no longer undetectable. It is not high-tech devices, like desktop computers, that are vulnerable to this attack. It is low-tech infrastructure that uses 100 Mb/s and no encryption. Such devices assumes the network is secured from physical and remote attacks.
You dont have to actually cut wires, lol. There are more gentle ways to downgrade connection, but yes, it still will be noticable. Dont you worry tho, optics is coming. Soon it will be all over the the place up to last mile and "physical" sniffing will thrive once again.
I have a doubt if we sniff the packet it is encrypted with hash than burtforce takes a lot of time to decrypt it... Cuz it could be md5 hash the most common. Also the attack fail if the ethernet is in monitoring.(The flow of e-) Right?
I don't exactly understand why they even hid them, any malicious blackhat can probably find the tools in a few google searches due to the fact they left the args uncensored
This is pretty old stuff guys. I personally have not seen a Vampire Tap device since the early 90s. Also with the rise of SSL and TLS for mail transport this is not going to work at least for raw sniffing anyway. Cool video though.
Thats why you MITM with this and decrypt the SSL. Too easy. Either way, yes there are better attack vectors, but if you had time, and the correct place to do this, like an accessible basement, with a tap, and some specific hardware you would leave in place that I won't name, This could indeed be very effective.
@@phillipgilligan8168 how do you plan on decrypting the SSL traffic without the private key? Granted there are some tools where you can strip SSL out of a session but the end-users going to know.
@@LP-fy8wr your MitM proxy replaces the ssl cert so you actually own the private key in that configuration.
Look for “Mitmproxy” also, never use these kinds of tools on systems you don’t own. (Sorry had to add a disclaimer there)
Oh cmon. Pentestish hispsters and opensource nerds were all over Throwing Star TAP just several years ago.
@@LP-fy8wr you would not believe how many users will click "whatever, just get me to the site". Not to mention that you actually can make it TLS again. All this cryptomumbojumbo is good, but cert managing infrastructure is really bad. It's so bad, I actually think it was made this way by design by some NSA or whatever. Getting your hands on "good" certificate is not as hard as one would've expect. And after that the only thing standing between you and plaintext would be cert pinning, which is like a dad who went for a pack of cigaretts twenty years ago. Downgrading TLS is still a thing too, as far as I can tell. So yeah, mitm is still possible in modern internets. Although I have no idea why this dude invoked mitm in context of passive sniffing.
Many years ago, a telco I worked for had a large office building in a city, they decided this building was no longer suitable so they moved over to a new one. One of our competitors ended up taking over the old office building.
Then one of our techs had a startling realisation, that building was fed with fibre, and there would have been all the necessary associated equipment in there, as in fibre to the corporate network as opposed to the internet.
So one of our techs paid a visit (high, just chasing a phone fault, can we have the basement keys) and yes it was all still there, powered up, gigabit feeds of all our internal corporate systems...... not for long......
That's what you get from a building full of sales execs etc. no technical knowledge at all.
The point is to do this after the router. There is no point doing this before the router (in the company's LAN). Since you're already in the company, no need to cut cables. In a pentest scenario you want to get it and get out as stealthy as possible.
RJ-45 is not a cable, it's a type of connector for utp/stp cable like CAT5, CAT5E, CAT6 and so on.
Splicing into a cable is definitely detectable since the attenuation of the signal will increase.
where can I purchase a device that will detect signal attenuation that will send me a notification when it happens and alert me to which cable it is?
@@josephzajdler home routers have the hardware for it but not the software
Not a bad video but I must say, I do miss the amazing quality you used to produce with Bradley with those sets.
Thank you for the hard work you put into making this video.
Glad you enjoyed it!😊
I remember a late 90s LAN party. A heavy kiddo sat in the corner, smirking. I walked over and sat down next to the pale, bespectacled boy. When his blubber had stopped jiggling after to our seated collision, he lifted his meaty arm and pointed at the screen. He was running something named Lunix. His screen was full of terminals. He adjusted his glasses and took a breath from his asthma inhaler, before finally speaking. "See that? I have ARP poisoned the network. All traffic is routed through my computer. See those website passwords scrolling on the screen? That's people on this network who are logging into websites." I was too impressed to report him to anyone.
Loving the description, very immersive
Why hide the commands? This basic stuff can be easily found. Information wants to be free. This is just silly as there are legitimate reasons for sniffing packets. I do it all the time as part of my job. Come on no one is using FTP or telnet where passwords are sent in clear text any more.
exactlyyyyy
TH-cam will often ban videos that show exactly how this kind of stuff is done
@@solarsombrero227 they only ban videos involving dishonest behavior, but learning network sniffing can be used for good... Usually I just see channels like these mention that it's for educational purposes or whatever and mention it's illegal to do it without permission.
Same reason why hacking is taught in general. The black-hats already have their resources for learning this stuff.
@@solarsombrero227 just put a "for educational purposes only"
Well, he's got liability. We don't, we can just share what he has to censor lol
As a pentester I believe that it would be interesting see the complete commands or some suggestion about proper documentation.
As a pentester, you should know these commands as you use them every day
@@dafoex As it pertains to this video, what commands would those be, that you think everyone should know?
Hackers rarely work locally, this is more for companies that are afraid of industrial espionage
i prefer these longer videos so very much more to the shorts.
Hey! Thanks for your comment! We also love the long format and we're not going to stop producing it 😊
Great video, very informative without being too informative. I’m glad Seytonic gave you a shout out, definitely going to sub. Keep up the great work.
Thanks a lot! Glad to hear that! 🥰
doing this in my college networking class.. great stuff
Hacking?
@@ahmedmahomed working with RJ45 and Cat5E cabling, exploiting things and breaking them down can give you a greater understanding of how they work and how data is transferred through them.
@@ahmedmahomed *listening on the network*
@Ahmed Mahomed
Yes. There are hackers that get paid by companies to hack them, then produce an exhaustive writeup on all their security failings, that way the company can clean up the low hanging fruit and make their systems more secure. Its called penetration testing, or more generally, whitehat hacking.
There's also blackhats, who are malicious hackers, greyhats, that sit somewhere in the middle, hacking just for fun but usually telling the victim if they find anything serious, and greenhats, who are only in it for the money, normally doing penetration testing and bug bounties, but they aren't afraid of selling malware if the bug bounty doesn't pay well.
it's honestly easier to infect a client.. great content tho!!
Great video! Makes it’s easy to understand for the average joe. My only gripe is nitpicking. But it’s bugging me how he keeps calling it an rj45 cable. It’s a copper twisted pair cable or more specifically, likely a cat5, cat5e or cat6 cable
RJ45 refers to the connector, cat5,6 etc refers to the cable itself.
Based on the fact that there is not a noticeable divider I would have to say it’s cat 5 or cat 5e
it was kinda fun filling in the blanks when watching this, like a shout-out at a Pantomime
small note. at the start of the video the comments on the bash shell are C comments not bash comments.
I love your videos, such a quality
Thank you so much!
Hex editors are so much fun!
Great explanation
This thing is awesome. I'm digging it!
Hey! Glad that you like it ☺
I regularly convince your id verification system that photoshopped IDs I make are real.
Hey! Thanks for your comment 🙂 We constantly improve our products and take into consideration any feedback. In order to provide a detailed answer to you we'd like to take a closer look at your case. Please share it with us by dropping us an email at Pr@sumsub.com
Thank you for your vide, but My question is: WHat kind of phone do you use for this operation ?Thanks
My dear brother, if you continue in this way, the channel will grow. Yes, this is the type of videos that we want. Continue and we will support you
A bad actor can just store the SSL encrypted network traffic and wait few years for the quantum computing to get cheaper. For example, they can track network of government officials, since there influence will not go away in few years, it makes sense.
Thanks for this video its very imformative but how you connect crocodile to that green cable if you dont cut that plastic around cable
Useful informations, thanks for the video.
Happy it was helpful!🎉
Hope you upload uncensored video on Patreon or smthng 🌟
Thank you sir 🙏
Perfeito , parabéns pela iniciativa !!!
This is no problem. Every modern service uses ssl. Even if you hijack the traffic in middle you won't be able to decipher it.
I like how they censor the software as if you couldn't just google lol
Makes it more MYSTERIOUS, ooohh !!
Its for arse covering. TH-cam has policies against making instructional hacking videos
@@dafoex correct - it is a TH-cam restriction - nothing more.
Good for them. God forbid some Karen gets their channel taken down.
Of course when someone cuts pairs to turn 1000 MB in to 100 MB that may be enough to get some people to take a look at their network if it goes on too long. They might go to the room where they have the router looking for a bad cable. If they are smart enough they might even look at exposed cables if there are any. You can also run your cables in conduits to make things harder to mess with. That won't make it impossible at all but it might make them move on to an easier target unless they are after you specifically for some reason.
This is an amazing video! I learned a lot, thank you!
Glad you enjoyed it !
We really going to redact things like wireshark lol? Come on now. Either way, loved the way the video was edited and the cadence of the video. Despite people feeling one way or another, it was creative and cool. Thanks for the video.
pretty nice.. thanks.. gotta love kodachi too :)
Good content, ethernet line connect can detect but I looking at how they do as method and other prevention.
Specialist in cybersecurity sounds like another name for whitehat hackers to me
great content!
Amazing content!
Glad you enjoyed it😊
Very helpful and informative, subscribed and liked, thank you please do more.
Thanks mate! Check out our new video about drone hacking :)
thanks for your tutorial i really enjoyed it
Hey, can you tell me the laptop (the front at thinkpad) model ? I interested with the design.
Can we physically eavesdrop on fiber optic cables using light sensors?
great video, but why the comments so negative
Hey! Thanks a lot! Really happy to hear that you liked it.😍 Recently, we've been going through some changes and some of our old fans are not happy about it. However, we really appreciate every feedback, it helps us to become better
Sniffing on fiber cables was done 40 years ago. So no, Not Secure either. The only secure method is encryption
even if you got in to the building to see these cables good luck identifying witch one is your target
I didn't understand how you can read the data without connecting the crocodile cable. You only clipped them but didn't connect them.
I really like your video tutorials
Scenario for early 2000 situations, not for today. It's like guide , HOw to break into WiFi secured with WEP key.
Hi!
What distro are you using?
2:42 - wow! I knew from this video which color in Ethernet cable wires for what! 😀
Great video
I didn't understand a thing but it was a good video
It's ok to call yourself a hacker if you're cybersecurity specialist and know how to pen test. People will misunderstand though that's for sure. EC-Counsel, who offers the Ethical Hacker certifications, offers the exact same cert by an alternative name. In case you worry about making a potential employer nervous by having the word "hacker" refer to you on your resume 🤣.
Bro they just steal my stuff and replace it with garbage from the courts. They think I can't tell the difference but the materials the device that I purchased are completely different in texture and weight. I'm not going to a judge just to complain about espionage.
You should seriously consider whether you have schizophrenia
10:00 tcpdump?
If you have physical access a hacker wouldn't typically do something like this. This is probably how people hacked in the 90s-early 2000s. There are so many other modern ways to accomplish the same thing. There are so many legit videos about hacking on youtube I am not quite sure why you're hiding things.
They are hiding things for arse covering. TH-cam policy says you can't make instructional hacking videos.
Also, this is simple for a noob audience, since it gets people to think about what's around them and how it can actually be abused. Hacking isn't magic, it just looks like magic if you squint at it from a distance, so seeing real hacking close up, even if its old techniques, demystifies it.
Modern things like USB Rubber Duckies are fun, but if you aren't used to thinking about how to use things in unconventional ways, it'll just look like a magic USB stick.
Waittttt, you used the green pair which is the tx wires, you should have used the orange pair on the sniffer cable....
Tipping an ethernet cable is already ass enough, imagine now adding aligator clips to each wire and then connecting it to each wire of the tapped device without crossing any of them. Unrealistic
You blank out pieces of software people watching this would have no idea how to use this lol
What about those internet cables poking out of buildings?
which app did you use on an android phone
Do you have any courses I can buy?
omg this video make my life... THX SO MUCH 💖
good job
Awesome
So you're willing to get the viewing audience most of the way there in terms of understanding but there's a little bit of homework at the end. That's job security right there.
Hello sir, as a beginner in programming, i want to ask if what programming language should i learn to work cyber security.
Thanks for the answer
Any programming language would do to get started. I'd personally recommend Python, since its good for scripting (short programmes that automate tasks) but if you're serious about cyber security I would point you towards Linux. Linux, or sometimes GNU Linux, is an operating system that is good for learning since most industry machines (servers, routers, robots, all sorts) run a variation of Linux. If you're new, buy a Raspberry Pi (Raspberry Pi OS is based on Linux) and talk with people in the forums about learning the command line, simple networking projects, more advanced networking projects, and whatever tinkering ideas take you.
@@dafoex thank you so much sir
the top third of the screen looks like wireshark
Wow great info,tQ sir
yanno, after the bradley and emily split i was really concerned about the future of this channel, but i wil say this pleasantly surprised me.
Split?
Hi Tom! Thank you very much for your support! It means a lot to us, especially now that we are trying to find our new way in the online jungle☺
12:26 "excessive spending on toilet paper" - Elliot
I liked this video until he started to censor some words and commands, that's really dramatic and paranoid, how this video could prevent attacks that are deprecated? That's no sense...
Excellent video
This is the best Vidéo
This had so many errors..
Analyze them
Interesting but I don't like all the censorship, can't finish watching.
the glitch noises were haxking my brain
"now optics are the most widely used"
Uh, where do you live that fiber optic cables outnumber ethernet cables?
maybe clarify how long and time consuming a dictionary attack can take.
A few things mate.
Hackers are cybersecurity specialist as far as i know.
Why do you fail to mention offensive security is a thing in your intro?
Me after learning this: all right, next stop Valve HQ.
We're getting Half life 3 this time boys
My thinking was it is that you need super secret equipment and software.
Not in my dream 10/100 adapter and a rooted device ...
Look interesting .
I thought you were gonna obscure the most crucial parts of it. That's pretty much a recipe x'D
Passive sniffing, as show in this video, does not work on 1 Gb/s or above. It only works on 10 and 100 Mb/s. You can force a +1 Gb/s connection to downgrade to 100 Mb/s. By cutting one or more of the wires in the blue and brown pair. But then the attack is no longer undetectable.
It is not high-tech devices, like desktop computers, that are vulnerable to this attack. It is low-tech infrastructure that uses 100 Mb/s and no encryption. Such devices assumes the network is secured from physical and remote attacks.
You dont have to actually cut wires, lol. There are more gentle ways to downgrade connection, but yes, it still will be noticable. Dont you worry tho, optics is coming. Soon it will be all over the the place up to last mile and "physical" sniffing will thrive once again.
what are the names of the programs and software that were censored?
Would be a shame if somebody name dropped: wireshark, tcpdump and python-impacket.
Awesome bro
noone would ever do this because there are tools that do this .. like the lan turtle etc...
I have a doubt if we sniff the packet it is encrypted with hash than burtforce takes a lot of time to decrypt it...
Cuz it could be md5 hash the most common.
Also the attack fail if the ethernet is in monitoring.(The flow of e-)
Right?
our school has an exposed unconnected ethernet cable on the exterior
Zap it with the Piezoelectric from a disassembled lighter or with a stun gun or whatever you can use :)
Actually i take back my previous comment this description is tragic
What is the script and what is it called?
A guy talking in"Londonish",Credibility level = 0%
Vamp Taps, huh? Guess they are still around.
cool analog nmap
why the censors bruhhhhhh
i think the first program is tcpdump but i may be wrong
maybe tshark ¯\_(ツ)_/¯
yeah, first seems like tcpdump, second is probably pyhtools and third one is tcpextract, they even say so at 11:20
I don't exactly understand why they even hid them, any malicious blackhat can probably find the tools in a few google searches due to the fact they left the args uncensored
@@RafeTVGaming reading a paper on extracting files from tcp streams, tshark actually seems to do better than tcpextract ¯\_(ツ)_/¯
@@koza1brada373 black hats know how to RTFM more than the average YT viewer lmao
I use cat 7 and never sleep hidden postifier
they use wireshark