Big thanks to Juniper for sponsoring this video! Try Juniper Mist AI for free: juni.pr/3Wiz7to Once you fill out the form, you’ll get access to a hands-on test environment so you can see what Juniper Mist can do. // Wifi Hacking PDF // PDF with instructions: davidbombal.wiki/airmon-ng /// Alfa ADAPTORS // Alfa Long-Range USB Adapter: amzn.to/3yFs99E Alfa WUS036AXML: amzn.to/4c3rlJV // TH-cam video REFERENCE // Break wifi passwords using cloud GPUs: th-cam.com/video/nHDixd-EdEQ/w-d-xo.html // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal TH-cam: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // MENU // 00:00 - WPA2 vs WPA3 Wi-Fi 02:12 - Network Adapters 03:07 - Do You Need an External Adapter? 04:53 - Kali Demonstration 06:12 - Enabling Monitor Mode 09:05 - Launching an Attack 11:10 - In Wireshark 12:23 - Cracking The Password 13:56 - Juniper Mist Interface 14:30 - Wifite 19:22 - Conclusion 19:30 - Outro wifi kali linux kali linux 2024 wifite wpa wep wps alfa comptia wifi airmon-ng aircrack-ng hack hacker hacking ethical hacking kali Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #wifi #wpa2 #password
Please do one to show how to defend against this. Or at very least how to record these attacks. A neighbour must have seen one of your videos and I need definitive evidence to report the attacks to the authorities. Thank you.
Worst still, if you try to go all complicated with the WPA2 password but fail to give it sufficient length, you are still at risk from a brute force attack. It's been a while since I was experimenting myself, but a rig with 2x GTX 1080 was able to achieve something like 800 000 attempts every second using hashcat to crack the password. The parallelization worked so good that adding more gfx cards would give it a linear increase in performance. Can't even imagine what numbers the 4xxx series cards are able to achieve nowadays. But yea, use special characters and give it some length.
I have four bands on my WiFi router, 2.4GHz, 5GHz, 5GHz, and 6GHz, only the 6GHz is running WPA3, the 2.4/5.0/5.0 is running WPA2 Enterprise with PMF (Protected Management Frame) turned on. The connection secret alone is 50 characters long, the username and authentication password are both 50 characters long and uses an EAP-TLS/PAP and EAP-TTLS/PAP authentication scheme. Even if someone were to find a way to crack into the WPA2 Enterprise with 50/50/50 secretkey/username/password mess, all traffic that connects to the first three bands are isolated (WiFi isolation) from the local network and automatically gets redirected into the TOR network.
meaning what exactly? like even 3080 unoptimized has like mil hashrate, and lets go with simple example - eu routers currently have nummeric default passwords (20numbers ,random) lets say you build something insane with 4-6mil hashrate, its gonna take you million of years and its not even alphanumeric. and since wpa2 is always salted u cant use rainbow tables. so your statement is bs
Great info David. I tried these attacks with my network and found out it's best to use indigenous languages for passwords since wordlist don't contain them and most brute force attacks cannot crack them
If you have an access point that allows multiple SSIDs, especially for security type of devices that only support wpa2, it might make sense to, if possible within the router/access point to add more than one SSID for your WPA2 only devices, and then split your devices across those SSIDs. That way, if someone attempts to deauth your devices, hopefully they're only trying one SSID and the remaining devices stays online.
Wifi is a fun hacking topic. I like bettercap and kismet but it is really important for people starting to learn airmon-ng first as it teaches the basics. I also like airgraph-ng will show wifi relationships
Though it’s already outdated, I just installed the Intel AX210ngw WiFi 6e M.2 WiFi card with an Alpha WiFi 6E antenna ( leave it in the housing or take the PCB antenna out and mount inside your laptop, both ways work really well). The ax210 supports monitor and injection and you can get it for about $15. I’m gonna order a new intel card for WiFi 7 today, hopefully, and see if it supports monitor and injection. Thanks for the video. Another great learning resource
I apologize for any misunderstanding. I’ve never used an Alfa access point so I can’t speak to its functionality, abilities or even color of its packaging. I have used Alfa’s WiFi 6E , multi band Antenna and it performs above and beyond any of my expectations. Plus it’s versatile. It ships in a giant , white plastic geometric monstrosity of a container, yet with the removal of a few fasteners, the actual pcb antenna can be removed and mounted easily inside of a stock laptop, desktop or cyberdeck build. Yes, the Intel AX210 WIFI adapter supports WPA3 in basic functionality, though I’m not aware how it performs in monitor or injection mode, if at all. Here’s the number of an Intel Article that may have the answers you require. Intel Article ID 000054783 I was only sharing the type of setup I’ve clumsily assembled to use with the tools in Kali Linux because it has been reliable, effective and costs very little cash to employ. Also, please let it be known that though I have some decades of life experience and basic computer knowledge, it’s only been recently that I’ve immersed myself in the “ Electrical Computer Engineering “ fields. It started out of boredom which sparked curiosity then an ever present next question whose answer seems a few steps away then just another question. Like an educational mirage. -Jason Burchell
David, take a look at this article "Testing 802.11w by sending deauth packets: Broadcast and Unicast." it might be useful to you. It describes that tests show that although 802.11w protects management frames after full authentication, devices attempting to connect for the first time can be blocked using deauth packets. Could you try to replicate the experiment and see how it could be implemented?
@@davidbombal I learnt so many thing's from your videos! Thank you so much, cause in COVID your videos enabled me to do some real life practical's your videos are stressbuster for me, so I requesting you to continue making this type of video atleast once in a while
As David said there, only attack your own networks or networks you have permission to attack. Deauth attacks are very noisy and attract attention, like from law enforcement. I need to show this video to some of my neighbours as they have really bad WPA2 passwords. 🤔🙄
Not really for this topic, but if you consider WiFi links between buildings you should consider to use 60GHz since that frequency has a high propagation dampening and a relatively narrow lobe so anyone wanting to penetrate that link need to be inside the lobe and within a limited distance to be able to perform an attack. The propagation dampening is also an advantage since it will lower the amount of interference from other devices while a link in the 5GHz band can see enough interference to constantly run DFS (Dynamic Frequency Selection) and fail to establish a link.
It's amazing to see that even today, there are new routers and devices that only support WPA2; worse, there's folks that buy routers that only support WPA2. On things like routers, if it does not support WPA3, it drops off the consideration almost immediately.. One specific area that is weird like this - is some travel routers that don't support WPA3..
I first read about the WPA2 vulnerability when I was studying for Security+. I always wanted to find out about this in detail, and you've explained it perfectly. Thanks for the information.
One little project i made was a d1 mini that detects deauthentication attacks by spacehuhn it lights up when more than 5 connections happen in short time, also useful because it detects if a device is having problems connecting to the wifi
Bruteforcing needs a huge pwd library. The only thing is to create a dynamic library with python using a fifo method to get a limited used space on disk. As a pwd is used, it's deleted and a new one is created. I have not be succeful to create such a library. So if there is someone really good with python, please share your idea.
As i said in other your video about WiFi cracking! Probably you can do this in America but, in Europe, every router come with a very very strong WiFi default password (more than 32 random characters, capital and not, numbers and somethimes simbols) that is impossibile to crack. Most of the users do not change this password (maybe we are lazy and in this case is a "plus" 😂) . Some (very few) WiFi password can be retrived because are associate with certain SSID but nowadays, at least where am i, WiFi cracking is nearly impossible . You could try via fake AP but noone falls in it.
Unfortunately people do change the passwords to make them easier to share. And people do unfortunately still connect to evil twin rogue points. Recent example of someone using a Hak5 pineapple: www.techradar.com/pro/security/man-arrested-for-setting-up-fake-flight-wi-fi-to-steal-fellow-passenger-details
Its crazy how many people does not care about any security. I recently bought several used electronics. There is still data from the previous user, Like the Name of the WiFi Network and passwords. I found also very private information. A pervert or a child Predator could easily Take Advantage, criminals with finacial interest too.
I would love to go high bands and WPA3 only, but sadly so many client devices are kept at obsolete standards, all my IoT smart devices are 2.4 ghz only for starters, which is really annoying as thats the only reason I listen on 2.4ghz, and my xbox series S does not properly support WPA3, and I even have to disable 802.11w on WPA2 as it doesnt support it. So I have to use mixed mode and use WPA2 with some security features off for the Xbox. I feel there needs to be some kind of regulatory practice to ensure client devices meet modern security standards. Seems to really only that mobile phones are keeping up. Final note all the client devices I use, do have a type of firmware update feature, so it is within the vendor's power to keep them up to date. I do what I can though, my wifi is locked into a walled garden, cannot access my main LAN and has limited internet access.
It blows my mind how slow manufacturers are on new security implementations, if you buy a car and a fault is found in it it's recalled, why should it be any different with technology?
9:44 one mistake I made but learnt how to fix was that I wasn't specifying the channel in the airodump-ng window, only the bssid, meaning my network adapter was switching between channels and therefore I couldn't specify the right channel for the aireplay-ng attack in the other window I was so confused until I found out why
Mixed mode will drop back to WPA2 if that's the only way to get a connection so, yes it should work if you're using a bad password and some client devices that use WPA2.
Hey David nice video in a nice timing for me as I was studying about this I have tried a lot of these tools like aircrack-ng bettercap wifite airgeddon etc. I was wondering, what about the PMKID attack?
Probabilities are high there is an error on slide 11. BSSID is access point and station is client. This is however obvious from the lecture as well as from the other slides and other sources too. So please review the lecture proper too in parallel with this "field manual". Anyways, this is good reading while I set up my own lab in order to get higher rise over run on my learning curve. Boosting that rise over run, for me it's more productive to study the airodump-ng generated csv-file with spreadsheet software. And last, but not least the man-pages of the airodump-ng are really worth reviewing. Now, continuing on page 12 onwards. BR JKi
when i want a free proxy all i usually need to do is scan for wps-enabled networks and try to crack those. usually takes minutes to find a working one which is shockingly quick for 2024.
Sounds good but the hardware is linked back to YOU if you've ever used it personally. The IMEI is linked to to the email like Google for example and is stored remotely with any or all carriers. Use a raspberry pi instead or a device that has NEVER been used with your account or personal information including location or within range of your personal wifi.
Living in a country where it's rare people actually change any WiFi passwords from standard router passwords so unless there's wordlists that have standard WiFi router passwords this rock you dictionary is useless, unless people change a standard password to a word in rockyou (much weaker than standard router password)
I got a little confused at the WPA3 section, when you said wireshark failed to crack the password. From what I understood, wireshark doesn't crack the password, it just obtains the encrypted key, and then you use other software to crack the password? My question is, did wireshark get the encrypted key for the WPA3 network, in the WPA Key data, but it is using an encryption algorithm that is too hard to crack (yet), or there is more to it? I would imagine it isn't too hard to get the data, but it is being able to crack the data that is the problem, or the time/resource consuming part of it.
Excelente video y gracias por compartir a la comunidad, ahora una pregunta, kali ya tiene herramientas para atacar obviamente de modo educativo a redes WPA3 en frecuencias de 5ghz y 6ghz? Desde ya muchas gracias y esperamos el tutorial de las mismas. 😂
Sir...great learning experience....but which adaptor best for other work password cracker.. kindly share and make a learn video on fake msg indicating or sender information about 🙏
Wow Airmon-ng is still being used over 10 years on.. what is the range of 5GHz networks these days? I preferred to use them because of the limited range so limited exposure 2 decades ago.
You crack it so easily, but wondering if there was a much harder pasword, let say 20+ digits with lower and upper letters, sigs and numbers, will you still be able to crack it?
Anything is crackable if you have the password in the password list and/or a few quintillion years to spare. There’s a few charts around that detail it. Image search will bring them up. Of course it all depends on what hardware you’re using. Quantum machines will reduce that time significantly - a few extra GPU’s might shave off a few million years at most.
I've cracked bad wifi passwords on a 2008 Dell laptop without GPU support in seconds. I then used hashcat with GPU support to crack some other somewhat more complex passwords within a few hours. I have a wifi password that is 20 random characters and tried to crack it with hashcat using all the wordlists available to me, then via brute force which quickly told me that it would take some thousands of years to work through that character space. I didn't bother letting that one run.
My dear teacher, when I did the work, the password was not in the password file when I attacked a network with WPA2 protection type, knowing that the handshake came out
The handshake only gives you the password hash. You then need to use other means to crack the hash, which is what hashcat and the wordlists he was using are meant to do. There's never a guarantee that the hash cracking will work. You may need additional information and heavy hardware resources to have a good chance of cracking anything that is not a silly, simple password.
Hi Mr Bombai, what can you tell me about the AWUS036ACS? According to its description on Amazon, it supports dual-band frequencies of 2.4 GHz and 5 GHz
I know a lot of friends and family that just leave the password as whatever default password the router came with. This is usually a random string of letters and numbers. Is this potentially at risk from bruteforce methods?
I want to start ethical hacking, but I’m unsure which operating system to use. I know I want to use Kali Linux, but I often hear that Ubuntu is recommended because it's more stable and easier to use. Some suggest running Kali Linux on top of Ubuntu, either in a virtual machine, dual booting, using Katoolin, or even using a USB live boot with Kali Linux. My main interest is Wi-Fi hacking, and I’ve heard that not all functionalities are available when using Kali Linux in a virtual machine. Could you please advise me on the best way to start and which operating system or combination I should use? I don’t want to be limited when it comes to functionality especially with the wifi-hacking
Start with Kali Linux or Parrot OS. on a live usb with persistence mode. Then after a while when you know how Linux works (system and terminal), you can install Ubuntu and weaponize it with your favorite tools or install other Linux based OS. Anyway do not limit yourself to operating systems, you need to familiarize yourself with all systems.
I always get wlan0 and wlan0mon after changing to monitor mode and cannot find any Wi-Fi around me. my kali is native kali on raspberry pi 5, what could be the possible reason?
So what happens if the client enters a wrong password? Would it still be captured , or will it continue running until a correct password is entered using any of the tools
Yea that's how password cracking usually goes, you can't "decrypt" it All you do is get its hash and compare it to other passwords hash and return the matching ones The trick is being a good wordlist maker as well as a rule/condition maker when using hashcat or hydra
Big thanks to Juniper for sponsoring this video! Try Juniper Mist AI for free: juni.pr/3Wiz7to
Once you fill out the form, you’ll get access to a hands-on test environment so you can see what Juniper Mist can do.
// Wifi Hacking PDF //
PDF with instructions: davidbombal.wiki/airmon-ng
/// Alfa ADAPTORS //
Alfa Long-Range USB Adapter: amzn.to/3yFs99E
Alfa WUS036AXML: amzn.to/4c3rlJV
// TH-cam video REFERENCE //
Break wifi passwords using cloud GPUs: th-cam.com/video/nHDixd-EdEQ/w-d-xo.html
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
X: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
TH-cam: www.youtube.com/@davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// MENU //
00:00 - WPA2 vs WPA3 Wi-Fi
02:12 - Network Adapters
03:07 - Do You Need an External Adapter?
04:53 - Kali Demonstration
06:12 - Enabling Monitor Mode
09:05 - Launching an Attack
11:10 - In Wireshark
12:23 - Cracking The Password
13:56 - Juniper Mist Interface
14:30 - Wifite
19:22 - Conclusion
19:30 - Outro
wifi
kali linux
kali linux 2024
wifite
wpa
wep
wps
alfa
comptia
wifi
airmon-ng
aircrack-ng
hack
hacker
hacking
ethical hacking
kali
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#wifi #wpa2 #password
hello
i commented b4 u actually did
it was a 11 second difference
@@mo_afr i don't know
Please do one to show how to defend against this. Or at very least how to record these attacks. A neighbour must have seen one of your videos and I need definitive evidence to report the attacks to the authorities. Thank you.
Uncle David went from teaching me how to be a good and honest Network Technician to a computer hacking edgelord 🙃
I don't complain
David Bombal: "If there's Break Dancing at the Olympics, why can't there be Hack-The-Box at the Olympics?"
Worst still, if you try to go all complicated with the WPA2 password but fail to give it sufficient length, you are still at risk from a brute force attack. It's been a while since I was experimenting myself, but a rig with 2x GTX 1080 was able to achieve something like 800 000 attempts every second using hashcat to crack the password. The parallelization worked so good that adding more gfx cards would give it a linear increase in performance. Can't even imagine what numbers the 4xxx series cards are able to achieve nowadays. But yea, use special characters and give it some length.
How can we crack the password like this >>> Sp!d3Rm@Nb@tMaN&$up3rM@N
I have four bands on my WiFi router, 2.4GHz, 5GHz, 5GHz, and 6GHz, only the 6GHz is running WPA3, the 2.4/5.0/5.0 is running WPA2 Enterprise with PMF (Protected Management Frame) turned on. The connection secret alone is 50 characters long, the username and authentication password are both 50 characters long and uses an EAP-TLS/PAP and EAP-TTLS/PAP authentication scheme. Even if someone were to find a way to crack into the WPA2 Enterprise with 50/50/50 secretkey/username/password mess, all traffic that connects to the first three bands are isolated (WiFi isolation) from the local network and automatically gets redirected into the TOR network.
meaning what exactly? like even 3080 unoptimized has like mil hashrate, and lets go with simple example - eu routers currently have nummeric default passwords (20numbers ,random) lets say you build something insane with 4-6mil hashrate, its gonna take you million of years and its not even alphanumeric. and since wpa2 is always salted u cant use rainbow tables. so your statement is bs
My fav topic of all time
Happy to hear that! I hope you enjoy the video 😀
My bro David can you make video about how to install backtrack OS and others OS on Android with limbo x86 pc emulator. @@davidbombal
Great info David. I tried these attacks with my network and found out it's best to use indigenous languages for passwords since wordlist don't contain them and most brute force attacks cannot crack them
If you have an access point that allows multiple SSIDs, especially for security type of devices that only support wpa2, it might make sense to, if possible within the router/access point to add more than one SSID for your WPA2 only devices, and then split your devices across those SSIDs. That way, if someone attempts to deauth your devices, hopefully they're only trying one SSID and the remaining devices stays online.
Wifi is a fun hacking topic. I like bettercap and kismet but it is really important for people starting to learn airmon-ng first as it teaches the basics. I also like airgraph-ng will show wifi relationships
Though it’s already outdated, I just installed the Intel AX210ngw WiFi 6e M.2 WiFi card with an Alpha WiFi 6E antenna ( leave it in the housing or take the PCB antenna out and mount inside your laptop, both ways work really well). The ax210 supports monitor and injection and you can get it for about $15.
I’m gonna order a new intel card for WiFi 7 today, hopefully, and see if it supports monitor and injection.
Thanks for the video. Another great learning resource
Do you mean that the ALFA adapter is outdated ?
I apologize for any misunderstanding. I’ve never used an Alfa access point so I can’t speak to its functionality, abilities or even color of its packaging.
I have used Alfa’s WiFi 6E , multi band Antenna and it performs above and beyond any of my expectations. Plus it’s versatile. It ships in a giant , white plastic geometric monstrosity of a container, yet with the removal of a few fasteners, the actual pcb antenna can be removed and mounted easily inside of a stock laptop, desktop or cyberdeck build.
Yes, the Intel AX210 WIFI adapter supports WPA3 in basic functionality, though I’m not aware how it performs in monitor or injection mode, if at all.
Here’s the number of an Intel Article that may have the answers you require.
Intel Article ID 000054783
I was only sharing the type of setup I’ve clumsily assembled to use with the tools in Kali Linux because it has been reliable, effective and costs very little cash to employ. Also, please let it be known that though I have some decades of life experience and basic computer knowledge, it’s only been recently that I’ve immersed myself in the “ Electrical Computer Engineering “ fields. It started out of boredom which sparked curiosity then an ever present next question whose answer seems a few steps away then just another question. Like an educational mirage.
-Jason Burchell
David, take a look at this article "Testing 802.11w by sending deauth packets: Broadcast and Unicast." it might be useful to you.
It describes that tests show that although 802.11w protects management frames after full authentication, devices attempting to connect for the first time can be blocked using deauth packets.
Could you try to replicate the experiment and see how it could be implemented?
Great video!🎉
Thank you! 😁
@@davidbombal I learnt so many thing's from your videos! Thank you so much, cause in COVID your videos enabled me to do some real life practical's your videos are stressbuster for me, so I requesting you to continue making this type of video atleast once in a while
Another great video from the OG
Really amazing, i mostly had issues when trying to capture handshake when the user is already connected, but now i know how to deauthenticate
😁😁😁😁
As David said there, only attack your own networks or networks you have permission to attack. Deauth attacks are very noisy and attract attention, like from law enforcement.
I need to show this video to some of my neighbours as they have really bad WPA2 passwords. 🤔🙄
Not really for this topic, but if you consider WiFi links between buildings you should consider to use 60GHz since that frequency has a high propagation dampening and a relatively narrow lobe so anyone wanting to penetrate that link need to be inside the lobe and within a limited distance to be able to perform an attack.
The propagation dampening is also an advantage since it will lower the amount of interference from other devices while a link in the 5GHz band can see enough interference to constantly run DFS (Dynamic Frequency Selection) and fail to establish a link.
Interesting information! Thank you, David!
I wonder if it is possible to configure the router to detect and isolate threats from the network?...🤔
Up
It's amazing to see that even today, there are new routers and devices that only support WPA2; worse, there's folks that buy routers that only support WPA2. On things like routers, if it does not support WPA3, it drops off the consideration almost immediately.. One specific area that is weird like this - is some travel routers that don't support WPA3..
I first read about the WPA2 vulnerability when I was studying for Security+. I always wanted to find out about this in detail, and you've explained it perfectly. Thanks for the information.
love some david bombel wife security hacking always intresting.
Thank you! I hope you enjoy the video and learn something 😀
@@davidbombalmy wife always secures me in place....😅 [play on the typo]
One little project i made was a d1 mini that detects deauthentication attacks by spacehuhn it lights up when more than 5 connections happen in short time, also useful because it detects if a device is having problems connecting to the wifi
welcome Back with hands-on practice,
I build my own wifi pineapple but this part is the awkward thing. I don't have a good GPU. Thank you David
Heck yeah, well done.
Brilliant. I love your content.
Thanks for a great video David! Your videos are an inspiration to us :) Looking forwarded to seeing more great content 🚀
Yeah the more I learned, the more I started to make it harder to be hacked, the problem has always been other companies not keeping our data safe.
I love the way he says the word "here"
Sound like he's sayin Hee-Yah😂
Bruteforcing needs a huge pwd library. The only thing is to create a dynamic library with python using a fifo method to get a limited used space on disk. As a pwd is used, it's deleted and a new one is created. I have not be succeful to create such a library. So if there is someone really good with python, please share your idea.
i've been looking into this idea too, i'm working on something atm
Just bought the alpha adapter ,now I'm going to try this on my wifi
Thanks for this video! Great content
As i said in other your video about WiFi cracking! Probably you can do this in America but, in Europe, every router come with a very very strong WiFi default password (more than 32 random characters, capital and not, numbers and somethimes simbols) that is impossibile to crack.
Most of the users do not change this password (maybe we are lazy and in this case is a "plus" 😂) .
Some (very few) WiFi password can be retrived because are associate with certain SSID but nowadays, at least where am i, WiFi cracking is nearly impossible .
You could try via fake AP but noone falls in it.
Unfortunately people do change the passwords to make them easier to share. And people do unfortunately still connect to evil twin rogue points. Recent example of someone using a Hak5 pineapple: www.techradar.com/pro/security/man-arrested-for-setting-up-fake-flight-wi-fi-to-steal-fellow-passenger-details
Its crazy how many people does not care about any security. I recently bought several used electronics. There is still data from the previous user, Like the Name of the WiFi Network and passwords. I found also very private information.
A pervert or a child Predator could easily Take Advantage, criminals with finacial interest too.
youve got ur whole name as your username ur not any better
@@zakg60 David Bombal also 😊
I would love to go high bands and WPA3 only, but sadly so many client devices are kept at obsolete standards, all my IoT smart devices are 2.4 ghz only for starters, which is really annoying as thats the only reason I listen on 2.4ghz, and my xbox series S does not properly support WPA3, and I even have to disable 802.11w on WPA2 as it doesnt support it. So I have to use mixed mode and use WPA2 with some security features off for the Xbox.
I feel there needs to be some kind of regulatory practice to ensure client devices meet modern security standards. Seems to really only that mobile phones are keeping up.
Final note all the client devices I use, do have a type of firmware update feature, so it is within the vendor's power to keep them up to date. I do what I can though, my wifi is locked into a walled garden, cannot access my main LAN and has limited internet access.
It blows my mind how slow manufacturers are on new security implementations, if you buy a car and a fault is found in it it's recalled, why should it be any different with technology?
13:25 “and look that took seconds” my cf-30 taking 30 minutes to crack “gggggggg” crying in the corner…😭
I thought that I'd be the first person to comment on this video...but damn my lights gone off and my wifi router turned off....😓😞
😂
😅
What was your comment?😅
9:44 one mistake I made but learnt how to fix was that I wasn't specifying the channel in the airodump-ng window, only the bssid, meaning my network adapter was switching between channels and therefore I couldn't specify the right channel for the aireplay-ng attack in the other window
I was so confused until I found out why
I'm curious if the attack would work on network set to mixed WPA2/WPA3 encryption mode.
Mixed mode will drop back to WPA2 if that's the only way to get a connection so, yes it should work if you're using a bad password and some client devices that use WPA2.
Will the ALFA AWUS036AXML (MT7921AUN) function properly on Kali Linux 2024.2 with linux-headers-6.8.11-amd64?
Hey David nice video in a nice timing for me as I was studying about this
I have tried a lot of these tools like aircrack-ng bettercap wifite airgeddon etc.
I was wondering, what about the PMKID attack?
thank you this is the best channel on YT i have learned alot since 2019
Probabilities are high there is an error on slide 11. BSSID is access point and station is client. This is however obvious from the lecture as well as from the other slides and other sources too. So please review the lecture proper too in parallel with this "field manual". Anyways, this is good reading while I set up my own lab in order to get higher rise over run on my learning curve. Boosting that rise over run, for me it's more productive to study the airodump-ng generated csv-file with spreadsheet software. And last, but not least the man-pages of the airodump-ng are really worth reviewing. Now, continuing on page 12 onwards. BR JKi
After this top video, maybe a video about radius service?
Can’t see anything when I filter EAPOL in wire shark. Captured my WPA handshake but no EAPOL
Thanks david this is what i was waiting for
Enterprise would be an interesting next video
when i want a free proxy all i usually need to do is scan for wps-enabled networks and try to crack those. usually takes minutes to find a working one which is shockingly quick for 2024.
Use old smart phones that you don't need, to build a REAL endpoints for private hacking!
Sounds good but the hardware is linked back to YOU if you've ever used it personally. The IMEI is linked to to the email like Google for example and is stored remotely with any or all carriers. Use a raspberry pi instead or a device that has NEVER been used with your account or personal information including location or within range of your personal wifi.
@@TheTubejunky Hmm🤨🤔
Best thing I got from the video............VMware Workstation Pro for free !!!!!
haha, only Joking Dave, but really glad you mentioned it.
"It's better to use the Evil Twin instead of waiting 2,000 years. Lol. Will there be a video, please? 🙏"
Awesome video! It's always interesting to see how professional works.
Living in a country where it's rare people actually change any WiFi passwords from standard router passwords so unless there's wordlists that have standard WiFi router passwords this rock you dictionary is useless, unless people change a standard password to a word in rockyou (much weaker than standard router password)
Legend😊 Is there a lot changing in the CCNA in August 😊
I got a little confused at the WPA3 section, when you said wireshark failed to crack the password.
From what I understood, wireshark doesn't crack the password, it just obtains the encrypted key, and then you use other software to crack the password?
My question is, did wireshark get the encrypted key for the WPA3 network, in the WPA Key data, but it is using an encryption algorithm that is too hard to crack (yet), or there is more to it?
I would imagine it isn't too hard to get the data, but it is being able to crack the data that is the problem, or the time/resource consuming part of it.
Thank you for the lesson
Great video. Thanks
Excelente video y gracias por compartir a la comunidad, ahora una pregunta, kali ya tiene herramientas para atacar obviamente de modo educativo a redes WPA3 en frecuencias de 5ghz y 6ghz? Desde ya muchas gracias y esperamos el tutorial de las mismas. 😂
Up!
Very well done this video
What's the advantage of using a VM versus a live USB?
Sir...great learning experience....but which adaptor best for other work password cracker.. kindly share and make a learn video on fake msg indicating or sender information about 🙏
damn my neighbor stood no chance
Wow Airmon-ng is still being used over 10 years on.. what is the range of 5GHz networks these days? I preferred to use them because of the limited range so limited exposure 2 decades ago.
5GHz has shitty range especially not good with walls buildings etc.
Well... what do ppl use these days then? Care to share >.>
Airmon-ng scans 5GHz similar to 2.4.
airmon-ng --band a
You crack it so easily, but wondering if there was a much harder pasword, let say 20+ digits with lower and upper letters, sigs and numbers, will you still be able to crack it?
Anything is crackable if you have the password in the password list and/or a few quintillion years to spare.
There’s a few charts around that detail it. Image search will bring them up. Of course it all depends on what hardware you’re using. Quantum machines will reduce that time significantly - a few extra GPU’s might shave off a few million years at most.
I've cracked bad wifi passwords on a 2008 Dell laptop without GPU support in seconds. I then used hashcat with GPU support to crack some other somewhat more complex passwords within a few hours. I have a wifi password that is 20 random characters and tried to crack it with hashcat using all the wordlists available to me, then via brute force which quickly told me that it would take some thousands of years to work through that character space. I didn't bother letting that one run.
if it is vulnerable with wifite you can find it in any length
He taught how to skim cards now hacking Wi-Fi 😂 😅FBI watching
STP Question : Hi David, Is the path cost added at the receiving interface or the forwarding interface?
Another nethunter video on how to compile a custom kernel for a OnePlus 7
This man is WONDERFUL ❤
My dear teacher, when I did the work, the password was not in the password file when I attacked a network with WPA2 protection type, knowing that the handshake came out
The handshake only gives you the password hash. You then need to use other means to crack the hash, which is what hashcat and the wordlists he was using are meant to do. There's never a guarantee that the hash cracking will work. You may need additional information and heavy hardware resources to have a good chance of cracking anything that is not a silly, simple password.
I got the WPA handshake but when I used witeshark to filter “EAPOL” nothing came up
Hi Mr Bombai, what can you tell me about the AWUS036ACS? According to its description on Amazon, it supports dual-band frequencies of 2.4 GHz and 5 GHz
I know a lot of friends and family that just leave the password as whatever default password the router came with. This is usually a random string of letters and numbers. Is this potentially at risk from bruteforce methods?
when i click on the thumbnail it mistakenly click on the paid sponsor I had to search for your video to watch it
WPA 3 is not a guarantee. thx for information sir
❤
Hi David, does the Alfa WUS036AXML support monitor mode? On the Amazon reviews someone said it didn't.
Great video!
Need a video about gsm or cell towers
Will these adapters work on a kali Linux vm on a Mac laptop ? Or must be a windows laptop ?
I really wanted all the knowledge of hacking....wanted someone to be my mentor and share the knowledge he knows....still dont know the road map😢
Hello, can you make a video about TX power upgrade?
Pls try with some security and hard password with common password list that make sense to us
Next Great video. Thank you.
I want to start ethical hacking, but I’m unsure which operating system to use. I know I want to use Kali Linux, but I often hear that Ubuntu is recommended because it's more stable and easier to use. Some suggest running Kali Linux on top of Ubuntu, either in a virtual machine, dual booting, using Katoolin, or even using a USB live boot with Kali Linux. My main interest is Wi-Fi hacking, and I’ve heard that not all functionalities are available when using Kali Linux in a virtual machine. Could you please advise me on the best way to start and which operating system or combination I should use? I don’t want to be limited when it comes to functionality especially with the wifi-hacking
Start with Kali Linux or Parrot OS. on a live usb with persistence mode. Then after a while when you know how Linux works (system and terminal), you can install Ubuntu and weaponize it with your favorite tools or install other Linux based OS. Anyway do not limit yourself to operating systems, you need to familiarize yourself with all systems.
Thanks for the info David, I will update my password after this vid :S
Next video social media hacking ?
I always get wlan0 and wlan0mon after changing to monitor mode and cannot find any Wi-Fi around me. my kali is native kali on raspberry pi 5, what could be the possible reason?
My bro David can you make video about how to install backtrack OS and others OS on Android with limbo x86 pc emulator.
Thank you Mr, David -> very informative video. :)
Hey David, can you please make a video on wpa2 enterprise and how to crack them?
WPA2 Enterprise authenticates using a RADIUS server on the backend. You'll need to use an evil twin attack. Look into EAPhammer
4:30 I need the wallpaper plz 🙏🙏
Not all Alfa adapters use good chipsets either. A certain manufacturer of wireless chipsets make terrible wireless drivers.
fern wifi cracker does the same thing like this one right?
i got msg on top right corner "pmkid found" instead of "wpa hanshake",what should i do next
I have laptop with Qualcomm Atheros QCA61x4A wifi adaptor can i crack password using this adaptor
Kali in hyper v having some wife adapter issue ?
I need a wifi router with a on off switch for the wifi. I have an older router that has this, RT-AC68U, are there newer ones that also has this?
Is there a way to make Kali Linux portable on a flash drive and use it on any computer? Please help
How do I know that a certain wifi adapter support monitor mode and packet injection
Wonderful!
why my kali is always freezing
So what happens if the client enters a wrong password? Would it still be captured , or will it continue running until a correct password is entered using any of the tools
WPA 2 enterprise or personal
11:45 Minor Error/Lie… did NOT “decrypt” the WiFi password… it was brute force “cracked” by comparison to a known word list of possible passwords 🧐
Yea that's how password cracking usually goes, you can't "decrypt" it
All you do is get its hash and compare it to other passwords hash and return the matching ones
The trick is being a good wordlist maker as well as a rule/condition maker when using hashcat or hydra