3 Levels of WiFi Hacking
ฝัง
- เผยแพร่เมื่อ 5 ก.พ. 2025
- Get NordVPN 2Y plan + 4 months free here ➼ nordvpn.com/ne... It’s risk-free with Nord’s 30-day money-back guarantee!
WiFi hacking is very much still a thing performed by both white hat and black hat hackers. In this video, NetworkChuck will demonstrate how hackers might hack a wifi network from three different levels or perspectives, a Noob, Hipster and Pro. All of the wireless attacks demonstrated in this video are real and possible. The purpose of this video is NOT to equip an army of skiddies but to educate people on how WiFi hacks occur and what they can do to protect themselves and the networks they run. In this video, NetworkChuck will demonstrate man-in-the-middle attacks, evil twin attacks, arp spoofing, dns spoofing and wifi password cracking.
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by NordVPN
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: ntck.co/Premium
☕☕ COFFEE and MERCH: ntck.co/coffee
Check out my new channel: ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: / discord
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: / networkchuck
Twitter: / networkchuck
Facebook: / networkchuck
Join the Discord server: bit.ly/nc-discord
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com...
Buy a Raspberry Pi: geni.us/aBeqAL
Do you want to know how I draw on the screen?? Go to ntck.co/EpicPen and use code NetworkChuck to get 20% off!!
fast and reliable unifi in the cloud: hostifi.com/?v...
#wifihacking #wirelessattacks #flipperzero
Get NordVPN 2Y plan + 4 months free here ➼ nordvpn.com/networkchuck It’s risk-free with Nord’s 30-day money-back guarantee!
WiFi hacking is very much still a thing performed by both white hat and black hat hackers. In this video, NetworkChuck will demonstrate how hackers might hack a wifi network from three different levels or perspectives, a Noob, Hipster and Pro. All of the wireless attacks demonstrated in this video are real and possible. The purpose of this video is NOT to equip an army of skiddies but to educate people on how WiFi hacks occur and what they can do to protect themselves and the networks they run. In this video, NetworkChuck will demonstrate man-in-the-middle attacks, evil twin attacks, arp spoofing, dns spoofing and wifi password cracking.
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by NordVPN
nordvpn is bad
edit: please don't hack me I love your videos
Hi
by far the smooothest use of a sponsor.
Not mentioning HTTPS once in this video is disingenuous, you know full well the attacks present do not work on 99.9% of modern websites
@@Patrick-wn7id you drank the HTTPS kool-aid 🧃
This video is an ad-in-the-middle attack.
Alfa, Hak5, NordVPN, Alienware, and BearCaveCoffee all real happy right about now
🙂
shiller in the middle
lmfao flipper zero and nord
not funny at all
Nothing shown in the video actually works because the web is 99.9% TLS/https now. And people who care use DoT/DoH which renders DNS attacks useless. Even without those, DNSSec takes care of DNS MiTM. Not a single actual working attack has been demonstrated. Kinda sad, you sound convincing.
Agree
We need comments like this, so people won't be falsely lead on.
I've used everything in this video (responsibly) and it works just fine
Internet outage in 2025
@@samonKBM You sure did, lil Timmy and we're soooo proud of our big boy, growing up so fast to be the neighborhood's biggest 1337 h4xX0r of White Hat sorcery! No one messes with lil Timmy in this part of town where we'll have you know he remains undefeated and un-pwn't!!!!!!!!!!!111oneone
Dear FBI, I'm here for educational purposes
FBI: We don't care what you say and we are now into everyone who leaves a comment, for any of the videos on this channel.
LOL
@@wheelieblind call the FCC - they could give a F about some bloke and a compromised lan unless they are compelled
then you should be sentenced for learning from kitchen advertise.
Dear FBI please don’t kick down my door. Oh wait I’m not in the USA oh well guess you can’t do anything lol
Wait wait wait …
This is NOT TRUE.
You are saying: “the pro hacker can make a copy of the website without you knowing he is in the middle, you need to buy nord VPN”
But the reality is VERY DIFFERENT than what you make it seem, it is more like: “your browser will detect it as an obvious TLS certificate mismatch and will shout at you in red colors”
Can we stop pretending that it is the year 2000 ? What important website does not use HTTPS ?
Don't let facts get in the way of an ad segment. NordVPN know this... as do the rest. Fine in 2001, virtually useless in 2024.
Mate this is for regualr folks. You talk like that to the users i deal with and its like speaking mandarin. 😂 sure they might see (this website is not secured) but they dont give a fuck. They dont know, are not smart enough.
@@diegoe.4639 i get it, I guess my point is, if we need to get one learning from the video, I would rather read « do not bypass ‘website not secure’ warnings, especially on a public WiFi » than « be scared, spend a monthly fee on my sponsor and feel secured »
@@diegoe.4639really? In my experiences, normal people will see that message and not go through with it because it's unusual.
@@diegoe.4639 Still, he has a point. If you surf the web on some public wifi and start seeing a bunch of 'red flag' warnings (Chrome is an example, that will shout 'unsafe web site'), the only thing the 'regular folks' need to know is 'STOP, do NOT continue... wait until you get home'.
Pro hackers don't go into coffee shops because the interacting with people is scary. Plus, you can use the Wi-Fi pineapple from the parking lot. The pro hacker makes a clone of the network and how it works, sits back, and collects packets. Plus, making a splash page when someone connects still means you are giving out your data even with your VPN on.
because interacting with people is scary just killed me xd, sorry for my ignorance but what is a packet, what's a wifi pineapple, what's a splash page? I'm kinda new to hacking
@@SakuyaSaki Packet: A small piece of data sent over the internet. Think of it like a digital envelope carrying information from one place to another.
Wi-Fi Pineapple: A device that hackers use to create a fake Wi-Fi network. When you connect to it, the hacker can see what you do online.
Splash Page: A web page you see when you first connect to some Wi-Fi networks, asking you to log in or agree to terms. Hackers can make fake ones to trick you. you might have seen this in trains and public places with open wifi
@@SakuyaSaki+
The VPN is blocked due to the splash page coming past the encryption?
@@SakuyaSakiHello holy beauty
So I just watched a 22 min long NordVPN advertisement… okay.
If more ads were like this, I wouldn't mind them so much. lol
Yeah.. just use your own router to setup a vpn, free and no company involved you need to trust!
@@hahhahahahha Well… basically who owns the endpoints, owns your data as well.
@@andrasbradacs6016 yes, so that's why I said better own it yourself
specify a safer DNS or two, use vpn, use vlans, harden Harden HARDNER
Damn I hope Nord paid you well. This is the most effort I have ever seen put into an ad.
No cap
Yea, after seeing this strong force is pushing me to reflash my old esp8266 deauther to spam ssids with "dont use nordvpn" 😀
@@joshfixall7938 as a noob and gen-xer I originally thought "no cap" was referring to no cap on the amount of money Nord is paying out. after a quick google search i learned it means no lie, not being deceitful from not capping one’s teeth with gold. in the future i’ll just hover over the word and it will tell me its origin.
this is like 99% a ad no cap
Extremely well, dude just casually skip the fact that wifi has its own password and encryption for promoting Nord vpn
this was a 22 minute advertisement for Nord vpn
No that only stops man in the middle attacks. You need endpoint protection
yeah... oh also he forgot to mention that your internet traffic is most definitely encrypted so most of the attacks here dont work anyways
this happened to me i feel much better now tho
...and the WiFi Pineapple...lol
If I had 6 daughters you bet I'd advertise for 22 minutes
Thanks for sharing your expertise so concisely and eloquently! Take care and all the best! 🙏
He doesn't need your money, and he doesn't care he didn't replay u in comment
I Graduated high school in Mesquite, Tx small world. and I been to that exact coffee shop.
Me too. But im from south texas.
All of the techniques mentioned are not issues anymore. HTTPS HSTS exists and browsers have preloaded lists that prevent man in the middle attacks on laptops and smartphones. All (new) apps require HTTPS and most have certificate pinning enabled, so impossible to grab traffic. Encrypted DNS is also becoming the standard with DoH and DoT options in most devices.
my thoughts the whole time, 99% of traffic is gonna be HTTPS in the first place
Still very cool content. A good start to undertand some technique. I am sure it makes you more scared once you think about the posseblility to crack decription on the fly.. what might be a thing in the future.
Https can be hacked. Https does not stop an evil twin.
Https only encrypts the data between you and the website. It can be broken.
I'm still making a Pwnagotchi this weekend.
there arent any more hacking techniques that really work
Nice video. But it's obvious that any information regarding SSL/TLS och certificates were intentionally left out to make the attacks seem more serious than they really are, which ultimately favors your sponsor.
This means that visiting sites with SSL/TLS with a man in the middle, the attacker can see DNS requests, but any communication between parties are encrypted after the TLS session is set up.
Also, if an attack present you with a bad website, your user-agent/web browser will by default present you eith a certificate error.
Can depend how clueless the person having their traffic diverted is, the person doing the man in the middle could do something to get the user to click on a special page to install a custom certificate from the attackers machine and set it as trusted source, that way the attacker can then decrypt the incoming pages and re-encrypt the traffic with their custom certificate, the certificate being trusted on the end users device means that they wont see any errors and the attacker can then see all the data in the encrypted pages. This get used already in corporate/education environments where they have a web filter and want to inspect says a users search traffic for words/terms that they want to block (Proxies, adult content, etc.) and they only way to do this is via HTTPS decrypt and inspect.
@@MrTwoZZT what's the point? if they can get the user to install something on the machine, they can pull out information even if they have a VPN anyway.
@@MrTwoZZT More likely, I think, they'll just use their MitM/access to the same network segment to do ARP or DNS attacks, and send them to a cloned site. No warning that way if done properly, and they bought a cert (or used Let's Encrypt) for their own site that's just a clone.
sslstrip
It seems according to your video the pro-hacker uses pre-built tools and executes pre-built scripts. He sounds like a script-kiddie to me. What makes him differ from a noob is, that he has the budget to buy this expensive tools. I think the noob is the even better hacker, since he has to do everything for himself and has more insights into his commands and tools.
Using tools like the Flipper Zero and the Pineapple does not make you automatically a Pro.
It's the degree to which you have control
Pineapple can be made very cheaply, but most of the vid is methods that don't work or that he pretended to execute but actually didn't.
VPN companies figured out how to get people to literally pay them to take their data. Pretty baller.
Next dude I see at a coffee shop, using a pineapple, or alpha is getting a tall cinnamon chocolate mocha-chai dumped on his keyboard.
Or use tea with salt sprinkled into it to make a short-circuit. And add sugar for stickiness.
lol :)
Ask if he'd like a homemade chocolate cupcakes, made of chocolate X-Lax
As others have mentioned, You seem to be ignoring the role tls and certificates plays in stopping these sorts of basic attacks. Its kind of a serious ommition.
The point of the video is not to be informative but to sell and be entertaining.
yeah, also known as "mislead" and "lie"@@Qornv
No shit
@@Qornvthat’s completely inaccurate. It’s to bait the wannabe hackers, mostly teens, entice them to purchase the equipment and watch more of his videos to understand more. It’s called bullshit not entertainment.
@@jmax8692 can u teach me or tell me where to learn it
What if I pretend to be a NordVPN Server?
Bro mind be minding
Would love to see you tricking a dns provider
Then you become a sponsorship of 2020
@@abdelbakiberkati Tricking a DNS is easy if you are man in the middle. You simply don't have to reroute the traffic back through the router as it was, you can switch around certain key addresses kind of like with a hosts file. No need to trick a DNS at all.
The problem lies with encryption. If the encryption keys (which you don't have) don't match, the VPN app will throw a hissy fit. As such we have to rely on the next best thing. You route the data as usual however when the target tries to connect to a VPN, you can simply time out the traffic. The target may think their VPN is down, or not responding or blocked by an ISP or thousands of other things. Meanwhile - chances are they are not going to give up Internet browsing and simply temporarily stop using their VPN.
@@Telhias thats new for me thanks for the lesson! But i guess « pretending to be a NordVPN server » requires tricking the global DNS registrars not one victim
You know it's really important that when you are doing something in the terminal and you are teaching someone how to use all these tools, you explain the code briefly before you hit enter. The best video I ever saw the guy could speak clearly and he also broke down the arguments and commands before he moved on. Don't hit enter right away when you are making these videos. That's how you get from being a noob to a pro.
this channel is an underrated ad, but the comment section (community) is practically helpful to clarify some misleading content 👍🏼
Bear Cave Coffee receiving the most no. of attacks as a coffe shop at one time 🤣🤣🤣
This is the longest NordVPN ad I have ever seen.... JK, great content, very informative and funny. NordVPN has some big privacy concerns, though.
Thanks for saving me the time. NEXT!
I am networkchuck fun😊😊😊
wait a second, this is just a NordVPN ad
😂😂😂😂😂
But isn't all of that a little useless because everything is encrypted these days even without a VPN?
Mostly yes
Indeed. man in the middle attacks wont yield much. DNS spoofing is still a threat. Though your web browser should start complaining that the website it reached isn't the website on the certificate.
@@joshuapettus6973 Most browsers have DNS over TLS enabled by default as well now anyways
@@joshuapettus6973 I'm disappointed he didn't mention that if you get connected to a cloned webpage via DNS spoofing, your browser will tell you your connection is not secure.
Its an add. Lazy noobs will get scared and get nordvpn
When setting up my wifi password, I literally had my cat walk across my keyboard to create a password.
btw beard is rocking....love from INDIA🕉
This is the thing that I've never understood how people allowed into the wifi standard. Instead of walking into a room and listening to everyone say their own name and then figuring out if you know any of those people, wifi protocol says you should walk into a room and then shout the name of everyone you know asking "are you here"?
It's totally backwards
Bro networking is always and will be easy target, who made it is dump
Hi sir I m Bhola Suryavanshi and I am from India And i watch your all videos that is very helpful to us and thanks for info. on the Technical system
one of the best add I ever seen here on YT ;-) great vids bud
I find it hilarious how you depict the hipster. The hipster just casually moves the merchandise to hide his Flipper Zero with the Wi-Fi dev board, then moves the merchandise back, and then acts like nothing happened. The hipster hacker could just hide his Flipper Zero in his backpack.
Best nord vpn marketing strategy ever 😂
It was good until you started flogging Nord VPN.
At least he's not Flogging Molly
Brother's gotta eat.
@@mattpujol4787 we aren't going to pretend he doesn't have enough to eat. If you say he wants to make more money, that's fair. But you ain't gonna say he is so poor he needs sponsorship money to feed himself
It is not true that using public WiFi is unsafe. Such eavesdropping was possible 10 years ago, not in 2024. You forgot about a very important thing, namely SSL certificates, which can no longer be eavesdropped or forged. However, you forgot to mention that.
I understand, though, that the purpose of the video was to highlight the dangers of public networks to encourage the purchase of a VPN service.
also HTTPS made public Wifi safe for 98% times that you are on public Wifi
@@tcbobb1613 the certificates I wrote about are https my friend. I wonder how you calculated this 98% :)
Was looking for this comment
This is one big NordVPN commercial.
Why connect to a "Man in the middle" hacker when you can pay NordVPN( or any other VPN you don't manage your self like Surfshark etc) to provide the same service......Let's just trust Nord/Xvpn is honest.... Shame Chuck! Shame!
th-cam.com/video/pp-INfssWBo/w-d-xo.html
literally hit the pause button to go make some espresso first. your a gangster.
Social engineering is so much more terrifying. I'd ask the people in the coffee shop that their credit card is at risk and they need to enter it in so I can reference whether it's compromised or not
Yes but VPN is Man In The Middle between me and the site I am visiting.
That’s right.
You basically man in the middle yourself
Setup your own vpn in your home router :)
wireguard works just fine from your home router. All this nord vpn stuff is just an ad.. though, it's a safe way to do it.
But won't your connection be in clear after it leaves your router home vpn? I dont get it
When he specifies Nord VPN, instead of just saying use a trusted VPN, that tells you everything you need to know, this way of advertising is bad, just do an ad segment
This is the best sponsor video i've seen.
I am now officially scared of pineapples
your ISP does the mitm attach by design. using vpn also stops them snooping.
Correction, the pro hacker wouldn't even leave his car to enter the business. No need to show up on the security cameras.
Dare I say they don't have to leave their house?
Why using airodump, or hcxdumptool, its obsolete, just use bettercap with auto PMKID fakeauth clientless attack.
Collecing WPA handshakes is old, and not productive. Everyone uses 5ghz and deauth attack doesn't work there.
Aircrack is also obsolete, because there is hashcat, which can utilize gpu to increase performance a lot.
Not legal advice 😂😉
This is one of the only video that can convince someone to get a VPN because he's actually showing what the hacker can do
dont, this is all non-issues with modern browsers
Ok, hacker can do a man-in-the middle attack either ARP spoofing or faking entire Wi-Fi network. What's next? Monitoring which servers users connects? Hoping the user will try to use some unencrypted service like HTTP (without "S") website?
VPN is a good thing, but SSL do its job as well, so any of the attacks mentioned in video will not make any visible profit.
you make every subject you touch interesting and engaging!
So basically the only difference between *Noob* / *Hipster* / *Pro* is the budget they have, nice lol
My thought also!
Apparently the Noob knowing how to do this on the commandline is worse than the Hipster/Pro that use premade tools.........
Great video as always Chuck. I do use NordVPN but sometimes when I am travel and I am in hotels or even some airports using their wifi I am unable to connect to the internet if VPN is on. Any solution? Thank you so much
Good question. I’d like to know the answer too.
dont use a bad vpn, use mullvad, a foss vpn
Likely, your best recourse would be to have your own private internet connection and be willing to use that instead; like tethering off your smartphone. This is indeed the BEST approach to such restrictive free wifi networks.
But there is a looming question that comes to mind: After you start accessing the internet, is then is the VPN connection still blocked ?
I don't use NordVPN, but Surfshark; it allows both openvpn and wireguard protocols; so trying another protocol might work; for example, I have 4 options with Surfshark; "automatic", OpenVPN using TCP, OpenVPN using UDP, and Wireguard. If I could not get thru using one of those other protocols, I'd resort to tethered internet from my smartphone!!!
Am considering one of the gl.inet Spitz or Spitz AX router with a sim card from a prepaid plan for internet access; currently I have found that the Beryl AX router receives wifi better than my smartphone does, and use one of those to repeat wifi ( and it can handle the vpn as well for all connected devices ). . In the end, I'd resort to using a USB cable and tether my phone up to my computer instead. At a hotel, I might try the Beryl AX to connect to another free wifi and go from there if it works. It does receive signals better than my phone or laptop does; so there is that. Am considering this Spitz AX router simply because I am planning on becoming a professional vacationer soon..
Switch from TCP to UDP
Very interesting speaker, super advanced tempo control, I can finally watch these videos without being bored to death!! Thanks NetworkChuck!
I'm bored to death and confused what I'm missing.
I just watched a 22 minute commercial and I'm not mad!
The only nordvpn ads on youtube that actually encapsulate why you should have a vpn.
Why is it I hear "experts" say that a VPN is either completely useless or a must have for anyone?
Experts saying VPN is useless are those who recognize that most people are using only HTTPS these days, so a VPN adds little extra. Experts saying VPN is a must have are sponsored by a VPN company.
Well that's because most people don't do stuff that begs the FBI to raid them so VPN isn't really necessary it's only when you need to
1) watch content that's not available in your area or
2) Bypass a firewall
Apart from that a VPN isn't really needed too much or else i might be forgetting some use case.
At the top level VPNs aren't used because if you are really doing something BIG then whoever you are up against has enough tech to bypass a VPN and still trace you out. So simply put
1) For beginners VPN is useless coz you aren't really going to use it for such an advanced shit
2) For higher levels you are gonna be traced out anyways so forget it.
It depends of the context, a VPN is useful if you want to reach some services in your entreprise or your home network. But the VPN as most people understand it now as NordVPN and etc are almost useless except if you want to emulate your localization to reach some services filtered by countries for examples. All security arguments are quite bullshit (it's quite uncommon to have services running on HTTP and not HTTPS) as better privacy too (lot of these companies are suspected to sell private data and IP addresses are not needed anymore to track users since a long time).
Because 99.5% of websites nowadays are already HTTPS encrypted (minus the IP/location). If the NordVPN server gets hacked, then they got all you traffic remotely without even having to be near you with a WiFi spoofer.
I rather spread out my traffic over multiple HTTPS encrypted websites, than getting all my info siphoned off from a central VPN server by hackers of government. Simple as that.
This is my second bullrun, and I must say he’s speaking all facts. Influencer get rich off of paid shills and courses not from their portfolio. Don’t be the exit liquidity
I laughed so hard when the 'Noob" pointed the antennas at his target like it was a dowsing rod!
I've always insisted to my friends and family that they need to turn off the WiFi on their phone when they leave the house because of the twin attack.
Honestly, with how fast and energy-efficient cell data is these days, as well as the proliferation of unlimited data service, I often don't even turn on WiFi access at the house.
Wifi on a good home internet connection still has a lot of advantages, such as being able to access devices in your local network, often lower latency than mobile and "unlimited" mobile plans not really being unlimited. I'd rather have my traffic run over my own house-wide vpn setup at home than whatever my cell carrier does with it, although it's probably pretty safe there as well
@@game-tea I always use a VPN on my cell, your ISP routes data through the same hubs that cell towers connect to, after all, and I've never had issues with my unlimited plan not being unlimited. Can you explain that last one to me?
Me a decade ago pointing my Yagi Antenna at all my neighbors 🤣
Twin attacks need user interaction when the cloned network has a password.
You cannot spoof the password, because its part of the handshake, proving both parties know it.
Lol, I've also noticed =)
Antenna rods have "blind zones" forward and backward of their axis. So, if you want to minimize signal from/to some target, just point antenna tip on it!
Rick Roll - now that's something I haven't heard in a while!
Safe travels! And many thanks for the continuous great info!
That would be cool to see how to secure routers in those particular situations
Wpa3
Noob on Linux Pro on Windows?
Even though you captured the data with an MITM attack, as almost all websites use SSL (HTTPS) these days, data is still encrypted and unreadable, so the risk is low. Also with the evil twin attack, there will still be an SSL issue as the fake website (e.g. google login) will not have a valid SSL certificate. And as most web browsers warn if the site is not SSL using HTTP (no SSL), this would require the user to ignore any unsecured website warnings from their device. So VPNs do give an extra layer of protection but it is not required, just don't ignore any warning your device gives you about unsecured websites and all should be good. At least this is how i understand this.
Problem is when there are compromised Root CA certs from time to time. It happens from time to time, and would then allow them to MITM SSL with "legitimate" looking certs.
Dawg, Chuck at 0:09 looks friggin terrifying
11:07 nano... what did I saw... 😭😭😭 btw nice video :)
...I just want some free wifi... :\
Bruh
Well unlucky. Pay like everyone else
For my 30 years of life I never paid for internet or anything that is in the internet. You dont have to "hack" most of the time. You can social engineering your neighbours thats the easiest way I find out.
@@SzafkaYT Let me guess - you are female?
16:42 a little detail here: If you point a dipole at a direction like a stick, you are actually pointing in the direction of the blind spot of the radiation pattern. (It's like pointing the handle top of a lantern in the direction you want to read.) Ideally two Dipole Antennas would be parallel vectors, normal to the same plane.
You can spoof the DNS. But how you will fake the certificate of the https?
exactly my question... he didn't go over the fact that it is way more complex and outright impossible to perform an evel twen attack with many websites due to many reasons... this stuff that he explains and puts emphasis not to use for evil intent are so outdated that it wouldnt even work in a modern setting! great and entertaining content as usual though
Woot, if he spoof the DNS he can just serve any website? The certificate is there to stop the man in the middle attacks, to read the data going from computer to server. If the you spoof the server, so the client talks to your server instead, you can basically send any website to the client, right?
@@GALENGODIS No, the browser will reject it because it can't prove its the actual owner of the domain (because it doesn't have a certificate)
@@GALENGODIS yes it can send any website without ssl. Browsers show big warning for the sites that doesn't use ssl so it is still nearly impossible.
when your mom asks you to tell your sister something from the next room.... your a hacker in the making.
5:34 that was the single greatest NordVPN ad ever created
Yeah, no. Just use https-only mode and don't use/forget all unenceyprlted wifi ssids
Yeah, the usual VPN adds ....
Metaspyclub anticipation is building to a fever pitch! 😥
This is the first video I’ve understood about networks.
The only real use I'd like for getting into my neighbor's Wi-Fi is so he doesn't annoy me with his music, I really hate that
I've watched noob vs hipster vs pro, but where are the hackers and God?
Back in the day we went wardriving in the neighbourhood. It's was astounding how many open networks there were. Even corporate...
This somewhere 99-2003
When every other SSID was Linksys and they were all on channel 6. 🤣
Was playing around with an openwrt router recently; discovered that some picked up signals far better than things like my smartphone.. Was sort of surprised to find wifi networks somewhere in the neighborhood that are also - wide open ! That was - in January 2024 !
Doesn't SSL kill MITM attacks?
yes
I'd say it depends. For example on what type of data the attacker is targeting and what kind of control they already have. The legit encrypted traffic will be useless for the attacker. But Chuck also mentioned captive portal or dns hijacking with the fake website. If the attacker uses that with a valid ssl certificate which is trusted by the victim's browser, an oblivious victim might not notice that they are visiting a fake website. For example if they just see the padlock icon and assume it's safe while never verifying the certificate. This is still a type of mitm that can work to steal passwords or other form data. Please correct me if I'm wrong though.
Sure until you connect to a site that isn’t using SSL, and they inject malware into your web traffic giving them remote control over your PC.
@@pablodavico No, it doesn't depend
Captive portal doesn't use https and does not have a domain associated with it
DNS hijacking is completely prevented by https (ssl) because the site cannot prove it is the owner of the domain (because it doesn't have an ssl cert)
The only worthwhile attack showcased in this vid was the captive portal attack
What's one sign you're old? When you still call Wireshark "Ethereal"
Back in the day we didn’t knew how to say that name so we pronounced it “Ethe-Real” 🤣
It's worth noting that most man in the middle dns attacks can be spotted by a site reporting a bad ssl certificate, so don't ignore certificate error warnings.
How woud that MinM attack work with HTTPS, TLS encryption ?
that's best demo for a vpn and a very good ad for nord! good job!!
VPN's very useful before most sites were HTTPS encrypted (5+ years ago). Nowadays it's a waste of double encryption, loss of speed and increase in latency. It's just a bunch of fear mongering, unless you're doing illegal stuff, it's useless.
Holy shit, I’ve had a pineapple since 2017 and I only just now realised why they called it a wifi pineapple 🤦🏼♂️
nah, those monitoring wifi cards on the pro hacker would be in some sort of box that would look like a powerbank for his phone and do all the attacks from his phone or use the flipper. About the wifi passwords cracking there is also an alternative more scarier method, once you have collected a bunch of handshakes from all sorts of different wifi networks and you want to crack them an expensive graphics card or even worse an online service that has such graphics cards is all you need to crack them sick fast. very nice and informative video though.
If you really want an coffee shop WiFi password all you need to just use dictionary attack. Simple
Chuck question my daughter is going for IT. What recommendations can you give her she knows the basics. What steps do you recommend she needs to fallow. Thank you by the way your videos are awesome.
Dude your such a great teacher caught everything on the first try. Liked and subbed
Actually this video is very good for awareness purposes regarding most common attacks. In reality, none if this are actually an issue, because almost all traffic right now is encrypted and what the attacker will see are mostly hashes. However they can get all the information and run it against a password guessing software like Jack the ripper and if the password is less complex or known it can be displayed. Also, even though your browser will notify you regarding a missing SSL certificate if the attacker can create a website with a valid SSL that can be part of a DNS poisoning and essentially steal credentials. Even though the attacks here are mostly obsolete, they can be modified to be actually malicious. Also the noob should be the one with Pineapple, as this device can be bough for $99 and with GUi interface can do everything automatically. The real Pro is the one doing everything manually, as they can create scripts to do it automatically.
What I didn't see in the vid is any mention to https, though
No mention of https/DoH or any other security feature existing, just to shill out and scare people into buying with his affiliate link. most comments making him a hero.. this is sad
My new favorite videos to watch in learning Linux so I can pass the compTia Linux exam this was too cool watching this your good !!
Hey Chuck can we got a video about DOT/DOH ? Is it enough for regular people to overcome man in the middle attacks [ to overcome being listening which websites bob reaching ] ?
Only thing funny for me is, there's a guy named Kevin, who bakes cookies in his KCC, and here's Chuck, who fucking loves coffee...Wow. #GG
3:07 dumb question but can't any arp spoof attacks be prevented with ip and Mac binding turned on in the router settings? I know even ubiquiti has settings like that to help prevent those attacks
I would speculate that there are more coffee shops without IP binding than with. In fact, I would bet that more than half of coffee shops are using the modem/router their ISP provided.
It will be also prevented by many routers default setting, which not allows clients to see each other in the local network.
Nah but those are weak attacks
@@Georgggg that's default on guest networks
@@xDMG15x yeah would say you are right
Why not mention a certificate based authentication for enterprise networks ? It will help against evil twin attacks.
Explicit WRITTEN permission for any red team kind of activity. I've seen people get burned with just a handshake or verbal.
The amount of coffee drinking and hacking in this video go hand in hand 😂😂
Everyone is going to be disappointed when they can’t figure out the password and just give up! 😂😂😂
A self hosted VPN is always better.
It's free, usually faster, and you don't give up your data to some company you know nothing about.
All these attacks not working IRL because of https certificates.
@@DaveTechCAno, you can't decrypt https until you put self-signed certificate into MitM chain.
And here is when its all breaking apart.
Just try it yourself. Try, I beg everyone. Its not hackable.
@@DaveTechCAVPN encryption is also susceptible to such brute forcing.
@@markmuir7338 yep but HUGE difference between 256 and 4096 encryption. Good luck hacking SSH or OpenVPN. Always easiest to hack the people anyway. Been done long before computers. At this 43 years, 6 teaching all over north America. The more I learn the more I realize how little I know. as I tell customers if you had a Massarati would you park it in the worst part of town and leave it a month? Why not has alarms GPS. Right but what if you had a man sitting.on the hood with a loaded gun 24-7. The importance of constantly monitoring logs. When conducting interviews I always ask have you ever been hacked? if answer is no I smile and write entry level in my notes. Everything is hackable and I do mean everything it's not.just a network thing.
HTTPS is an Protocol not an certificates.
You haven't heard of KRACKS attacks?
I love your content and this video was great.
I would think that using a pineapple would be n00b level, since you don't have to know anything or even really configure anything, that's like pay-to-win hacking right there. Setting up an attack manually to the point where you have to mess with getting hardware working on your laptop and compiling your own kernel modules like it's the 90's and you're trying to get your sound working on Debian, is a rather pro pathway.
Hey Chuck, Can you if you have not done it yet a video with detailed presentation of Wireshark and an advanced usage ?
Level 100 Pro. Lease a building, setup a coffee shop. Make sure it has terrible cell coverage. Setup a "special router". It is not an evil twin, it is an only child.
Great video: you make even the mundane sound fun , i love your enthusiasm
No offence but you look like the kind of dude that works in a coffee shop which would serve me a burger with no fries that cost $26 and see no problem with it
if you're victim to man in the middle, and then connect to VPN, or begin a subscription, doesnt the middle man just have a vpn connection now, which they spoof forward to you?
Hilarious, pointing the antenna directly at the victim!! 😂😂😂😂