Pwnagotchi - hacking WiFi networks in seconds | Real Experiment
ฝัง
- เผยแพร่เมื่อ 2 มิ.ย. 2024
- 👾 Follow this link to protect yourself from fraudsters: sumsub.com/liveness/
In this video, we'll showcase the power of the Pwnagotchi, cheap wifi hacking device. Witness how cybercriminals can hack your wifi network in seconds just by standing near you and leaving you exposed and vulnerable to identity theft, data breaches, and more.
Depending on the status of the unit, several states and states transitions are configurable and represented on the display as different moods, expressions and sentences. Pwnagotchi speaks many languages, too!
By watching this video, you'll not only gain an in-depth understanding of the Pwnagotchi's capabilities but also learn essential techniques to safeguard your digital life.
#pwnagotchi #hacking #tamagotchi #flipperzero #device #sumsub #wifi
Timecodes:
00:00 Intro
01:10 Assembling Pwnagotchi
03:10 Flipper Zero VS Pwnagotchi
04:23 Experiment: how Pwnagotchi attacks
07:00 Functionality of device
08:27 How to protect yourself?
08:45 Danger of fraudsters having your photos
09:57 Best defence from hackers
Sumsub - empowering compliance and anti-fraud teams to fight money laundering, terrorist financing, and online fraud.
More about us:
sumsub.com
/ sumsubcom
/ sumsubcom
/ admin - วิทยาศาสตร์และเทคโนโลยี
never trust anyone who makes a :3 face
True :3
:3 fr
:3
3:
:3
Amazing. A standard dictionary attack against a WPA handshake. It's truly revolutionary! I'm sure it'll be able to crack 99% of networks out there, especially the ones with non-dictionary passwords generated automatically by ISPs
You get it! I like the idea of this thing, and will definitely be making one just because this seems a lot easier than carrying around, powering up, and running commands on my Pi 2 but the reality is that this doesn't do anything you can't already do with a laptop and a WiFi adapter. I got all excited when I heard "Automatically" but I guess I needed to remind myself that a 16 year brutce force/dictionary attack is still "Automatic" if it runs itself the whole time.......
I wouldn't listen to the opinion of a sir named Dyatlov 😂😂😂
But you're right, dictionary are in most of cases useless in my experience.
Well you need a dictionary that includes the default password lists of your local isps. For example in my area there are 3 major isps and their entire password lists add 600k entries to my dictionary. At least on a laptop that only represents a few minutes of time (I imagine a pi might add 10s of minutes)
@@Matt18001 where I do live we have router provided by the internet provider, with randomized 20 chars pass, made of digits, uppers and lowers, no default lass, so even with brute force, 20 chars would take an eternity, better to go phishing 😉
But using this tool with dictionary on a whole day of walking in a big town can still bring results thanks to the huge quantity of handshakes collected, some may be weak.
No lol the video says ANY wifi network. Seriously this clickbait bullshit has to be stopped
Basically if you want to be safe against this, just like any other piece of software/website/service - have a really secure password. Larger passwords are exponentially harder to crack (as long as they aren't a common password), especially with a combination of symbols, uppercase, lowercase, and numbers.
Or use a LAN.
@@oneproudbrowncoat yeah carry a f wire and box around like a neanderthal
Most people don’t know 😈
Keep educate people but seriously there are 90 tries are successful of 100 times
using WPA3 PMF Enforced network would prevent it from getting the handshake i believe [well at least would help it out]
Does it find and hack wifi that doesn't broadcast its SSID?
so it's just an automated interceptor, we still send the data to a rig which will crack the password using hashcat
Yep, clickbait
you could run the recovered hash against a dictionary in the device. Or do the same thing I used to do and automatically upload them to a server
My neighbors will usually give me their WiFi passwords if I ask nicely
Why would they do that?
@@e1woqf Split the bill. Both get it for half price then. Used to be common until people were scared by the "it could be a P. or a T. using your connection, getting you into trouble.". This is why you should know, and get on with, your neighbours.
Social engineering 👍
Saving GPU power 😂
Another way to protect yourself is to upgrade your wifi to WPA3, which doesn't have the same auth vulnerability with its handshake. Not every little smart device is compatible with it yet of course, but computers are
Does assigning and limiting IP Adddresses help? Maybe some routers can send a notification when a New device is attempting to access the network. A lot of the world does Not have the skill or money to upgrade to the latest tech or Use IP Provided Routers.
@@jbranche8024 Just use a strong password and you are safe against this attack.
Yes unfortunately very few devices even in late 2023 support WPA3.
dont care your pass i loking for backdoor..
@@nin1ten1do So are a lot of people who are smarter than both of us lol
And eventually, one day a backdoor will be found, and a new standard will subsequently be released to replace WPA3 when that happens just like with how WPA3 is replacing WPA2
Came across this channel in one of your shorts, and began watching your full length videos - really liking the presentation and the content - you have yourself a new sub here.
Welcome aboard! Check out the new one about QR codes * , *
while whitelisting MAC addresses is helpful and a good step, a fair few devices can spoof any MAC address they want (Hell, my home sever here has that option for both it's adapters in regular desktop Linux, Mint to be precise).
As an aside, a hacking tool has no business being that cute.
Two connected network devices can Not have the same Mac address from my understanding. Both devices would receive some but probably not all data. The device would not function properly. This would Alert the network normal users at homes. I like increasing password length and adding special characters as AI and advances in computing make it possible to Crack shorter passwords or passwords not using special characters.
@jbranche8024 they cannot, no. But an attacker need only wait for said device to disconnect, or kick it off the net first
ah yes you're the guy recommending to do something that nobody does because its trivial
@BangBangBang. pretty sure that IS done because of how trivial it is.
How often I'm not sure, but settling up a whitelist still is the security equivalent of using a $5 chain lock on your front door.
@@DFX2KX Exactly, his "logic" is very "special".
Trivial things like this are just automatically done by most scripts. Getting a list of allowed mac adresses is standard procedure just in case there is a white list.
Precisely because it is so trivial you just exclude this potential source of problems. Diagnosing randomly refused or dropped connections is way more of a hassle then just doing stuff like this from the start. There is no downside to just doing this every time if there are any devices online.
The quality, is mind blowing! thank you for all who work hard to get this result, and keep it up, the content is very interesting.
Thank you very much! We appreciate it
very nice video, I enjoyed watching it entirely
I'd recommend the Raspberry pi zero wh. Thats the model with pins already soldered onto the board like shown in the video
First of all you did not create it and it is not new... Those exist for a long time...
Second of all it just works for wpa (an already old and vulnerable protocol...) Which no one should use anyways...
.
And third of all it just catches hashes No passwords...
To get a password from a hash youll essentially need to brute force try all password... And hope youll find the right one ... So more of an gimmick than a useful tool to hack wifi routers...
fourth of all no body cares
Your literally making stuff up.
Pwnagotchi was released when wpa2 was rhe standard, and it still is the standard.
@@user-xh2ms3nc5r if that is the case then I was wrong, my bad...
Brute force?? Try hashcat
@@TonySmith-zq2hx to my knowledge even hashcat brut-forces to some extent... Sure you can optimize around the human psychology, or commonly used passwords but the rest is brute force...
Bc hash-fcn are ment to be one way fcn. (Easy in one way. More or less impossible in the other direction.)
Just found and subscribed to your channel, I love the formal white gloves. 😆
It's cute, simple and cheap, just wow! And than a very nice video fully explaining how the product is made and how to use it, just AMAZING!! Definitely gonna check out the product!! :3
Thanks man! Appreciate your opinion
Where to buy it
@@LEGENDS-ex9td It is probably something you can find online, you may not be able to buy it Ready to use, But you can buy all the parts and make one yourself.
Hello sir, My waveshare 2.13 display is not switching on after plugging on rasberry pi zero, any reason?
when a windows user feels like hackerman 😂😂
Exactly as soo as you can see drive C:\ you imitatively know that this will be 'bullshit'.
What is Windoze??? Sounds like an inferior OS that only sheep would use.
@@username-mc7jw found the arch user.
i really like it the way you teach us but not like just sitting on sofa and describing about the cyber crime i like it like this pls keep up like this
Does this work on WPA3? Video only mentions WPA and WPA2. Also, how about WPA2-enterprise, i.e. EAP-TLS? Should work, since "hack any wifi network" would include that.
i think it only work against wpa-psk not wpa3 or EAP-TLS and P-EAP.
This is fun programming/engineering.
This device claims it attacks any wifi hotspot, which is an overclaim. Without even finishing the rest of the video, I can make some guesses. It will work with something like EAP-TLS, and it likely uses WPA2 handshake vulnerability, which is majorly fixed in WPA3.
And After I finish the video my assumption is true. I am usually very careful when I hear it works on anything. 99% of the time, it's a troll.
So it doesnt actually let you hack any wifi. It does what every other wifi hacking method does. It captures the packages and youre STILL relying on bruteforce/dictionary attack on the hashes.
This makes this otherwise cute little tool pretty moot as theres tons of tools out there can you could do this with that would be cheaper to build and smaller.
What would be cheaper?
@@johndoe__8 Its just about capturing the handshakes. You can get an arduino IDE board for like $10 or so. And a cheap wifi antenna for about the same. The rest is code
The only useful attack you can do with any device labelled "Wi-FI Hacking device" is Wi-FI De-auth/Turning off their wifi.
Sort of, yes, it is the only thing that will just always work with minimal effort. But many people still make severe mistakes in password choice.
But I agree, router defaults have become more sensible during the last 20 years. Doesn't prevent people from changing them to less sensible options.
Not using a weak password and WPA3 bouta ruin this whole man's career.
So I plug this into my wall socket and it takes over NASA right?
I just discovered your channel, and a new video just popped up. Nice!
Welcome! Recommend you watching other experimental videos ;)
Hello! I love your videos! Do you mind listing out all the parts for Pwnagotchi assembly?
Did Dr Schlotky get this working with a zero 2 w yet? What about the waveshare v3?
MAC filter is more of annoyance for legitimate users rather than effective measure against attackers as spoofing a MAC address is rather trivial
Does it do wps pixie dust attacks ik it’s kinda old but you’d be surprised how many people are vulnerable to it
Very Good , will build and conquer the world .🙂
I remember the Tamagotchi days. As I was saying that the other day.
So it's mainly used for Wardriving?
Tx for sharing the gr8 knowledge.
My pleasure!
ive had mine for a few years. Nothing new about any of this. Automated capture >> sort ssid's based on isp provider >> generate custom wordlists per isp type >> free wifi. WPA3 has been shipped with products for a while.... but is never enabled by default. Even though your password may be 12+, if it uses common dictionary words its still a shit password
You don't need the gateway for SSH access to the device if it is on the same subnet, in particular the standard /24 pushed by DHCP on 99% of all home networks.
Just saying, because I am picky. - Great video BTW.
Truth. If you in the network range but still that'd require the target to have an SSH session running ...
mac address spoofing is a thing, I've done it on hotel wifi before. You find mac address of an already connected device, and spoof it. So I don't quite agree with mac address filtering. Also phones nowadays use random mac addresses. The best way to protect against this kind of hack is to use a strong password, the reason this thing works is because of weak wifi passwords. None wants to type a 20+ character password on a printer, but if you want to be safe you should.
No one wants to type a 20 character password, and they shouldn't be doing that anyway. Plopping in a 40 character password is trivial when you use a password manager like Enpass, or any of the dozens of other ones available. I like Enpass because they don't store your database, YOU do. If you're not using a password manager, I can pretty much guarantee you are using the same password on multiple websites... which is a really stupid thing to do.
@@username-mc7jw Something you missed is I mentioned a printer. I guess you never tried entering that password on a printer.
Printer, Fridge, Motor Vehicle (try typing on steering wheel buttons) Many things a password manager doesnt solve but its still better to use one.....@@JamesColeman
@@username-mc7jw and now are the problem - you need to login to the password manager which requires the internet, .... which could be accessed through wifi ...
@@username-mc7jwpassword managers just put all your keys in one box, now I only have to pwn one weak point.
You are a bit behind the curve to be talking shit
Because I use Home Assistant, I am only using giving access to known MAC addresses. Not that I am afraid my password will get cracked, it is best to plan for the worst case. For visitors I my router offers a second WiFi network. It even has a third network for Home Assistant appliances, but two will do because of using the MAC addresses. Hint: I use the MAC addresses to give every appliance a fixed IP via DHCP. I found out the hard way after a router failure appliances were not reconnecting perfectly to H.A. thus having fixed IP's makes live a lot easier.
Assigning static IPs via DHCP is good, but also close down the pool of DHCP addresses available to guests (on a separate VLAN, of course).
@@username-mc7jw I forgot to say so, thank you for adding this!
This is fascinating!!
Interesting!!
What is the 'effective range' of this gadget?
i feel like this is teaching me on how to hack the neighbours wifi, thanks sumsub!
jammers are a great defense so esp32 marauder is a got to choice
This is all well & good except for 2 things…
1. No mention is given to the time it takes to crack passwords.
2. Cracking WiFi passwords for more networks, does NOT reduce the cracking time needed for WiFi passwords in the future.
Btw… my WiFi is password 50+ random characters. Lol. 😈
I'm a bit confused. It surely is too slow to crack anything, even a dictionary would be way too slow. So what is it doing? Only collecting handshakes?
At some point the video talks about online cracking, if this is needed, how would it be connected to the internet? How would it be "safe" to use?
Seems more like a toy than a tool.
Video is misguided. The device just collects unauthorized handshakes which are called IV. You need a lot of them. With that, you would need to run it through a very large dictionary to find the password. Then once found, you can test the password on that network with a wifi device. Ppl watching this and thinking they can just sit next to a wifi network and get in with a click of a button are wrong.
The entire point, make your wifi password hard and long. Set up layers in your network. Different vlans, Mac auth, honeypot for unknown device, etc.
That's because the person making the video doesn't even know what pwnagotchi is.
The point of pwnagotchi was to use hash collection as a means to show the use of machine learning in hacking.
Pwny is running a baby AI that learns and tweaks optimals for the radio environment you expose it to.
It's not pwnagotchis fault that the person making the video didn't even read the most basic explanation of the project by the people that created it.
It should be called "Libergotchi" 😂 with one of those cheesy thin mustaches
Unbelievable! So, if I understand correctly, it doesn't actually give the hacker the Password to the wifi? If not, what good is it then?
It gives hacker password hash, which can be used for getting the password via brute force attack. Basically, that's the only option for hacking WPA2 network (at least, for now), but there's two main issues
1. Any Android or iOS (jailbroken) smartphone can do the same thing, so there's not much point in specific device. Sure, it works automatically on any detected network and it automatically transfers hash files to PC that is used for bruteforcing, but it's not like you can set up any phone to do the same thing.
2. WPA3 networks are protected from this attack, so it isn't of any use for them.
Also, I'd like to add that they say that this device is using AI for password generating, but I'm not sure if AI is making password bruteforcing significantly faster. Moreso, this AI is still used not on device, but on PC that is doing bruteforcing, so it's not like you can't just download its code and use it on any PC with any hash, be it hash that you got from the phone or from the laptop.
Should have named it GetHashGotchi.
@@user-xh3nm8oe2l Thanks!!
@@user-xh3nm8oe2l If I have the latest router, is it WPA3? Thanks again.
good explanation. ❤
Thank you :)
@10:11 - NOT true anymore. Many devices nowadays use a random MAC to connect by default (unless turned off). This is done for privacy, but also breaks things like static DHCP and knowing if a "new" MAC is an intruder, or just a random one from an existing device. Of course, anyone could just clone a valid device's MAC and use it to hide.. making the security advice given almost useless.
this is so cool. but um haha i want the lil bro to make mean faces hahah
From where do I get all those hardwares I need pwnagotchi
so its just a tool for capturing handshakes ?
Amazing, but you can do this also with a raspberry 4 ? right
I've had this program for years and years.
Nice content. Thank you.
Glad you liked it!
Got me onevof those fancy Steamdecks. Is there a way to run it on that instead of a Raspberry pie?
Can you give me the 3D printed model of the drone that you sent on the channel previously?
So if the password is next to hashed also be salted or pepperd it does not work?
Arent wifi passwords also salted?
Also because the real power comes from the software running on the device, not the raspberry it self. Doing most of the work by api web services. Why not run it on a smart phone? A person looking at a smartphone is a lot less suspisious then someone looking to this device.
It's a novelty item that was popular 3 or 4 years ago as a fun DIY project, the idea being you have a (kinda sorta) Tamagotchi toy that's _also_ capturing handshakes. In reality though, sure, you could just use a phone or some other less obvious device.
(and a strong password of 12+ characters, WPA3 etc. all defeat this, it's old news - not to say hash attacks don't still _work_ of course, _plenty_ of bad passwords/WPA2 still out there)
Great video 🙏
Thank you 🙌
Online jungle, that aptly described internet.👍
Pretty much!
how do i make this config.toml file? pls help i have 0 knowledge
I need this for research purposes
Please send a list with all parts...
It does have controls. There's not only txt files but web UI you can connect to via the data port.
He meant as opposed to the flipper, which has got physical buttons through which you can control some aspects of it
@@xTerminatorAndy Well he didn't clarify and didn't mention the web UI either. So.. that's not clear and as I am not psychic I can't tell entirely what he meant, neither can you.
@@MissFoxification true I'm not psychic, but he literally said "UNLIKE THE FLIPPER". So although English is only my 3rd language, I am convinced that I understood the meaning perfectly.
@@xTerminatorAndy Really, got nothing better to do with your life or did you type youtube instead of reddit by mistake because I am not invested in your BS.
@@MissFoxification 2 can play that game. You also got nothing better to do than come and troll me?
So they said it works with WEP and wpa what about WPA-Enterprise or WPA2-Enterprise or WPA3-Enterprise
And if that's the case that it work then maybe the industry needs to look into a different way to do Wi-Fi authentication
Can I use Banana Pi M2 Zero instead of Rpi Zero ?
And will it works at all ?
Thx.
so it's only for WPA?
WEP-encrypted wifi is cracked automatically in 5 minutes with 100% success rate.
Almost all wifi is WPA/WPA2 now.
Yall need to learn how to read
what screen to use??
Its a great tool, hard to believe it was mostly made by one person, too bad the project has been dead for a long while. Also you are making it sound like cracking hashes is cheap/easy, its usually not with strong password requirements ;).
Jayofelonys fork got updated since years,it runs better than the original
The project is far from dead.
Do you people even use Google?
The most recent pwnagotchi disk image was released a few weeks ago.
how do i do such thing with a rpi 4
1:28 Isee that 50% discount to 15.98 and wonder how the raspi zero W after all this time can even be worth that much? With the new raspi zero 2W out the original should be boardering $10 with its 1cpu core. Especially with so many variants out from orangepi mangopi bananapi etc. It would be interesting to see what people do with the super powerful LubanCat Zero W.
EU pricing.
j/k i dunno
Is it just me or dose the voice sound like an AI voice over?
Could be. This voice used to have a real body attached to it in the videos (older videos were fronted by an actual English human) but he/they could've cloned his voice.
I have a bunch throughout Nashville.
MAC-Whitelisting is just an absolute basical protection. Zero trust is mandatory for all clients communicating in your network.
The problem is not a hacker getting into your wifi. The problem starts, when he finds loads of open ports and loose listeners within the network...
Whitelisting is absolutely useless as security lol
So how long will it take to crack a random 63 character WPA2 password?
This just collects hashes ? I was kind of interested at first. There are rooted android phones that can do this without all the extra trouble involved with this gadget.
You missed the entire point.
This isn't a wifi hacking project. It's a machine learning project. The whole point of pwnagotchi is its running a baby AI that learns optimal for wifi hacking according to the radio landscape you expose it to
Very nice video
Thanks!
Fellow ethical hackers and hackers. :3
It’s a little frustrating that it’s 2023, and the pwnagotchi project uses a Raspberry Pi Zero W for the example, and the Wi-Fi actually uses 802.11 b/g/n.
It also is bullshit clickbait. It's just a dictionary brute force attack, same as you can do from your laptop or phone. If you have a decent password there is zero chance this thing does anything.
Do some research pwnagotchi works on pizero2 and the raspberry pi4.
You haven't, or wont "hack" a network in seconds...you will (probably) capture some handshakes that need to be run through something like hashcat...and with modern ssid passwords being so complex you'll be there a long time to crack it. Alarmist vid iym
Seems I'm not that old school at all, I use LAN cables instead of WiFi
i wanted this but the hashes seem hard to crack
this is no different from using wifisher or airmon-ng tools. in the end this "toy" won't crack the password since you need to take the cap file and run it against a massive dictionary to hash the password
to plain text.
Still a cool project though, main benefit is it just runs in the background.
Wifisher is not even remotely similar to this. And the only way it's similar to the aircrack suite is that they're both wifi tools lol.
As notorically usual, old fashion wins again. I stick to cables.
depending on parts, config can be a bitch, but its a fun project and worth the tinkering if you run into any obstacles.
I was waiting for your video for so long, finally your video came.❤❤🎉
I just learned new topics for Hacking
I am not a black hat only white hat ❤😅
;)
...a black hat hacker would say...
I changed my router setting that the SSID
Invisible so for example if a guest come there is no way that he can use the Wi-Fi
Unless I tell him the SSID and the password so that he can enter it manually
That actually doesn't do anything. For example u can open airodump(network monitoring tool) and your network pops up like any other.
Lol
That's not how that works.
micky mouse hands but in real life.🧤🧤
you need mouse ears on the hoodie.
Only problem is it looks like an explosive device
It doesnt actually crack a password though. It just saves a handshake? You would still need to run a brute force or dictionary attack which would make 99% of these handshakes useless. Wps on 2.4ghz is still the easier way.
Dropped packet? Well.. pretty sure it's UPS
what if you hide your router from broadcasting its name?
Haaa.... That's funny. Useless. I might not know your SSID, but I would still know your MAC.
MAC filtering means nothing. Next video - MAC spoofing
Does that work on raspberry pi zero 2
This can't be played message showing
Try again
All those cracked passwords goingto 1 main overlord
Will this crack doip vehicles?
Cute. But the WiFi pineapple did this about 10 years ago. It doesn’t actually hack anything. You still need to crack the hashes which will take a very long time
Buying the storage off of aliexpress is crazyyyy
When was the last time anybody saw a WEP encryption in the wild?
Every single day. Almost all medical networks run on WEP..as well as a lot of ICS.
You made this comment trying to sound smart but all you did was tell us you NEVER scan the local wifi environment without telling us.
@@user-xh2ms3nc5r Oh I'm sorry did I affect sales by pointing out the 'WEP hacking' feature only works on pis-poorly configured wifi access points that are rarer than rocking horse manure.
One of my very favorite emojis. :3
bad guys theme song is amazing