Hack Hotel, Airplane & Coffee Shop Hotspots for Free Wi-Fi with MAC Spoofing [Tutorial]
ฝัง
- เผยแพร่เมื่อ 3 มี.ค. 2018
- Our Premium Ethical Hacking Bundle Is 90% Off: nulb.app/cwlshop
Use Someone Else's MAC Address to Access Wi-Fi
Full Tutorial: nulb.app/z49om
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
Cyber Weapons Lab, Episode 007
Ever been stuck behind a login portal after connecting to supposedly "open" Wi-Fi? This can happen on airplanes, in hotels or airports, or even at coffee shops that force you to agree to a term of service. In order to get around these distractions, we can simply scan the area for devices that are already connected, and change our MAC address to look like theirs.
This allows us to join the network without seeing the login portal. It's an awesome way to add an IoT device to an open network with a portal, as your device would otherwise get stuck behind the portal.
Tool: github.com/alobbs/macchanger
To learn more, check out the article: nulb.app/z49om
Follow Null Byte on:
Twitter: / nullbyte
Flipboard: flip.it/3.Gf_0
Website: null-byte.com
Vimeo: vimeo.com/channels/nullbyte - วิทยาศาสตร์และเทคโนโลยี
![Haunt a Computer Using SSH [Tutorial]](http://i.ytimg.com/vi/M0eEwqUpKDc/mqdefault.jpg)
I'm watching this video with a spoofed MAC at my local Starbucks.
This guy!
r/madlads
Starborks
lol
does that give you unthrottled speeds and bandwidth?
Man, finally I can disagree to the terms if service
are you sure about that?
Of*
HAHAHA YEEA LMFAO!
@@backinyourcommentsectionag3191 xd
Yeee boi. I tried this and it works
did anyone else laugh at the probe named 'Fucker1'
Yes
Yes
I did this with free bus WiFi on my rooted phone a few times already, works every time
which tool did you use=?
Bro......how did you put your phone in monitor mode? Doesn't the internal adapter on most phones not support monitor mode?
Amarok Raven Welcome, green hat! Andriod-based operating systems are very exploitable. Rooting is common and some people may now it as “jailbreaking”. He’s talking about an Android phone, not apple (unfortunately). Using the terminal on the (rooted) phone and downloading the dependencies and libraries needed, he can use it to execute the scripts like airmon-ng.
Water Shuriken newer phones may support it. Depends on the phone manufacturer I guess.
There are external micro to full USB dongles. Android has amazing driver support for ext wifi card.
You lost. Blinked at 0:57
lol, finally
Ok
Malfunction
🤣😂😅
Impossible
those transition sounds scared the shit outta me
Literally came here for this comment. YES
I shit me pants
Me too lol
You are the man. I don’t have any experience in computers and your giving information that no one else does. You make it so simple, I can even understand. Thanks man!!! 👍👍
You're welcome! We make it for people like you
For those who don't understand how this works it can be a nightmare that someone "sneaks in" to a network potentially under the alias of an unknowing user who is currently connected to that network. This video is amazing and very clearly demonstrated, however, terrifying that my mac address can be spoofed and used for reasons i wouldn't know of. Very informative none the less.
Ali Vora informative yet terrifying is what we aim for!
what can I do with this besides skipping the registration with my email? evil purposes?
Use a spoofed mac while you are using public networks, fight fire with fire.
@@mijailaronalvarezcerrillo21 use temporary emails for registration.
@@YankeeTM instant address from the (gulp) play store is amazing for that.
My old teacher told me it was not possible to change the MAC address (I asked). Now I'm really triggered how bad he was to teach our class.
He was actually right, you cant change the macaddress of your card. You can only clone it.
yeah I agree with Loon. Technically you can't change the PHYSICAL MAC address, you can only spoof it (Telling another system that its different)
Yea
I asked this question too and he said that technically it is possible by cloning it using different tools
It's spoofing of MAC ADDRESS , MAC address you get from Hardware vendors. And IP you get from DNS
you dont clone, you use a software to mask you real MAC with a different one, in this video he is teaching you to clone a MAC address in order to bypass authentication portals.
By the way he says it at the beginning of the video, MAC address are set by the manufacturer and CANNOT be changed.
*goes to Starbucks and sets up everything.
*gets kicked out for a suspicious attempt of hacking Starbucks wifi
Pika pika really?
Bruh
Lol get the router shell. Getting on the network is pretty rough, but it was open. It's not like how NSA gets into your own network.
Must be hard
The manager walks up to you and just says "sir, we need to talk..."
You're doing a great job. Keep them coming!
Alex thank you!
@@NullByteWHT So I have a question. Since you spoofed the mac address, does this mean that whatever you do online is considered done by the person you spoofed? Also, I'm having a little bit of trouble, since my wifi is not wlan0 and it says wifi0. It doesn't let me lose the card either.
By this method I just tried to get connected to security cams of my neighbours and it works
I didn't think of that
How did u do that didnt it ask for authentication too??
lol nice dude thanks for the idea😘
Watch dogs lookin ass
That doesn't work like that, you wish you could 😆
so much effort was put into this
well done, please make more!
Lmao "so much effort"... It's as skiddy as it can possibly get. By the way, it isn't possible to identify operating system of the computer by looking at its mac address.
Very educative, this is what i should have learnt a very long time ago
Superb demonstration, keep up the good work.
I use to use kali years ago finally getting back into it refreshing the commands takes a while but finally getting the hang of it pretty straight forward
You don't need to use sudo if you're already root. Doing this will also probably result in an unreliable connection, as the ARP table in the router will reassociate the MAC with either machine's IP address each time an ARP request gets sent by either computer. Some routers will also recognize this kind of attack and automatically boot duplicated MAC addresses.
is this channel new ? never knew that nullbyte has a channel
Sure is, I started it.
Great... just think in the people watching this on smartphones... can't see what are you typing 😣
@@brianaragon1641 just increase your video quality and you can see it
I am pursuing a degree on computer engineering and your vids are helping a lot. Thanks
thanks for sharing your knowledge and doing a visual representation. I have always learned by trial and error and many times messing up my OS and/or any vital function. I then go a head and restart everything or if my screwup is bad I just reset everything and put a refresh of my OS and start over (very annoying) but I only learn from trial and error. With your step by step videos I learn not just what your doing but the functions of each command is. Thanks....
@Null Byte you mentioned in the video that sharing a MAC address with someone else could cause data collision and can be counted as a DOS attack. What would data collision look like, how would you know if it's occurring and is there a way to change the victim host's MAC once you take it so data collision wouldn't occur? If you couldn't change the victim host's MAC, is there a way to prevent data collision? Finally, if data collision did not occur, then there would be no DOS involved, so wouldn't this technically make it legal since mac spoofing is not illegal? I know it's a lot of questions but I'd love to hear your thoughts on this.
I was wondering the same so I had to recreate the scenario. I have a laptop and a Samsung phone. I first connect the phone, scan for IP address on the network. Second I use a static IP address in my laptop (because if not it will go to the DHCP and it already has an IP address assigned to the phone mac-address). 3.- I clone the phone mac-address to my laptop and connect to the network.
Results: My pc has access to the internet but with Wireshark, I realize that my pc starts getting frames that belong to the phone and after a minute the phone disconnects from the network and it can´t connect again.
I don´t know exactly how it works (I know that the wireless is just behaving as a Hub so, in theory, both clients should be receiving all the frames and discarding the ones that don´t belong to them ). Also, I don´t know why the phone disconnects
@@davidmata3104 The phone disconnects because Bothe of the clients have the same IP which should not happen. mA way to fix it is to set a static IP with the last digit being big and unlikely to already exist like 220
Why sudo when already in root
Its basically a good practice, not necesary, but it save you a few headaches
Here's a better explanation of why it is a good practice: linuxacademy.com/community/posts/show/topic/14349-why-use-sudo-while-logged-in-as-root
because he's making a guide and not everyone will automaticaly be in root... basicaly good guide, good instructions..... bad practice(some are bandwidth based)..
hush.. he's making a tutorial
Ive actually had cases where I was root but still needed to use sudo... very weird i suppose..
Very good and simple way to do it!!!!! Keep it up!
Totally awesome video! I will definitely be subscribing to this!
You, sir, are gangsta. 👍
谢谢 sick bro you just got a subscriber
When I heard MAC address I was like "ooh right! Why didn't I think about that before?"
In German trains we have a data restriction of 100 Megabytes. After that the connection get's very crappy and you can't watch TH-cam or anything else. But when you chance the mac address, then the data connection gets reset and you have a new limit of 100 MB. So you have infinite data volume ;)
mercy, this is so cool !!
Thank you!
You can avoid an IP collision by setting a static IP on the computer with the last number of the IP being big and unlikely to already be connected like 220
good thinking :)
Bro it's my habbit to giggle and laugh when I see something crazy about tech because the I was finding on whole google I always end up to your channel and this again one of them your channel is completely worthy for us and for Learners like us
Just more Kody Gold. Very informative.
what is the name of the wireless adapter that u used here?
It's the AWUS036NHA 802.11 b/g/n Long-Range USB Adapter by Alfa Network. Boy, that's a long product name, but that's what it says on the box. Just search the first bit and it should come up.
7:34 Fucker 1
YhungNiick I only looked at the comments to see if someone else noticed that
Do not write that this is social media people can get triggered or you can teach people the word or just both but don’t write these words. Then you are not thinking about the future of the world of people. You are truly mean to us people
LOLL
@@Pandora-bi9wd this generation basically knows all of them lol
I saw it too.
Hey dude thanks for the vid! Subscribed! Question: Does this also work with airport/airline lounge Wi-Fi? For instances where you need to sign up and pay?
This was one one of the first tings I taught mysel fto automate back in the 2000s everywhere with a simple bash scrip,its a nice beginner level hack,and its kind of fun and satisfying to try spot the guy you kicked off..:P
oh where does the time go:P
Your cut scenes at the end of your videos almost gives me a heart attack. lol at 9:42 in this video. Love ur vids, would be awesome if you would turn the volume down in those transitions tho.
MY HEART
I like how you use sudo while being root
three times in 5 replys im not answering this lame troll any further... "GUIDE" "INSTRUCTIONS"... troll hard....
Old habits die hard
Great video! Do you have kali on virtual machine on that mac, because I’ve had problems with wifi card when using virtual machine?
I love you! Now i can finally go to coffee shops and NOT take over some ones mac address to NOT bypass those stupid traps. I need to turn your tutorials into text instructions so that i can take this with me everywhere.. I have the need to do this maybe once every 4th month so it doesnt really stick in my head...
Sorry i mean NOT do this every 4th month...
Well if we didnt want that "ip collision" to happen couldnt we just not use the routers DHCP server and just configure our ip and set it to Static ?
i think so, but for the purposes of a tutorial its outside the scope of the lesson and every router interface can be different from the demonstration in a video. But i like your thinking. :)
I was wondering how did he avoid an ip conflict? He mentioned it but he never went into detail about how he prevented the router from assigning him the same ip as the one attached to the whitelisted mac address
Wanna ask the same question.
Same question
If he clone MAC there is no ip conflict.
Last day I booted one of the computers of my school with an usb that had a Windows PE boot. Got the wifi code tried to connect but it won't let me. So I looked up the mac of the computers available at the biology class cloned it to my phone but the problem was he had a higher priority. When that computer was on I was kicked out. So i just went on and changed the mac of that PC giving me admin rights. Long story short I couldn't figure a way to circumvent the IP problem but at least I am the only person in the entire school to have the wifi password.
Actually you can not change it is kind of masking MAC address
Other than myself, you're one of the first people i've seen using the Panda Pau.
I like them, the company is nice too.
I love this guy ! Thanks for your videos ! 😊
I can't understand how it works
its like a fake id
Basically your changing a unique identifier that a wifi network detects to one that belongs to someone who has already connected to the captive portal
if you ever played hitman basically it's similar thing, you're wearing a disguise to gain access
@@adamcatley4784 so lemme change my wifi firend who is another countru and take his wifi lol
How can I and the person who's Mac address I cloned be connected to the same network and get internet access at the same time......without worrying about the DoS problem you talked about?
Water Shuriken you deauth them 😂
@@pranavpavanify but deauthing them would kick that Mac out of the white list
kali noob here... first ever tutorial on kali... worked flawlessly now i cant sleep at night thinking about the opportunities.... instant SUB! thank you Null Byte!
Just recently used your tutorial along with an alfa awus036nha to get past the paid captive portal on an Aussie airplane!
Found the location of the starbucks you went to with the BSSID and wigle.net
And that's why we went to a starbucks! I'll buy you a coffee if you stop by.
come to Seattle and I’ll make you one, I work for Starbucks :)
Count on it!
It's a trap, there is no cake ... coffee I mean
FBI!! On your knees! *Points gun* XD
I did not knew there was a youtube channel of null bytes. I've been reading the articles their for a long time and I'm able to understand it, the only thing missing is the external wifi adapter. Can you make an updated list of working wireless adapters that is available in the market? I purchased few but it did not work. Some of the issues I faced is that the hardware on the adapter itself changed for example are the TP-Link TL-WN series, they changed the hardware and only version 2 is available on the market. Version 1 (one with the right hardware specs) has been phased out. Thank you
Seth Enriquez I decided there should be one. Sure! We are working on a review series for network adapters where we try them with common tools. Would that be helpful?
That would be very helpful. I've been waiting for these videos for a long time. You guys taught me a lot specially I just graduated highschool and about to go cyber security for post-secondary. Thanks again :)
What do you like about it?
Null Byte Basically everything, I like the explanations and now the videos which are more helpful because I learn faster by watching instead of reading. The articles on your website is organized and neat also. If your question is what do I like about cybersecurity it would take like 3 pages to fully explain. Hahaha
It was, I anticipated that, but I always like to hear what draws other people to the same thing. And thank you!
Hi and thanks for making these videos accessible! I have a short question; how would I know if my computer is infected with key logger or if something been installed on my computer? I remember a product called DETEKT but it seems not working anymore. Any recommendations?
all your videos are great! thank you
Sound on this video is really low.
We fixed it in other ones, thank you
i am watching this outside on a hacked wifi , hacked with router keygen, on my kali nethunter with kex manager on (desktop enviroment) on the vnc i downloaded virtualbox and ran a android emulator on it, on that emulator i downloaded the youtube app while i ettercap the shit out off the wifi.
hackception
my brain started to hurt from the amounts of inception but i cant help but respect the effort
lol
Awesome video! Thanks for sharing it!
Love the background music
Nice video but actually it doesn't work everytime.. Because some routers when it sees two devices have the same mac it could kick you out not him because it's a new device.. Or kick both of u out during this collision.
Ramez ReZ You mean two different ip but one same MAC address, are you?
Yeah, he's meaning that.
Just run a deauth attack after taking the mac adress from the victim that mas access to it, an u Will be fine
True
Bro nice detailed information video...but sound quality is poor....So plzz enhanced you audio quality and loudness
This worked for me. I couldn’t connect my Linux laptop to the hotel WiFi as I couldn’t get any browser to open the portal. I changed my laptop’s MAC address to that of my iPad, and was then able use my laptop to surf the net.
sitting in a Starbucks at 05:30 in the morning? riiiight.
great tutorial on how to "hack" an open network. real high tech stuff.
next video i suppose you're gonna teach people how to use netbus? or maybe sub7? back orifice?
Kali comes in live USB, it means you can run it without installing it on disk. Maybe he didn't select the right time zone of where he lives. And just for the sake of demonstrating the feasibility he wouldn't bother doing it on an actual Starbucks access point.
Can I somehow protect myself against such attacks? I thought about session cookies but I think that this can be also bypassed
MichalPlays yes. Use wired connections. Using wireless, alone, invites the possibility of this vulnerability.
Why do you always type sudo in all of your videos even though you're logged in as root? sudo tells bash to run the command as root, but if you are already root, which you are, it is unnecesarry.
the fun part is he does not use sudo while trying to install packages... thus this videos looks more it was copied from some random commands on the internet (script-createor?)
Have you ever done something and wondered why you did it when you knew better? If you can't relate you aren't real.
Maybe for those that follow the instructions so it is ensured to work :D
It’s habit
it's a guide not everyone trying out will be in root... seriously... can you think before posting gloatware...
Why channel 11? Am I missing something? Great educational video as always :)
On MacOS and some linux distros that still use ifconfig, you can also change the mac address "sudo ifconfig en0 ether [desired mac address] - I used to do that that to bypass mac address authentication on the wired networks back in school…
which wireless alfa device or network adaptor is compatible with mac os (virtual box with Kali Linux in it). I couldn't connect to the internet in Kali Linux!
@@simirock I am not quite sure… recently I have used openSUSE as my main OS and used Linuxbridge networking in QEMU/KVM. On macOS I only ever used VM Fusion to virtualise other OSs
9:20 CNN lol
Ifhuman eye-lids0 down (!)
command not found
return = reptoid
Haha yea, I've not seen you blink once in your videos @Null Byte, it is a little distracting
Very quick question, can I use xerosploit to scan the network, it will still output the MAC addresses that are connected to the network, then I can proceed to change my mac address !!
Lol I stoped video at 0:15 cuz needed to check something and it was funny!:D
"hacker" starter kit:
1: Kali Linux or Arch Linux
2: Just sound snobby when u talk
3: Have an alias that involves any computery sounding word
sudo mkcomment
fucker1 7:30 what a lovely name
this is so cool. Thanks so much!
Sir one doubt. You said open wifi network maintains a list of all the authenticated users. So since we are changing our Mac address with the authorized user, will the list contain 2 entries of same Mac address ?( One entry for authorized user and another for our card)
Bro you know you have same beautiful eyes like my 8 year old brother.
This is my second favorite comment, thank you
what was your first fav comment :P
Abdullah James "I would never want to be your enemy"
i was not saying this :)
i was just asking in general, because you was said "second favorite", so im wondering what is your favourite comment. :) just a general question.
Spoofed MAC addresses can unexpectedly revert back to the factory setting (IIRC, one of the events that reverted mine was resume-from-sleep). I've mitigated this by having a process monitor the MAC address and issue a hard RFKILL if reversion is detected, in an attempt to prevent running apps from advertising spoofing.
Love this video, I have a question: I'm using a repeater Tplink AC600 to access a hotspot. Can I change the mac of this device?
lol wow good stuff...by the way what is the name of the track that was playing in the background around 2:05? thx
thank you for sharing this with us!!!
can this be used on macOS X or will i need to use kali linux? Also do i have to have a network adapter like you have, or can it be done with a stock macbook pro?
Hi Null Byte, Please let me know which external wifi device should be used for testing hacking tutorials?
Dude before I wanted you to blink more, or well... at all, but that weird ass blink changed my mind
Wow. Taking free WiFi to the next level... 😂
As an alternative, can I use a Mac app such as LanScan or IP Scanner to get the list of all devices + their MAC addresses connected to a certain network? Would that work for somebody who doesn't want to use Linux? Thanks!
What is the use of this we could straight away use the portol
For the WiFi networks that require an email address, I just use a random or fake address, since the only reason these free hotspots ask for it is to sell it to 3rd-parties or send promotions and other junk.
Nice.you are best teacher. Thanks
subbed man i have a question could we use our normal wireless card for this?
Yes, if you can change the MAC of your card, it will work.
Great videos!
Excuse me, are you OccupyTheWeb (OTW)?
Nope, just another (s)admin.
what to do after this? means after your use if you disconnected then will the target machine get its original mac address and continue to wifi (internet access )?
You should do a show on proper dark web connections.spoofing mac proxy chains vpn tor ect.
Great video bro
I love this dude.
What adapter are you using in this video ?? Thank you
pretty nice buddy, you really kick some ass.
Maurice Alvarez thanks for watching! Tell all of your friends about us! 😃
you betya, i already did, thanks for your valuable time and dedication to the channel and your beautiful site, you are a blessing💪
everything looks perfect but I have a question that can we bypass the limit of data received or I have to change the mac frequently in order to get the new bandwidth
You would need to change it, because you are tracked through the mac address
Will it work in WPA2/WPA networks which also require an specific MAC address?(This second method was added manually by the owner)
keep up the good work!
Is there a way somehow to get mac adresses of old devices that were once connected to this network, but not anymore? So you can use their mac address without collision?
Thanks bro !
Wait, So if we're copying their Mac address, Wouldn't that be detected as
a DoS attack, like you mentioned at 7:35 ?
Nice u took my advise on mac changer. But something i don't understand, why can't i connect to my neighboor wifi using one of his mac address. It should recognize me as his iphone no ?