Flipper Zero Demo: WiFi Marauder, Wireshark and Hashcat!
HTML-код
- Опубликовано: 15 июл 2024
- Talking Sasquach shows us how to crack WPA2 WiFi passwords using a Flipper Zero, Marauder, Wireshark and Hashcat! A very cool demo.
Disclaimer: Only do attack networks that you own or have permission to attack.
// Flipper Zero and WiFi Dev Board //
Get a 5% discount using my affiliate link : lab401.com/r?id=42cm8b
and/or use code DAVIDBOMBAL
WiFi Dev Board: lab401.com/products/flipper-z...
Extreme Firmware: github.com/Flipper-XFW/Xtreme...
// Talking Sasquash SOCIAL //
RUclips: / @talkingsasquach
TikTok: / talkingsasquach
Instagram: / talking_sasquach
Github: github.com/skizzophrenic
// David's SOCIAL //
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
// RUclips videos mentioned //
WiFi: • Hacking WiFi Passwords...
Clear Case: • Flipper Zero Transpare...
OMG Cable: • O.MG Elite Cable : The...
ESP Flasher: • ESP Flasher : BEST Fli...
Dual Boot Evil Portal & Marauder: • Dual Boot Evil Portal ...
// MENU //
00:00:00 - Welcome Talking Sasquatch!
00:00:36 - Wi-Fi hacking workflow
00:00:50 - Overview of the de-authentication process.
00:01:26 - Wifi deauth ring cameras
00:02:10 - Wifi board
00:03:00 - Firmware used
00:04:03 - FlipperZero wifi board flashing
00:05:40 - Wi-Fi Marauder demo
00:07:18 - Getting pcap from SD card
00:07:52 - Use Wireshark to process files.
00:08:25 - Converting and saving files for Hashcat.
00:08:44 - Using CMD and Hashcat commands.
00:09:05 - Discussing password lists and how Hashcat works.
00:09:43 - Sharing experiences with FlipperZero and its capabilities.
00:10:30 - Talking about personal background and the value of learning and experimentation.
00:12:36 - Links to Nate's channel and outro.
flipper zero
flipper
flipperzero
wifi
wireshark
hashcat
hack
hacking
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#wifi #flipperzero #hacking
Talking Sasquach shows us how to crack WPA2 WiFi passwords using a Flipper Zero, Marauder, Wireshark and Hashcat! A very cool demo.
Disclaimer: Only do attack networks that you own or have permission to attack.
// Flipper Zero and WiFi Dev Board //
Get a 5% discount using my affiliate link : lab401.com/r?id=42cm8b
and/or use code DAVIDBOMBAL
WiFi Dev Board: lab401.com/products/flipper-zero-wifi-devboard
Extreme Firmware: github.com/Flipper-XFW/Xtreme-Firmware
// Talking Sasquash SOCIAL //
RUclips: www.youtube.com/@TalkingSasquach
TikTok: www.tiktok.com/@talkingsasquach
Instagram: instagram.com/talking_sasquach/
Github: github.com/skizzophrenic
// David's SOCIAL //
Discord: discord.gg/davidbombal
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
// RUclips videos mentioned //
WiFi: ruclips.net/video/subLBPJ3IxU/видео.htmlfeature=shared
Clear Case: ruclips.net/video/pLYcAfp5PMc/видео.htmlfeature=shared
OMG Cable: ruclips.net/video/n-HRqKWc4MY/видео.htmlfeature=shared
ESP Flasher: ruclips.net/video/Kme-yWL14N8/видео.htmlfeature=shared
Dual Boot Evil Portal & Marauder: ruclips.net/video/jCPWlS5JmlY/видео.htmlfeature=shared
// MENU //
00:00:00 - Welcome Talking Sasquatch!
00:00:36 - Wi-Fi hacking workflow
00:00:50 - Overview of the de-authentication process.
00:01:26 - Wifi deauth ring cameras
00:02:10 - Wifi board
00:03:00 - Firmware used
00:04:03 - FlipperZero wifi board flashing
00:05:40 - Wi-Fi Marauder demo
00:07:18 - Getting pcap from SD card
00:07:52 - Use Wireshark to process files.
00:08:25 - Converting and saving files for Hashcat.
00:08:44 - Using CMD and Hashcat commands.
00:09:05 - Discussing password lists and how Hashcat works.
00:09:43 - Sharing experiences with FlipperZero and its capabilities.
00:10:30 - Talking about personal background and the value of learning and experimentation.
00:12:36 - Links to Nate's channel and outro.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
Thanks 👍
only works with simple password 😅😅
Unfortunately a lot of users use basic passwords. I demonstrated how to use a GPU against more complex passwords in this video: ruclips.net/video/ZTIB9Ki9VtY/видео.html
FYI the blur is a bit late around 7:41
Hi David, the discount code is not working
So weird to see myself here! It was a blast filming with you! Great community you have here!!
Thank you for sharing and inspiring all of us!
@TalkingSasquach thank you for all your content. I've learned much from your videos. Glad to see you on this channel too!
Great demo. Can’t wait to see more. 🙌🏼
@TalkingSasquatch Hey man I've always been having trouble learning to solder. I have a good iron I just am not good. How did you learn to solder or do you have any advice to get better and learn proper etique? Thanks for doing this video it really reminded me how much you can learn in a very little bit of time. I to am from NE I live in Connecticut and I crammed a ton of information in to my mind around networks and domain administration similarly to you. Keep up the good work maybe we'll meet in person one day, you seem interesting 100%!
I'm a fan of both channels.
Great video. Im a Huge fan of talking sasquatch and I love the way he breaks down his videos. Even a person like myself with not a ton of tech knowledge can understand most of what he says and I am thankful for all the hardwork done behind the scenes. All these guys and girls deserve thanks and more. God Bless all the guys and girls that don't have paywalls and work so hard for the community. Im always learning.
Sasquatch is why I even have a flipper lol. Awesome dude and love his content. As well, of course, as yours David. Glad to see a shout out to those of us who have a passion but not a lot of technical background.
I follow Sasquash for a couple months now and his channel have really great tutorial for flipper and the guy is awesome! 🎉 Happy to see you doing a video together!
Thanks for shining a spotlight on Nate. Wow, what an inspiring story and resource! Thanks, DB!!
Two of my favorite tech guys in one video. I love talking squash flipper videos
Another great video David. I have watched a few of your videos talking about the Flipper Zero & I have finally just ordered one. Cannot wait to get started with it 😁
BEEN WATCHING BOTH YOUR VIDEOS SEPARATE AMAZING TO SEE YALL DO THIS TOGETHER VERY INFORMATIVE AND FUN TO WATCH IM NOT IN IT I SHARPEN SAWS AT A MILL THE FLIPPER MAKES ME WANT TO LEARN AS MUCH AS POSSIBLE THANKS TO CHANNELS LIKE THIS ITS EASY 🔥🔥🔥🔥
I know I’m a little late to this video but I use both these guys all the time and it’s so cool to see them work together
I was confused for a moment because I am using the same desktop wallpaper like talking sasquach. Tanks for sharing!
Congrats 🎊 is so cool to see you here with Mr.Bombal I couldn’t believe what I was looking and I saw your face, incredible good work you two I’ll be here thank you far all your hard work!🎉
This was great.
Talking Sasquach was who I seen that put up enough videos for me to stumble my way through learning what I do know about the Flipper Zero.
I missed the first round of sales on them & then got one when they restocked.
But by then, things changed so much with how you install custom firmware (like Xtreme).
I'll break up my comment.
Yt has deleted my comment 3 times now & I've said nothing that should be being censored!
Anyways, thanks to EVERYBODY who works on Flipper Zero stuff!
If you're new to the Flipper Zero may I suggest to you:
WOW.
This is ridiculous!
Yt is deleting the names of websites in my posts.
Well I'm done here.
15 attempts deleted at listing what can help new people to the Flipper Zero.
Nothing that should be being censored & deleted.
ALL deleted.
Yes indeed, great video content and partnership between Bombal and Squatch (Nate). One thing I'd like to add for those jumping into this Flipper/Wifi board thing is that as you pour over what's available, it's easy to get crossed up with different techniques. Perfect example is that I was working through Squach's and others' videos from about a couple weeks ago up to this morning, and this is the first time he's started with Extreme as the firmware on the device itself. That's new, and will create some incompatibilities probably with what I already have "on-board", since in some cases the app is linked to the firmware...
This stuff just moves so fast as it really is out there for everybody to do what they want with. So... It gets confusing as hell since all the actors will refer to others for bits of their solution for flashing the dev board, the firmware used on both the flipper and the board, the version of application, etc. Updating one little component will most likely create an API error somewhere. I'll list the various people's GITs below as an FYI, but my recommendation is to pick ONE and go from there. If you don't you'll get API errors and other incompatiblities and end up sideways. All the folks contribution to the overall effort are updating things at a different pace.
HOWEVER - This fragmented ecosystem creates an 𝘼𝙒𝙀𝙎𝙊𝙈𝙀 opportunity for learning how this chit works. E.g. I can use a firmware like RogueMaster, a flashing tool from somebody else, and *.bin or *.fap/fam files from completely different folks now that I understand it. So where possible, read and understand the code. I've created a directory structure separating all of them, and now can pick and choose. A large-ish SD card is also a big help...
Here's the list of the GIT's I've used bits and pieces of, just as an FYI.
github.com/justcallmekoko/ESP32Marauder/releases/tag/v0.12.0
github.com/SkeletonMan03
github.com/0xchocolate/flipperzero-wifi-marauder/releases/tag/v0.6.2
flipc.org/0xchocolate/flipperzero-esp-flasher?branch=main
github.com/InfoSecREDD
github.com/skizzophrenic/flipper-zero-evil-portal
github.com/H4ckd4ddy/flipperzero-sentry-safe-plugin/releases/tag/v1.1
github.com/UberGuidoZ/Flipper
github.com/RogueMaster/flipperzero-firmware-wPlugins/releases
github.com/RogueMaster/awesome-flipperzero-withModules
and just today esp.huhn.me/
Now we can add: github.com/Flipper-XFW/Xtreme-Firmware
And of course the "standard" site:
lab.flipper.net/
And I'm sure I'm forgetting some you'll stumble across along the way... Apologies if I'm "overcooking" the whole thing, but that's the way I roll unfortunately.
Some of these are probably now updated since I send this. That's just the way it goes. Much gratitude to the Talking Squach and all the others for the work. It would be cool if there was one single place you could go for the most current or complete version(s), but this theater is just moving too fast, which again makes it educational and fun as hell.
great piece of information here. thanks for your insight
A colab i never knew i needed
Both guys are a great I watch every bit every time.
Thanks, always great people on your channel
David your the man thanks for the great content and interducing to us another awsome content creator
I love this partnership. 2 awesome people.
That’s what I’m doing, I quit messing with tech for 20 years. Im a welder working 65 hours a week. Got into it by running into a guy with a MacBook I traded a 79’ mongoose for. Then bought a 3D printer and a flipper zero. I’ve been learning as much as I possibly can
Sounds fun dude. Hobbies keep us sane 😊😊
as always, great educational video and yet another fantastic collaboration . this is my favourite channel on youtube and i love it because Sir David always post exceptionally impressive videos on cybersecurity and cybertech . LOVE FROM PAKISTAN SIR DAVID AND THANK YOU FOR KEEPING THE CONTENT FANTASTIC.💖💖
Thank you very much! I appreciate it :)
Omg you got Sasquatch!! Awesome! 🎉
Really cool going through his start up video
Great video, very inspiring...keep posting such Great info ...saludos from Panamá 🇵🇦
WOW, I wasn't expecting this.Thanks, David, for bringing Sasquach to your show 😃😃 great content , as always
I love getting new and interesting guests on the channel 😀 Glad you enjoyed the video!
Thank you, I like the cmd trick in explorer.
Always love seeing practical demos like these. Great work
Glad you liked the video!
This was interesting as I was considering this device. I just wish he had given a little bit more background at the beginning on specifically why he was using certain mods or firmwares. He kind of launched right into the fact that he was using a very customized device but didn't really give a lot of justification for why one would use the upgraded device versus what one could do out of box with the Wi-Fi module.
I love you guys so much thanks for teaching me to get better at wat I like
We need a duo between you and Networkchukk for sure!!
Network Chuck is a rockstar :)
@@davidbombal you’re a rockstar ;)
Please make this happen!
david is such a good guy! Sasquash seems nice to watch too
Talking Sasquatch.. u rock !!! He’s discard rocks … noob friendly Mr RDD 😊
Thanks David, I love how you stop him and ask him to break it down. I noticed most most of them just like to run on and don’t try to explain much of what they’re doing. Sometimes it makes me question what they’re doing.
I want to see more OTW I just got my Linux basics for Hackers certification and it started with this channel
Love it!🤩
Happy to hear that!
Nothing more rewarding then a Humble BigFoot!
YES!! Love this one 🙌🏼
Very happy to hear that! :)
Im running out of time - cause I can see the sun light up the sly,so i hit the road in overdrive -baby!! Your neon sky rise background is the same as that music video.
David Bombal the god father of RUclips Cybersecurity ❤
two great channels.
I am always impressed by seeing videos and actually it motivates me.🎉🙏 Thank you Sir.
Very happy to hear that! :)
Great interview!!!
Thank you! Glad you enjoyed it :)
it is doing what other programs do (such as wifite) which is capturing the handshake and using a password list , and weak passwords are still being used in the demos .. hope we can see new methods and with more complex passwords
Great inspiration.
Sasquatch! Cool vid!!
I bought one. I'm trying to take over world banking and eventually the world itself. Different look like it is much more than an expensive universal TV remote. Unless you want to do criminal activities by getting accounts and passwords. That never pays off. I'll be tuning in to this channel. I bought one just to play with. I probably should have spent a little more and got the mini 3 drone. I'll let myself buy a new toy every month. I'll get it next time. I think this thing has potential. It's like my raspberry Pi. Just haven't found anyting cool enough to do with it.
Great video sir..Waiting for Jason Sir next video sir..when we can except sir..Love From India💌
Wonderful guest😊
Agreed. Talking Sasquash is amazing!
@@davidbombal yes thank you.
Nice video David...we need more 😢
Excellent interview 12:30 😊
Thank you. Glad you enjoyed the video.
I have never worked IT either, i started reading books, watching videos, listening podcasts and stuff.
Thx guys
My step dad is hall of fame bmx guy that’s cool you are into bmx and bikes.
I really want a flipper zero now.
It’s still a toy that allows you to be annoying
keep the hard work
Thank you. Will do :)
Why might my pcap file have no packets in, it. the pmkid isnt force deauthing my devices, which ok fine. maybe it only sniffs for handshakes, but when I do the disconnecting from my AP and then reconnect a few times while running the pmkid, still no packets in my pcap file?
I made sure to save the pcap files to my sd card and I am able to save and download the pcap files, but when I open them they are completely empty?
i like how you tried to blur the wifi stuff, but you can still see it. a fram or two
My man ❤
Thank you! :)
PMKID is not a 4 way handshake. As a matter of fact, for router susceptible to the PMKID attack, you don't even need an attached client device.
True, but why would you risk the video taking 25 minutes for a single handshake, rather than run the deauth and make certain sometimes happening, for the demo?
You can just put this thing in your pocket to sniff a handshake packet then go back home to crack the password. (Of a network you own of course)That’s pretty neat.
Yeah boy David Bombal again
Hope you enjoy the video :)
Beelent video ❤❤
Great video
Thank you! Glad you enjoyed it :)
First recorded hack targeting phone calls, was not really a hack but was a prank made by some teens that got a job at the phone company, disconnecting and misdirecting calls.
If I can write on python script with similar functionality like dirb(with multiprocessing for better performance) and search url by mask with wildcards and other script which I can call cool and useful and I use them myself but I am not smart enough to meet market requirements and find good job what should I do?
Well done Iceman!
Talking Sasquach did a great job :)
I like watching your videos + why don't you add dubbing in Portuguese, RUclips itself offers that.
do some routers have in place security not to release the hash? i had a tried this on my 2.4 network and all the pmkids came up 0 packets in wireshark, i also used multiple devices to keep trying to join the network while the deauth was going for better results to grab a hash.i have asus router with alot of firewall tools and ai i wonder if they have prevention measures
I tried this as well and my pcap files were 0 bytes too. I tried to manually disconnect and reconnect my clients while running the script and still "no dice". my pcap file is empty. I did it on my 2.4 Ghz too cuz I was under the impression that it wont work for 5GHz
how can protect my AP from multiple deauth from kiddy outdoors? I've read rfc 4122 with its UUID implementation, but it is not used in current 802.11 specs. wtf? i couldnt understand why those Management Frames are not encrypted even in latest specs. should i write my own driver for the AP and client for UUID work for my spot, or?
He keeps you out of trouble,
Stop living in a bubble,
His videos never fumble,
His name is David Bombal.
big fan sir❤
Thank you very much!
The crached.txt looks interesting to me. Made it yourself ? Or pulled it from somewhere? Thx
❤❤❤❤❤
2 things that might help:
If you show no "PCAP" files in the Marauder file location it can mean 2 things:
1 - you need to update to the newest Marauder firmware
2 - at the bottom of the Marauder app in the Flipper Zero, there's an option to the effect of "Save pcap files to the sd card"
ALLOW THIS!
NOBODY goes over this & you need to do this or or WON'T save the pcap files to the SD card!
another thing is that it didn't go through all the 400k passwords.... once it finds a match it stops on that .... if it's in the first 10 passwords it's fast if it's 400k it might take a couple of hours to a day. ;)
@davidbombal Is there a way to convert the pcap file without relying on a website?
Already tried it on my flipper 0
Did you get it working like in the demo?
@@davidbombalyes works good
Can you open Bluetooth padlocks or app control pad locks
For the maruder do we need the dev wifi board or can we do it only with flipper zero?
So you do the password forcing with 3 methods at the same time? , fliper zero, prowler and hascat
received EAPOL, and my file pcap is empty
great...
imagine a full band frequency editor man
Can you use xtreme software with the phone app?
Where do you get your screen saver or background?
I have just broken my flipper zero screen on a trampoline the screen protector is not broken, but the screen and the plastic are do you know how I can fix it
Capturing a handshake isn't really the hard part of cracking WPA, it's the dictionary attack. It's cool that the Flipper Zero can do it, but so can so many other devices, so it's not particularly unique. I also don't understand why it was loaded into Wireshark. It's not necessary unless for some reason you don't think that capture contains the handhsake of the SSID you're after.
Like an old guy I used to work with would say, "You're kinda going 'round yer arse to get to yer elbow"... Don't you think?
Neat concept though, but there ARE easier ways to capture handshakes haha
Solely for testing own network only
Hey! Curious nerd here - wouldn’t you be able to do everything the Flipper is doing here already just by using Kali Linux alone? Aircrack-ng is included in most distributions and it has the ability to do deauthentication, I think.
With a suitable network card, yes.
Of course, the appeal of the flipper to myself would be the mobility of it though.
Tried doing my own network which is 2.4 Ghz :/ I get the EAPOL messge and download the file, I then move it to wireshark and its blank 0 packets. am i missing something?
Honestly the same every file is just empty
Where did you get that wallpaper?
Hello World
It all starts somewhere, good on ya all.
Where did you get the password text file for hashcat?
Do you think that you can do a collab with NetworkChuck too?
6:41, i did it the same, the device says the same as yours but when I open the file, there isn't any data
Hashcat doesn't work on Mac do you have an idea for an alternative?
5:53 blur was applied 1 frame after the thign was already shown so thats leaked
i had made a video that had a similar title as yours and I got a strike on my channel just by using the words "evil portal and wifi marauder" how are you still up?
tryout the flipper on a lime scooter
i just want very easier way to hacking my neighborhood wifi with 2.4ghz type....do david recommend of this? or kody way? which one is easier and not giving a headache way step...?please prefer.
for tools i can buy it also. but for pishing i don't get high expectation for that's because not stupid right now...we nees real and sound easier one.