Hacking Hotel WiFi - Hack Across the Planet - Hak5 2206
HTML-код
- Опубликовано: 30 сен 2024
- Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
____________________________________________
Sniffing open WiFi for unencrypted HTTP GET traffic reveals a captive portal privacy concern - this time on Hak5!
Sign up at hackacrossthep...
-------------------------------
Shop: www.hakshop.com
Support: / threatwire
Subscribe: / hak5
Our Site: www.hak5.org
Contact Us: / hak5
Threat Wire RSS: shannonmorse.p...
Threat Wire iTunes: itunes.apple.c...
Help us with Translations! www.youtube.com...
------------------------------
~-~~-~~~-~~-~
Please watch: "Bash Bunny Primer - Hak5 2225"
• Bash Bunny Primer - Ha...
~-~~-~~~-~~-~
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong.
We don't tip in Australia. We pay proper wages.
Josiah Dean I noticed - but in this particular instance, value for value. Also, thanks for being a polite society and refraining from murdering in the park at night. So kind the Aussies :)
You pay wages because your people can not afford to tip. :D
Gratuity for a meal that was paid for is ridiculous in the first place, your damn boss should pay your salary, not tips from paying customers. This idea just shows perpetual greed from managers.
Its not part of the culture to tip
I don't mind tipping a bit if the service is good, but a person shouldn't have to rely on their tip to bring home a decent wage.
Don't you sing for Nickelback?
LOL
Imo he looks more than Mike Shinoda xD
Furio thought that too 😂
Did he just show us how to charge food to other peoples rooms?
Zach Landon yes.... yes he did
Of course not. Those were two totally unrelated things.
wink wink nudge nudge
Only if you don't mind getting in to legal trouble.
serving vegemite sandwiches will get you out of legal trouble
Yes, inadvertently of course.
> adds a shebang
> runs it with bash anyway
Writes a parser using bash...
washed hands twice in one vid. I am intrigued. the mystery deepens
lol you ate the vegimite wrong you needed to spread butter first and apply small amount of vegimite that covers the bread.
Seriously dude 😂
@instantsoup inbread rapists perhaps?
@@theophiluschambers3628 hahaah
Same for Marmite if in the UK
lol, you don't even need to tip people in Australia
Don't need, but I generally do if the service good.
RAGINGXBULL2 its not required, unless you order pizza 🍕those delivery drivers desperately need that tip!!
We don't tip in canada either. I guess our servers get paid real wages.
Lmao no we shouldn't. Servers get paid the same wages as gas pump attendants and shelve stockers in wal-mart. We don't tip them, why should I tip my server? I live in Sask.
Same i said to another guy, Why? It's a voluntary bonus. It's like saying Thanks. but definitely nice gesture.
I have no idea wtf he's talking about
jetog You and me both
Watch again, there are 3 "unrelated" tips. How to pay with room&name, how to listen in on WiFi and how to make your computer chew through that WiFi traffic for you
same
Same
Basically how to learn the name and room number of other guests, how to pay for drinks with name and room number
Awesome video, reminds me of the older Hak5 videos
That "unrelated" tip at 6:35. Noted.
Me too. ;)
You could probably write a fake name tbh
Hacking fallout terminals didnt help me
/bin/chicken
Nathan Hovey we have a winner
$ cd /opt/chicken/src/
$ ls
Makefile chicken.bin chicken_sound.wav
$ ./chicken.bin chicken_sound.wav
PUK PUK PUKAAAAAAAAK
I was going to do a presentation back in 2014 named "What if I were a hitman" going from matching lastnames with room# even before leaving Argentina (don't remember trying in this from ARG but I could still access captive from home... so... :-/), going to the hotel that person booked, where I found out I could ask for room key playing being that person without even showing and ID saying "I lost my wallet and all my stuff" they only asked \"to whose name is the credit card you used to book\". I think this hotel was the 1ux0r in vegas. Wifi provider is same in most vegas hotels... just google for inurl params and youll see they provide this service all over the world with same sh1ty fwk. there are thousand possibilities. cheers
Damn that was quite a interesting presentation then
hey dude, first time viewer, just wanna say...your descriptions and instructions on how to use kali are fantastic...I was a sub within the first 2 mins of this video! just wanna thank you very much again for your awesome video! Definitely going to view more!
The things he is doing are not kali-specific. You can do ALL of this on any distro.
Hi Darren, this video somehow inspired me to start doing things differently in life. Keep up the good work!
It was the Vegemite wasn't it?
>minimalist traveling
>brings like 5+ pairs of shoes...
Shoes are 90% of the outfit so...
9:35, dude.. Why do you think 🤔 that guys in Indonesia cut through walking on the grass?
Arif Yulianto searching for this LOL
Arif Yulianto haha lah emang udh kebiasaan orang indo wkwk
I've stumbled into the wrong quarter of the internet. I think I'll leave now, but I'll be back. Baby steps.
How is your adventure going
+1 for the proper use of the lafing man logo
This person is not of earth
These types of videos get me excited about learning. Thanks DK!
Tried using Windows built-in bash? it feels more comfy then running VM in my opinion
Dude, why did you use a spoon to spread Vegimite?? With no butter!!?? Argh. No wonder you fellas don't like it. You have to spread in thinly over a lot of butter...
very cool, when I get my 24' v-nose hack lab/crash pad finished we gotta meet up for a little hack session. I'm currently in Canada but am getting my affairs and paper work in order to travel to the states. I'm an electrician by trade, so I can bring that skill set to the group. my gf was surprisingly easy to convince. told her ill build the trailers like lil houses, and she could have a full bathroom in her trailer and she was sold lol.
I'm building a custom lithium power wall and the roof will be totally covered in solar, so I should be able to supply quit a bit of axillary power between the 2 trailers. I'm using 18650 cells for safety and power density.
but how do ypi write the address for checks.
11:30 How would you do it differently now with ai?
I have the 4 digit pin attack txt.I only need that someome help me encode to inject.bin because the toolkit doesnt work whit very long script.
I want to check in my phone
I make a code in Python to make the sequence but need to be encoded.
who help me ?
I will share my code!
You should check out httpry for doing similar capture and analysis.
Don’t be a jerk and steal from a hotel. Most offer honors clubs to get free to extreme discounts. This includes room service.
Vegemite is good. tourists just need to build up a tolerance to it so if you started with ALOT less on there you might have like it instead of treating it like Nutella or jam.
Sean Prior I guess if you put it that way not what I would say but I guess if that's what your dad helped you with growing up I'm not to judge just letting you know that's not normal
Niterunner-
It was actually your grandpa. He was so gentle with me 😊
Sean Prior nar sry
Where did this talented soprano subchief open her most recent epicurean delights?
Bro LOVE YOU
I think we need some unrelated tips on using the bathroom on a plane XD
“I’m going to show you how to sniff packets with names and room numbers”
“Unrelated. instead of paying for food on card. Use your name and room number and leave a huge tip.”
Lol
@0:45 if it is gang colors out there, tell'em it's cool your're just en-Crip-ting Codes Cuhz 😂😂 ...
*slow clap*
That ,inspire me that I can do stuffs like that reall, first tip.
Love you kitchen because you reminds me of me.
I tip in the fancy restroom after making poopy
Wtf is talking about,why I'm here?
How many years it took you to be familiar with all these commands?
I may have mentioned this before but while you're in AU next, check out those prepaid SIM cards you can get that offer unlimited streaming data for some services like maybe Spotify and Netflix.. Is it even remotely possible to disguise other traffic as these uncapped services to maybe get theoretically unlimited LTE?
There is a little problem with that! aka Piece of paper that have to fill out and give to the Government.
Your face looks unusual sideways in that bathroom shot haha. Love this style video!
Did Emirates sponsor you?
ExaCrystal maybe thats why hes washing his hands, he was handling arab oil princes doo doo
What the fck are you doing dude i don't get a single thing 😂
/bin/chicken I DIED Gotta love those Australian jokes :)
Only figured he was in Australia when I saw Vegemite 😂
dollarsigns represent a variable huh? this is some strange language, all i know is c++ and looking at this looks made up asf. but it seems like a really easy language to learn.
Its bash, the same thing a linux terminal runs on. It's pretty easy to get the hang of
Mate there aren’t any gangs in Sydney CBD 😂😂
6:50 *WELCOME TO AUSTRALIA MATE!*
*ONLY A TRUE AUSTRALIAN CAN TAKE THE VEGEMITE!*
ALso.. how terrible is aussie internet :( ..
Sorry, I tried the way you done. I didn't got any.....
What processor (i5/i7) are you running on the XPS 13?
Thank you for showing us who you are. Thanks. Got It.
Completely unrelated tips here boys yeah
No strippers? And to they get tips?
what code language was the .sh file using?
Hi Darren! Thank you for awesome content! And if it's possible could you pay little bit more attention to sound levels in you videos, because music is loud but speech quiet in the same audio track.
Родион Беседин I'll give it a once over with headphones
+Родион Беседин To be fair, one segment was quiet because his voice was gone after the meeup. Video sounded good otherwise!
Как печально, что это все на английском, и я ничего не понимаю
For educational purposes, what was the full command Darren used with tshark?
i cant seem to reproduce it
the bit i am interested in is the tee command
currently using `tshark -i wlan0mon -Y "http.request.method == "GET"" | tee -a logfile`
Maybe you need to escape those quotation marks or use different quotation marks for the outer ones
T19R0N same command i've tried and i get no output in the log file. Do i have to end the wlan0mon a certain way for the info to appear in the log?
is there something after tee -a get3. ?????
solid tip works great on cruise ships too! But i'd know nothing about that at all.......
Or you can just ask for the password
I LOVE doing this in hotels:
airmon-ng start wlan1
airodump-ng wlan1mon
aireplay-ng --deauth 0 -a (BSSID) wlan1mon
Next sit back relax and enjoy
SomeRandomDude YT then what do you do?
blank awx "watch the world burn"
SomeRandomDude YT i can walk to a mall with my mac, leave it running. What steps i take to get not get caught? Should i get a bootable thumb drive put tails on it. For extra percautions. What would you do?
blank awx That method is called. Deauthing. There is NO WAY you can get caught doing this unless someone sees your terminal running and freaks out. If they really want to catch you they should be prepared with the proper equipment to see where the packets you are sending are coming from. So yeah you are 100% safe. I would recommend you create a bootable USB drive and live boot every time you do this. This way there is no evidence you doing it as everything gets deleted once you remove the USB drive and restart your system. As long as your WiFi card supports packet injection it should work no problems, if not I suggest you get a TP LINK TL-WN722N (ONLY THE V1 (VERSION 1)). Good luck with it!
And kali Linux or any Linux distribution of your choice as long as you install aircrack suite
A nice trick to get free drinks at the bar
Oh no, didn't like the vegemite? xddddd
Small amount of vegimite and toast
11:00 I agree. I still like CMD.
You don't need to tip in Australia
What you exactly want to show???
Hi bro all videos subtitle now
You never hacked the hotel wifi
Awesome tips. I have a feeling that two of them could be used together. I'm not suggesting this is what you meant by this video but imagine gleaning the room number and name of the occupant and then going to get food or drink. could you not just write their room number and scratch their name down? Free drinks or meals, hmmm. We'll I wouldn't do it or recommend it but that's how two of you tips could be related. Great show. keep it up.
This video is a vibe and I like it
My Google Pixel 2 bypassed the paid system at my hotel. I didn't even realize it was paid. It would just request the blank page, then go away and voila.
With using VM Workstation - you're able to put your wifi card into monitor mode? using a USB dongle and Virtual Box i am not able to accomplish opening up a VM and getting my wifi dongle onto monitor mode. Any tips would be appreciated.
EPIC reaction to the vegemite! Also MASSIVE PROPS for advising AGAINST backticks!!!!
Vegemite isn't actually a foodstuff, it's just a practical joke we play on Americans ;)
Don't worry though, it's non-toxic and mostly a waste product from beer 0:)
How would I start learning this stuff? I only know basic basic HTML web design.
hey ,I wana to learn the totally hacking trip using kali,so I wana know from where I getting all these technical terms
help me cause I don't know these things
also hac5 your video content are very advanced ,I think mostly people have difficulty for understand it. so make it easy to understand
Great video editing and improvisation, so what was the reason for the (2X)hand washing...what did you do!?....you are even funnier when drunk too!
and why don't you show the other alternative when HTTPS/SSL/TLS is used and how to implement decryption using wireshark with captive portals...
Don't use airmon-ng. Use makemon. You can find it on github. Much better for monitor mode interfaces and it automatically sets the interface with a random, but valid, Mac address. Don't use it with usb adapters unless the device can be recognized by the iw dev command. Otherwise, have fun.
"Tip: Don't eat Vegemite"???
Nonsense. The tip *should* be: "Don't smear a dry slice of bread with a spoonful of Vegemite"! But if you apply it sparingly it's bloody wonderful. Suggestion: use a butterknife to add Vegemite sparingly to hot buttered toast.
Yes, I know Vegemite is an acquired taste. In the UK we have a similar product called Marmite, whose current advertising slogan is You Either Love It Or Hate It. And plenty of people hate it when it's put on toast as I just advised. But eating it like you did in the video? That's setting it up to fail.
Why program did you use?
Dude you are such a smart guy and u said that Vmware Workstation is pricey why dont you find Cracked version so u can enjoy freely....@Hak5
in my case i run windows on a VM,
awk loops through all lines in a file, you could have just "cat file" instead of "head -1" and pipe it into the same awk command.
Simon Stead would love it if you could elaborate.. Still new to CLI myself and I'm still trying to get this to work.
Dude you're so lucky, I have to walk through parks in Sydney and I get murdered AT LEAST twice a day.
Cute room number script, problem is that the hotels monitor you via cams at the hotel desk, cafe, bar, room hallways etc. So they know who was at the bar and what room you went to. Assuming you're staying at the you racked up a bar tab at. In Vegas they circulate your photo around for security to pick you up and take you to that 'back room'.
Next up Cambodia please
What a programing language are you using in terminal?
Bash
wtf is he talking about?
You should look at kvm gpu passthrough
then you could run linux baremetal and have adobe suite in the vm only when you need it with aroun 97% native performance
other than that you can give back the gpu to host when you are done
You don't like whois?
What is the point of all this? Unless you are using the info to eat food at the cost of another persons bill.. All I see is useless info otherwise. But that was very understandable thanks for the vid.
About the flying internationally with lock picks not being a good idea I've flown to Kiev Ukraine and a few other places in the US with my lock picks no problem
some hotels have Ethernet running to the TV for on-demand / pre-paid services and channels .. you can just unplug the TV and plug the Ethernet cable straight into your laptop ... Boom .. free internet and can sometimes log usernames / passwords / credit-card details..etc..
Hey Darren I'm sure that there is a very legitimate reason for this that I'm missing so I was wondering if you could enlighten me on why not run linux in a VM on your Surface?
A most common mistake. Caking Marmite on like jam. Silly billy :)
Also, add butter....and cheese. OM NOM NOM.
Tip with Vegemite, don't spread it on like you would with Jam. Use it sparingly and over a much larger area. Oh and when you spread it use a knife not a spoon.
1: You put way too much vegimite in 1 area. Gotta disperse it lightly. With butter underneath
2: You don't have to tip in Australia. We get paid enough
I really dont know much about programming/hacking but what language did he write that bash script in?
Of course that toast was horrible, you spread the vegemite way too thick and you didn't use butter