Hacking Hotel WiFi - Hack Across the Planet - Hak5 2206
HTML-код
- Опубликовано: 8 фев 2025
- Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
____________________________________________
Sniffing open WiFi for unencrypted HTTP GET traffic reveals a captive portal privacy concern - this time on Hak5!
Sign up at hackacrossthep...
-------------------------------
Shop: www.hakshop.com
Support: / threatwire
Subscribe: / hak5
Our Site: www.hak5.org
Contact Us: / hak5
Threat Wire RSS: shannonmorse.p...
Threat Wire iTunes: itunes.apple.c...
Help us with Translations! www.youtube.com...
------------------------------
~-~~-~~~-~~-~
Please watch: "Bash Bunny Primer - Hak5 2225"
• Bash Bunny Primer - Ha...
~-~~-~~~-~~-~
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong. 
Наука
We don't tip in Australia. We pay proper wages.
Josiah Dean I noticed - but in this particular instance, value for value. Also, thanks for being a polite society and refraining from murdering in the park at night. So kind the Aussies :)
You pay wages because your people can not afford to tip. :D
Gratuity for a meal that was paid for is ridiculous in the first place, your damn boss should pay your salary, not tips from paying customers. This idea just shows perpetual greed from managers.
Its not part of the culture to tip
I don't mind tipping a bit if the service is good, but a person shouldn't have to rely on their tip to bring home a decent wage.
Did he just show us how to charge food to other peoples rooms?
Zach Landon yes.... yes he did
Of course not. Those were two totally unrelated things.
wink wink nudge nudge
Only if you don't mind getting in to legal trouble.
serving vegemite sandwiches will get you out of legal trouble
Yes, inadvertently of course.
Don't you sing for Nickelback?
LOL
Imo he looks more than Mike Shinoda xD
Furio thought that too 😂
> adds a shebang
> runs it with bash anyway
Writes a parser using bash...
hey dude, first time viewer, just wanna say...your descriptions and instructions on how to use kali are fantastic...I was a sub within the first 2 mins of this video! just wanna thank you very much again for your awesome video! Definitely going to view more!
The things he is doing are not kali-specific. You can do ALL of this on any distro.
I have no idea wtf he's talking about
jetog You and me both
Watch again, there are 3 "unrelated" tips. How to pay with room&name, how to listen in on WiFi and how to make your computer chew through that WiFi traffic for you
same
Same
Basically how to learn the name and room number of other guests, how to pay for drinks with name and room number
Awesome video, reminds me of the older Hak5 videos
washed hands twice in one vid. I am intrigued. the mystery deepens
lol you ate the vegimite wrong you needed to spread butter first and apply small amount of vegimite that covers the bread.
Seriously dude 😂
@instantsoup inbread rapists perhaps?
@@theophiluschambers3628 hahaah
Same for Marmite if in the UK
These types of videos get me excited about learning. Thanks DK!
Hi Darren, this video somehow inspired me to start doing things differently in life. Keep up the good work!
It was the Vegemite wasn't it?
Your face looks unusual sideways in that bathroom shot haha. Love this style video!
That "unrelated" tip at 6:35. Noted.
Me too. ;)
You could probably write a fake name tbh
lol, you don't even need to tip people in Australia
Don't need, but I generally do if the service good.
RAGINGXBULL2 its not required, unless you order pizza 🍕those delivery drivers desperately need that tip!!
We don't tip in canada either. I guess our servers get paid real wages.
Lmao no we shouldn't. Servers get paid the same wages as gas pump attendants and shelve stockers in wal-mart. We don't tip them, why should I tip my server? I live in Sask.
Same i said to another guy, Why? It's a voluntary bonus. It's like saying Thanks. but definitely nice gesture.
“I’m going to show you how to sniff packets with names and room numbers”
“Unrelated. instead of paying for food on card. Use your name and room number and leave a huge tip.”
Lol
Hacking fallout terminals didnt help me
>minimalist traveling
>brings like 5+ pairs of shoes...
Shoes are 90% of the outfit so...
I've stumbled into the wrong quarter of the internet. I think I'll leave now, but I'll be back. Baby steps.
How is your adventure going
+1 for the proper use of the lafing man logo
I LOVE doing this in hotels:
airmon-ng start wlan1
airodump-ng wlan1mon
aireplay-ng --deauth 0 -a (BSSID) wlan1mon
Next sit back relax and enjoy
SomeRandomDude YT then what do you do?
blank awx "watch the world burn"
SomeRandomDude YT i can walk to a mall with my mac, leave it running. What steps i take to get not get caught? Should i get a bootable thumb drive put tails on it. For extra percautions. What would you do?
blank awx That method is called. Deauthing. There is NO WAY you can get caught doing this unless someone sees your terminal running and freaks out. If they really want to catch you they should be prepared with the proper equipment to see where the packets you are sending are coming from. So yeah you are 100% safe. I would recommend you create a bootable USB drive and live boot every time you do this. This way there is no evidence you doing it as everything gets deleted once you remove the USB drive and restart your system. As long as your WiFi card supports packet injection it should work no problems, if not I suggest you get a TP LINK TL-WN722N (ONLY THE V1 (VERSION 1)). Good luck with it!
And kali Linux or any Linux distribution of your choice as long as you install aircrack suite
Hope you enjoyed Australia! I'm bummed I missed the meetup. I didn't even know that you'd travelled this way until now.
dude your presentation has gotten wayyy better... you started off pretty awkward... but really good now!
very cool, when I get my 24' v-nose hack lab/crash pad finished we gotta meet up for a little hack session. I'm currently in Canada but am getting my affairs and paper work in order to travel to the states. I'm an electrician by trade, so I can bring that skill set to the group. my gf was surprisingly easy to convince. told her ill build the trailers like lil houses, and she could have a full bathroom in her trailer and she was sold lol.
I'm building a custom lithium power wall and the roof will be totally covered in solar, so I should be able to supply quit a bit of axillary power between the 2 trailers. I'm using 18650 cells for safety and power density.
Cute room number script, problem is that the hotels monitor you via cams at the hotel desk, cafe, bar, room hallways etc. So they know who was at the bar and what room you went to. Assuming you're staying at the you racked up a bar tab at. In Vegas they circulate your photo around for security to pick you up and take you to that 'back room'.
Great video Darren ☺ did you use a tablet or a laptop for this, or was it a microsoft surface wirh a vm installed ☺
EPIC reaction to the vegemite! Also MASSIVE PROPS for advising AGAINST backticks!!!!
Vegemite is good. tourists just need to build up a tolerance to it so if you started with ALOT less on there you might have like it instead of treating it like Nutella or jam.
Sean Prior I guess if you put it that way not what I would say but I guess if that's what your dad helped you with growing up I'm not to judge just letting you know that's not normal
Niterunner-
It was actually your grandpa. He was so gentle with me 😊
Sean Prior nar sry
love you guys as a newbish Linux user the capabilities you show anyone can have is endless making using this Os enjoyable
Tip with Vegemite, don't spread it on like you would with Jam. Use it sparingly and over a much larger area. Oh and when you spread it use a knife not a spoon.
/bin/chicken I DIED Gotta love those Australian jokes :)
9:35, dude.. Why do you think 🤔 that guys in Indonesia cut through walking on the grass?
Arif Yulianto searching for this LOL
Arif Yulianto haha lah emang udh kebiasaan orang indo wkwk
Idk what homie is talking about but I’m still watching
"Fancy people use towels." People that like to save money use towels.
I didn't realize where you were going, until I realized that you only extracted the last name and the room, and that's what the alcohol uses.
Angery React well any in hotel items
In Australia; we can eat Vegemite straight from the jar. Time to man up, little boy.
Great video editing and improvisation, so what was the reason for the (2X)hand washing...what did you do!?....you are even funnier when drunk too!
and why don't you show the other alternative when HTTPS/SSL/TLS is used and how to implement decryption using wireshark with captive portals...
I was going to do a presentation back in 2014 named "What if I were a hitman" going from matching lastnames with room# even before leaving Argentina (don't remember trying in this from ARG but I could still access captive from home... so... :-/), going to the hotel that person booked, where I found out I could ask for room key playing being that person without even showing and ID saying "I lost my wallet and all my stuff" they only asked \"to whose name is the credit card you used to book\". I think this hotel was the 1ux0r in vegas. Wifi provider is same in most vegas hotels... just google for inurl params and youll see they provide this service all over the world with same sh1ty fwk. there are thousand possibilities. cheers
Damn that was quite a interesting presentation then
Dude you're so lucky, I have to walk through parks in Sydney and I get murdered AT LEAST twice a day.
I think we need some unrelated tips on using the bathroom on a plane XD
Love how I’m only in computer science 2 and this pops up in my feed
Don't use airmon-ng. Use makemon. You can find it on github. Much better for monitor mode interfaces and it automatically sets the interface with a random, but valid, Mac address. Don't use it with usb adapters unless the device can be recognized by the iw dev command. Otherwise, have fun.
Tried using Windows built-in bash? it feels more comfy then running VM in my opinion
There are smarter ways to blur things if you use Adobe After Effects, saw you mention how long it takes in someone elses comment. If you'd rather stick with Premiere you should try and use the least amount of keyframes when you're changing the position of blur. Only mention this since getting doxxed isn't fun.
+Xx420Y0L0 SC0P3ZxX it's cool, no amount of blurring would have obfuscated the location of the hotel. The blurring was just out of respect, since I was calling out their unsecured open WiFi. I'm not advocating misusing this information - merely shedding light on a common situation among open networks. Also, the auto tracking feature of Premiere does a pretty good job of key framing the blur ☺ -Darren
Awesome tips. I have a feeling that two of them could be used together. I'm not suggesting this is what you meant by this video but imagine gleaning the room number and name of the occupant and then going to get food or drink. could you not just write their room number and scratch their name down? Free drinks or meals, hmmm. We'll I wouldn't do it or recommend it but that's how two of you tips could be related. Great show. keep it up.
Hi Darren! Thank you for awesome content! And if it's possible could you pay little bit more attention to sound levels in you videos, because music is loud but speech quiet in the same audio track.
Родион Беседин I'll give it a once over with headphones
+Родион Беседин To be fair, one segment was quiet because his voice was gone after the meeup. Video sounded good otherwise!
omg awesome! I love these vlogs, great job Darren!
This video is a vibe and I like it
As an Aussie I am glad I watched this just to see an American eat Vegemite.
/bin/chicken
Nathan Hovey we have a winner
$ cd /opt/chicken/src/
$ ls
Makefile chicken.bin chicken_sound.wav
$ ./chicken.bin chicken_sound.wav
PUK PUK PUKAAAAAAAAK
but how do ypi write the address for checks.
11:30 How would you do it differently now with ai?
Don’t be a jerk and steal from a hotel. Most offer honors clubs to get free to extreme discounts. This includes room service.
Thank you for showing us who you are. Thanks. Got It.
How many years it took you to be familiar with all these commands?
Needs moar Vegemite! Pity you're all the way down in Sydney. Hope you enjoy your trip here haha
Only figured he was in Australia when I saw Vegemite 😂
"tip well in cash" ignoring the fact that he is in Australia where we don't tip
Forgot the butter for the vegemite hahahaha
Where did this talented soprano subchief open her most recent epicurean delights?
So how tf did you get into this airplanes bar?? That's what I call social engineering like a pro!
the day adobe port to linux is the day a million people leave windows. I say a little prayer every night before bed wishing for this to happen.
Vegemite isn't actually a foodstuff, it's just a practical joke we play on Americans ;)
Don't worry though, it's non-toxic and mostly a waste product from beer 0:)
What processor (i5/i7) are you running on the XPS 13?
How would I start learning this stuff? I only know basic basic HTML web design.
solid tip works great on cruise ships too! But i'd know nothing about that at all.......
Darren I'm a little disappointed did you ask any Aussie "who is Bob and why is he my uncle"
Why program did you use?
You are awesome bro,congratulations & thnax for sharing everything....greetings from Albania.
1: You put way too much vegimite in 1 area. Gotta disperse it lightly. With butter underneath
2: You don't have to tip in Australia. We get paid enough
Haha! You used WAY too much Vegemite and had no butter. I probably would have gagged too. Lol.
Btw. I personally prefer it on toast too. ;D
I don't know what's happening but I like lessening to something I dont know 😂
hey @hak5Darren did u end up getting that panarama of the Harbour bridge and opera house
Just saying, you put WAY too much vegemite on that little bit of toast. I normally butter the toast so that the vegemite spreads better and then use that same amount of vegemite on the entire slice.
where in UK do u go on your trip
With using VM Workstation - you're able to put your wifi card into monitor mode? using a USB dongle and Virtual Box i am not able to accomplish opening up a VM and getting my wifi dongle onto monitor mode. Any tips would be appreciated.
What tripod you use for your smartphone??
"Tip: Don't eat Vegemite"???
Nonsense. The tip *should* be: "Don't smear a dry slice of bread with a spoonful of Vegemite"! But if you apply it sparingly it's bloody wonderful. Suggestion: use a butterknife to add Vegemite sparingly to hot buttered toast.
Yes, I know Vegemite is an acquired taste. In the UK we have a similar product called Marmite, whose current advertising slogan is You Either Love It Or Hate It. And plenty of people hate it when it's put on toast as I just advised. But eating it like you did in the video? That's setting it up to fail.
Such a rookie move with the vegimite bud, butter first, then a thin layer on top, it's hard to beat (apart from Marmite of course). Fun vid though, thanks for sharing.
Ok so we learn from him and hak5, but from where do he learn this all
awk loops through all lines in a file, you could have just "cat file" instead of "head -1" and pipe it into the same awk command.
Simon Stead would love it if you could elaborate.. Still new to CLI myself and I'm still trying to get this to work.
Sweet hax bro you’re a true hackerman.
Yo Darren what kind of sunglasses are you wearing in elevator @ 7:03?
why its better to use $(cmd) over ` cmd` again ?!
wut
using $(cmd) is nestable while `cmd` isn't without escaping, and the deeper you nest the more escaping you must do.
ex.
echo `echo \`echo \\`ls\\`\`` # what a mess
echo $(echo $(echo $(ls))) # much cleaner
Agreed, but how does that matter for how it was used in the video? It seemed like Darren made a big deal without giving a good reason/explanation. Much as I agree with the general advice.
it saves him from needing to escape all of the quotes and double quotes. But yeah he didn't really explain that.
Point taken!
I like these 'darren travels & talks' videos a lot.
I love your work. Keep it up Darren
Are you coming to melbourne? or did i miss out
What cinde of program u use for that
Have you tried bash in Windows 10 yet? Seems to work well.
AJ Harran omg I did that today
AJ Harran actually, just did today as well and so far it's okay - but I've run into permission issues with nmap and wlan0, so more testing is needed. I don't think anything will ever replace bare metal. In retrospect, an ultrabook would have been a good choice, even if running a slow/efficient CPU.
This confused me ... bare metal is just a term for not using a VM?
You heading down south of Melbourne?
Where can I start learning stuff like this? I have a little experience in javascript but basically I would need to start from scratch. Programming/whatever you call this is very interesting to me but I want to be able to understand it better. Thanks!
Also, this is Linux right?
Do you have been visited in Indonesia?
Which town and when ?
Welcome back to Australia
Hope you loved Sydney
And stay vigilant for Drop Bears ^.^
is it implied that get3. is the logfile?
just wondering. It may be confusing to nubs.
Thanks!
Tristan Maltos-James it took me a while but that is what I've gathered as well.. However... Nothing goes into my log file. Even when I call it log file...
6:50 *WELCOME TO AUSTRALIA MATE!*
*ONLY A TRUE AUSTRALIAN CAN TAKE THE VEGEMITE!*
You never hacked the hotel wifi
Hi I have a question and i know im a bit late >.> But how is it so, he can capture unencrypted GET requests from his network card even though its in monitor mode and not actually connected to a network where GET requests would be sent out?
WiFi works on radio frequencies. All you need is a wireless N card that can go to monitor. It picks up every wifi transmission in the 2.4 and 5ghz range. Normally the card ignores transmissions not addressed to it, but in monitor mode it can see and collect all the wifi transmissions, even those not addressed to it.
Aww man you were here two weeks ago, I would have loved to have gone to the meet up.
what computers do they use?
What virtual machine are you using for kali Linux?
What a programing language are you using in terminal?
Bash
It needed a Fletch reference. Charge it all to the Underhills.
11:00 I agree. I still like CMD.