3 Levels of WiFi Hacking
HTML-код
- Опубликовано: 7 янв 2024
- Get NordVPN 2Y plan + 4 months free here ➼ nordvpn.com/networkchuck It’s risk-free with Nord’s 30-day money-back guarantee!
WiFi hacking is very much still a thing performed by both white hat and black hat hackers. In this video, NetworkChuck will demonstrate how hackers might hack a wifi network from three different levels or perspectives, a Noob, Hipster and Pro. All of the wireless attacks demonstrated in this video are real and possible. The purpose of this video is NOT to equip an army of skiddies but to educate people on how WiFi hacks occur and what they can do to protect themselves and the networks they run. In this video, NetworkChuck will demonstrate man-in-the-middle attacks, evil twin attacks, arp spoofing, dns spoofing and wifi password cracking.
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by NordVPN
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: ntck.co/Premium
☕☕ COFFEE and MERCH: ntck.co/coffee
Check out my new channel: ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: / discord
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: / networkchuck
Twitter: / networkchuck
Facebook: / networkchuck
Join the Discord server: bit.ly/nc-discord
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: geni.us/aBeqAL
Do you want to know how I draw on the screen?? Go to ntck.co/EpicPen and use code NetworkChuck to get 20% off!!
fast and reliable unifi in the cloud: hostifi.com/?via=chuck
#wifihacking #wirelessattacks #flipperzero 
Наука
![[adult swim] - Smiling Friends Season 2 Episode 5 Promo](http://i.ytimg.com/vi/uStNEeR8LT4/mqdefault.jpg)
Get NordVPN 2Y plan + 4 months free here ➼ nordvpn.com/networkchuck It’s risk-free with Nord’s 30-day money-back guarantee!
WiFi hacking is very much still a thing performed by both white hat and black hat hackers. In this video, NetworkChuck will demonstrate how hackers might hack a wifi network from three different levels or perspectives, a Noob, Hipster and Pro. All of the wireless attacks demonstrated in this video are real and possible. The purpose of this video is NOT to equip an army of skiddies but to educate people on how WiFi hacks occur and what they can do to protect themselves and the networks they run. In this video, NetworkChuck will demonstrate man-in-the-middle attacks, evil twin attacks, arp spoofing, dns spoofing and wifi password cracking.
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by NordVPN
nordvpn is bad
edit: please don't hack me I love your videos
Hi
Info in these videos is great! 100% Just, WAY too much beard and face, way too close to the camera.
I like to listen without watching. .. the visuals are really distracting and unappealing.
I am a big fan, and your videos has already given me a head start in IT. But could you please do more hacking videos using MacOS? I don't have linux, and I do not have enough storage for a virtual machine.
by far the smooothest use of a sponsor.
This video is an ad-in-the-middle attack.
Alfa, Hak5, NordVPN, Alienware, and BearCaveCoffee all real happy right about now
🙂
shiller in the middle
lmfao flipper zero and nord
So I just watched a 22 min long NordVPN advertisement… okay.
If more ads were like this, I wouldn't mind them so much. lol
Yeah.. just use your own router to setup a vpn, free and no company involved you need to trust!
@@hahhahahahha Well… basically who owns the endpoints, owns your data as well.
@@andrasbradacs6016 yes, so that's why I said better own it yourself
specify a safer DNS or two, use vpn, use vlans, harden Harden HARDNER
Wait wait wait …
This is NOT TRUE.
You are saying: “the pro hacker can make a copy of the website without you knowing he is in the middle, you need to buy nord VPN”
But the reality is VERY DIFFERENT than what you make it seem, it is more like: “your browser will detect it as an obvious TLS certificate mismatch and will shout at you in red colors”
Can we stop pretending that it is the year 2000 ? What important website does not use HTTPS ?
Don't let facts get in the way of an ad segment. NordVPN know this... as do the rest. Fine in 2001, virtually useless in 2024.
Mate this is for regualr folks. You talk like that to the users i deal with and its like speaking mandarin. 😂 sure they might see (this website is not secured) but they dont give a fuck. They dont know, are not smart enough.
@@diegoe.4639 i get it, I guess my point is, if we need to get one learning from the video, I would rather read « do not bypass ‘website not secure’ warnings, especially on a public WiFi » than « be scared, spend a monthly fee on my sponsor and feel secured »
@@diegoe.4639really? In my experiences, normal people will see that message and not go through with it because it's unusual.
@@diegoe.4639 Still, he has a point. If you surf the web on some public wifi and start seeing a bunch of 'red flag' warnings (Chrome is an example, that will shout 'unsafe web site'), the only thing the 'regular folks' need to know is 'STOP, do NOT continue... wait until you get home'.
All of the techniques mentioned are not issues anymore. HTTPS HSTS exists and browsers have preloaded lists that prevent man in the middle attacks on laptops and smartphones. All (new) apps require HTTPS and most have certificate pinning enabled, so impossible to grab traffic. Encrypted DNS is also becoming the standard with DoH and DoT options in most devices.
my thoughts the whole time, 99% of traffic is gonna be HTTPS in the first place
Still very cool content. A good start to undertand some technique. I am sure it makes you more scared once you think about the posseblility to crack decription on the fly.. what might be a thing in the future.
Https can be hacked. Https does not stop an evil twin.
Https only encrypts the data between you and the website. It can be broken.
I'm still making a Pwnagotchi this weekend.
there arent any more hacking techniques that really work
this was a 22 minute advertisement for Nord vpn
No that only stops man in the middle attacks. You need endpoint protection
yeah... oh also he forgot to mention that your internet traffic is most definitely encrypted so most of the attacks here dont work anyways
this happened to me i feel much better now tho
...and the WiFi Pineapple...lol
Damn I hope Nord paid you well. This is the most effort I have ever seen put into an ad.
No cap
Yea, after seeing this strong force is pushing me to reflash my old esp8266 deauther to spam ssids with "dont use nordvpn" 😀
@@joshfixall7938 as a noob and gen-xer I originally thought "no cap" was referring to no cap on the amount of money Nord is paying out. after a quick google search i learned it means no lie, not being deceitful from not capping one’s teeth with gold. in the future i’ll just hover over the word and it will tell me its origin.
this is like 99% a ad no cap
Extremely well, dude just casually skip the fact that wifi has its own password and encryption for promoting Nord vpn
Nice video. But it's obvious that any information regarding SSL/TLS och certificates were intentionally left out to make the attacks seem more serious than they really are, which ultimately favors your sponsor.
This means that visiting sites with SSL/TLS with a man in the middle, the attacker can see DNS requests, but any communication between parties are encrypted after the TLS session is set up.
Also, if an attack present you with a bad website, your user-agent/web browser will by default present you eith a certificate error.
Can depend how clueless the person having their traffic diverted is, the person doing the man in the middle could do something to get the user to click on a special page to install a custom certificate from the attackers machine and set it as trusted source, that way the attacker can then decrypt the incoming pages and re-encrypt the traffic with their custom certificate, the certificate being trusted on the end users device means that they wont see any errors and the attacker can then see all the data in the encrypted pages. This get used already in corporate/education environments where they have a web filter and want to inspect says a users search traffic for words/terms that they want to block (Proxies, adult content, etc.) and they only way to do this is via HTTPS decrypt and inspect.
@@MrTwoZZT what's the point? if they can get the user to install something on the machine, they can pull out information even if they have a VPN anyway.
Nothing shown in the video actually works because the web is 99.9% TLS/https now. And people who care use DoT/DoH which renders DNS attacks useless. Even without those, DNSSec takes care of DNS MiTM. Not a single actual working attack has been demonstrated. Kinda sad, you sound convincing.
Agree
We need comments like this, so people won't be falsely lead on.
I've used everything in this video (responsibly) and it works just fine
Internet outage in 2025
@@samonKBM You sure did, lil Timmy and we're soooo proud of our big boy, growing up so fast to be the neighborhood's biggest 1337 h4xX0r of White Hat sorcery! No one messes with lil Timmy in this part of town where we'll have you know he remains undefeated and un-pwn't!!!!!!!!!!!111oneone
I like how this is basically a paid ad from NordVPN masking as a teachable moment.
Right? Vs. an OpenVPN or WireGuard video using your home router. Hah, gotta pay the bills. The one advantage to NordVPN is that it's super simple to use for the lazy with money to spare.
NordVPN, dont get hecked give your information away for free, I mean fu pay and get owned.
Is that so bad? The techniques are really well explained and show the real usecase for tunneling your traffic.. Better than VPN providers trying to tell you that you need VPN to browse the web anonymously.
Lmao yeah this guy has a nice beard, but he is one of these apple hipsters lmao
Btw didn't even know there's promo spam in this because I use sponsorblock and yeah sure I can see two green bars.
True. Any decent VPN will work though
As others have mentioned, You seem to be ignoring the role tls and certificates plays in stopping these sorts of basic attacks. Its kind of a serious ommition.
The point of the video is not to be informative but to sell and be entertaining.
yeah, also known as "mislead" and "lie"@@Qornv
No shit
@@Qornvthat’s completely inaccurate. It’s to bait the wannabe hackers, mostly teens, entice them to purchase the equipment and watch more of his videos to understand more. It’s called bullshit not entertainment.
@@jmax8692 can u teach me or tell me where to learn it
Chuck, I met your RUclips channel when I was taking Cybersecurity classes three years ago. You are great, hugs
This is the longest NordVPN ad I have ever seen.... JK, great content, very informative and funny. NordVPN has some big privacy concerns, though.
Thanks for saving me the time. NEXT!
I am networkchuck fun😊😊😊
00:03 Hackers demonstrate three levels of WiFi hacking.
01:57 Hacker uses ARP spoofing to intercept communication between target and wifi router.
05:36 Evil twin attacks create fake WiFi networks to trick users.
07:24 WiFi hacking involves creating an evil twin and launching captive portal attacks
11:06 WiFi hacking can enable hackers to spoof DNS and control victims' internet traffic.
12:58 WiFi hacking can lead to webcam control and escalated access to PCs.
16:51 Hackers can abuse wifi routers to capture four-way handshakes
18:30 Hacking a WiFi password involves guessing and trying thousands of passwords until the correct one is found.
21:52 Enterprise wireless networks can detect and mitigate similar SSID attacks.
You forgot the bit where "Hacker captures encrypted user data that they can not exploit".. because - TLS - which the snake oil sales teams all pretend doesn't exist. Oh oh but your vacuum cleaner knows you went to your bank website!
@@ingmarm8858 but chrome removing the trust https warning is new and people is just dumb. But yeah is hard to do something only connected to the wifi, not even a twin
Thank you god.
@@ingmarm8858 Technically the user did not forget, the content it highlights look a lot like the result of some AI tools that take the transcript and try to write timestamps. Just look at "Hackers demonstrate three levels of hacking". How useless is that timestamp at 0:03?
If they want to actually make timestamps of their own, there are plenty of extensions that are good to MANUALLY timestamp videos. I personally use TimeTags for RUclips
Tom Scott did a video on why VPN ads are misleading, and threaten things that can't happen. He explained it all honestly, being a tech geek in a former life. It's really good, look it up.
“Nord VPN can stop these attacks” sure i guess but if you know what you’re doing it’s pretty easy to get around
Found the video, thanks!
@@roachdoggjr2988, please explain to us in detail how you're going to decrypt an encrypted VPN connection and steal the user's data. No, it's not not "easy" and you're not getting around it.
Yes, if you are using a modern browser and https connections only - what should be standard, this kind of dns spoofing to his own server will be detected by the browser. Giving you an unoverseeable hint that you have unsafe connection. This kind of attack will only work if the victim will click through the warnings, that he wants to take the risk or the hacker has stolen the private key of the https of the web server. So this vid is somehow an propaganda or just a not very nice NordVPN commercial.
@@roachdoggjr2988 Nordvpn can indeed stop these attacks and would not be easy to get around even if you knew what you were doing
However nordvpn does not need to stop these attacks because HTTPS stops them for you
All of the attacks shown in this vid (except captive portal) are completely and utterly useless
Next dude I see at a coffee shop, using a pineapple, or alpha is getting a tall cinnamon chocolate mocha-chai dumped on his keyboard.
This is the best sponsor video i've seen.
But isn't all of that a little useless because everything is encrypted these days even without a VPN?
Mostly yes
Indeed. man in the middle attacks wont yield much. DNS spoofing is still a threat. Though your web browser should start complaining that the website it reached isn't the website on the certificate.
@@joshuapettus6973 Most browsers have DNS over TLS enabled by default as well now anyways
@@joshuapettus6973 I'm disappointed he didn't mention that if you get connected to a cloned webpage via DNS spoofing, your browser will tell you your connection is not secure.
Its an add. Lazy noobs will get scared and get nordvpn
Dear FBI, I'm here for educational purposes
one of the best add I ever seen here on YT ;-) great vids bud
wait a second, this is just a NordVPN ad
😂😂😂😂😂
Yes but VPN is Man In The Middle between me and the site I am visiting.
That’s right.
You basically man in the middle yourself
Setup your own vpn in your home router :)
wireguard works just fine from your home router. All this nord vpn stuff is just an ad.. though, it's a safe way to do it.
But won't your connection be in clear after it leaves your router home vpn? I dont get it
Metaspyclub anticipation is building to a fever pitch! 😥
13:00 yes but only if you use HTTP and not HTTPS, since then you get the invalid cert popup and don't continue to the site. especially if you're on a public network.
What if I pretend to be a NordVPN Server?
Bro mind be minding
Would love to see you tricking a dns provider
Then you become a sponsorship of 2020
@@abdelbakiberkati Tricking a DNS is easy if you are man in the middle. You simply don't have to reroute the traffic back through the router as it was, you can switch around certain key addresses kind of like with a hosts file. No need to trick a DNS at all.
The problem lies with encryption. If the encryption keys (which you don't have) don't match, the VPN app will throw a hissy fit. As such we have to rely on the next best thing. You route the data as usual however when the target tries to connect to a VPN, you can simply time out the traffic. The target may think their VPN is down, or not responding or blocked by an ISP or thousands of other things. Meanwhile - chances are they are not going to give up Internet browsing and simply temporarily stop using their VPN.
@@Telhias thats new for me thanks for the lesson! But i guess « pretending to be a NordVPN server » requires tricking the global DNS registrars not one victim
Back in the 90's our neighborhood got "high speed internet" on the POTS lines. Better than dialup but... After a couple months my firewall kept getting hit by a computer looking for xxx., enough that it was slowing downloads. Getting tired of it, I dropped my firewall and saw it was a user on the same system. Looked around on their computer and thought, I could just dump the OS, but that would be mean. So I connected to their laser printer, opened notepad on their pc, composed a note explaining they needed to contact support and get this corrected. Printed the message on their printer. No response after a few days, so I made the font size LARGER and printed it multiple times. Two days later, silence.
I used to network into my buddies office printer from about 20 miles away and print in like 40 font "This printer thinks you are gay!". I must have gone through a few reams over the years. I still don't think he knows it was me.. Not really a hack but he had so idea I could simply network in.. lol
This is one big NordVPN commercial.
Why connect to a "Man in the middle" hacker when you can pay NordVPN( or any other VPN you don't manage your self like Surfshark etc) to provide the same service......Let's just trust Nord/Xvpn is honest.... Shame Chuck! Shame!
ruclips.net/video/pp-INfssWBo/видео.html
I Graduated high school in Mesquite, Tx small world. and I been to that exact coffee shop.
Me too. But im from south texas.
Yeah, no. Just use https-only mode and don't use/forget all unenceyprlted wifi ssids
Yeah, the usual VPN adds ....
Why is it I hear "experts" say that a VPN is either completely useless or a must have for anyone?
Experts saying VPN is useless are those who recognize that most people are using only HTTPS these days, so a VPN adds little extra. Experts saying VPN is a must have are sponsored by a VPN company.
Well that's because most people don't do stuff that begs the FBI to raid them so VPN isn't really necessary it's only when you need to
1) watch content that's not available in your area or
2) Bypass a firewall
Apart from that a VPN isn't really needed too much or else i might be forgetting some use case.
At the top level VPNs aren't used because if you are really doing something BIG then whoever you are up against has enough tech to bypass a VPN and still trace you out. So simply put
1) For beginners VPN is useless coz you aren't really going to use it for such an advanced shit
2) For higher levels you are gonna be traced out anyways so forget it.
It depends of the context, a VPN is useful if you want to reach some services in your entreprise or your home network. But the VPN as most people understand it now as NordVPN and etc are almost useless except if you want to emulate your localization to reach some services filtered by countries for examples. All security arguments are quite bullshit (it's quite uncommon to have services running on HTTP and not HTTPS) as better privacy too (lot of these companies are suspected to sell private data and IP addresses are not needed anymore to track users since a long time).
Because 99.5% of websites nowadays are already HTTPS encrypted (minus the IP/location). If the NordVPN server gets hacked, then they got all you traffic remotely without even having to be near you with a WiFi spoofer.
I rather spread out my traffic over multiple HTTPS encrypted websites, than getting all my info siphoned off from a central VPN server by hackers of government. Simple as that.
Man too bad I missed you in Tokyo! you needed to announce a meetup dude! or something I hope you and your family were able to experience how amazing the people and the country of Japan is.
will one day move there myself
Bear Cave Coffee receiving the most no. of attacks as a coffe shop at one time 🤣🤣🤣
Hi Chuck and team, if VPN sponsors are okay with it; would be great if you could mention self-hosting a VPN after the sponsor spot and link to your video in your description. While I understand it’s a sponsor spot, any VPN would protect a user. The benefit of commercial VPN’s is their number of nodes, number of countries, other security and privacy tools. Pushing the additional benefits harder but also mentioning that you can also self-host easily if you don’t want to use the sponsor would be a good compromise. If the sponsor is okay with it and you want to of course.
I totally agree to this comment. Very code idea and even not that hard to set up by yourself. But I think there are more than enough people who just want to buy a good VPN subscription with a few simple clicks instead of setting it up and hosting it by them selves.
It should be noted that self hosting, does not stop your ISP from seeing your traffic. The tunnel exists between your network and your client device.
However, while the ip of your device won't be seen, your network activity is still in full view of the ISP, because the door is within your network and the ISPs door is the only way traffic is getting in or out.
Basically wherever the hosted service is located is where encryption ends. If your using a VPN provider, they can protect you from your ISP, however they (the vpn)get to see all your data. Whether or not they share that data with advertisers or authorities is up to them.
Yeah, I have wieguard setup on my raspberry pi through pivpn. My phone and tablet are always connected to that. Helps me feel secure without having to pay for a VPN.
@@unrealzman68 That's why it is also important to use some other DNS service other than the ISPs and point all devices on you self hosted VPN server to use that DNS server. A self hosted DNS recursive server with pihole/unbound is a great tool for this though there are other services you can use. Most websites you visit are HTTPS encrypted. As such, the ISP can only see the DNS requests. Not if you use another DNS.
@@unrealzman68 What's the point of hiding traffic from your own ISP and showing it to the VPN host and their ISP? If you do anything illegal the VPN company will provide data to the authorities just like the ISP would. The real use of a VPN would be to encrypt your traffic in public networks like at a cafe or if your school/work has an insecure network setup. Or to appear in a different location for geolocked services.
Great video! Love your channel Chuck.
One thing I would point out is that provided the victim is accessing an TLS encrypted website (which most are these days), then either the victims passwords will be encrypted and hidden from even the Pro hacker, or the victim is going to get heavy warnings from their browser saying that it doesn’t trust the certificate being used for TLS encryption.
All that said, no reason to be complacent.
a "pro" hacker will respond to HTTPS logins requesting HTTP logins, SOME (not all) apps will respond in HTTP (clear text). App devs clearly put app functionality over security. 100% tried and test method by a.. err.. friend.
its not hard to get a trusted certificate to use for the cloned website
@@marcobaldanza2332 Indeed, but your browser will warn you that you’re now heading towards a non-tls site.
@@marcobaldanza2332 For many years TLS has become the standard and you cannot just "downgrade" this anymore. There is no redirect. The connection starts and the first part the client sends is his supported tls ciphers.
You can block that, but the client wont just retry with http.. why should he? the endpoint was configured as https, not http.
You might be able to fool a browser into allowing this downgrade, but many started to force https and display warnings on http. And pages which were once opened and have HSTS aswell as preloaded-HSTS ones will just deny using http alltogether.
@@SalamanderS337 then do it. you wont be able to get a cert for e.g. my website. You need to proof ownership one way or another.
Best ad for Nord VPN I've ever seen
I like the stealth chuck in the coffe bar 😂😂😂
Also, it’s very common for an attacker to use an evil twin alongside deauth to force you to connect to their evil twin. Ontop of this, they can do this to get a wifi password (Ex: the captive portal he was talking about, could have the victim enter their wifi password)
However, with WPA-3 a deauth attack like this typically won’t work, and requires a pretty different approach. (this is ONLY for the deauth part, the actual evil twin attack could still work just they’d have to wait for you/your device to connect naturally.)
Well put
And it's easy to do
@@holdulv Exactly. It’d just combining 2 mentioned methods in the video, and tools exist which automate it. Ontop of this, it’s MUCH easier to phish a wifi password than to bruteforce it (if that’s what you’re after) so I’d prefer this method over the aircrack-ng suite.
Cannot deauth wpa3
@@jackeagle2734 Yes, I said that. Wouldn’t matter anyways due to wpa3’s dragonfly handshake.
Browsers implement a protection called HSTS that protects you from things like MitM attacks that involve DNS spoofing. It's pretty effective.
There used to be a workaround but I think it was fixed.
Hey do you have any sources to keep up to date with this kind of stuff?
not the HSTS, since the first time you visit website the ip adress is stocked in the cach of your device browser
The issue being most websites don't implement HSTS. And even if they do, it won't protect you if you haven't visited said website yet or not in a while, because even less websites implement HSTS preload.
Browsers tend to enforce upgrading to HTTPS internally, but the behavior is not the same on every browser and there are still gaps in some of them. For instance in Chromium based browsers by default if you click on a link beginning with and the website does not support HSTS (and HSTS preload if you haven't visited it yet or not in a while) the first request will be sent in plaintext.
@@oussamazidane7854 You are thinking about DNS caching, but HSTS stores if this domain should only be accessible via TLS.
So sites you visit which have HSTS configured aswell as HSTS preload lists will keep your browser from connecting to these sites if any TLS errors occur (including connecting via http)
HSTS is essentially to force encryption of web traffic by always using https. You are still vulnerable to MitM with wifi though.
That would be cool to see how to secure routers in those particular situations
Rick Roll - now that's something I haven't heard in a while!
Chuck - love the comparison and netting out what is really going on re systems, DNS, etc. Your approach avoids the mind-numbing overly academic approach some folks use.
What I didn't see in the vid is any mention to https, though
No mention of https/DoH or any other security feature existing, just to shill out and scare people into buying with his affiliate link. most comments making him a hero.. this is sad
Those little girls in The Shining... that was one of the most eerily creepy shots I've ever seen in a movie. The other one was of a ball bouncing across the floor. I know - that sounds crazy. But it was in a movie with George C. Scott called The Changeling. He moved into this house after his wife died. It was haunted by the ghost of a little boy. The boy still liked to play with his ball, and it kept rolling around the house. Finally George C. Scott took it and dropped it off of a bridge miles away. When he got back and walked in the door, that ball came bouncing across the floor toward him, and this time it was like it was ANGRY. He shoved himself back up against the door in terror, and I wanted to hide behind my chair. It's amazing how good directors can manipulate our moods in these movies.
The amount of coffee drinking and hacking in this video go hand in hand 😂😂
Just thought I'd mention that even without VPN, using the internet is still usually secure and fine. Most websites use HTTPS now which encrypts data sent which stops MitM attacks like this from happening. Chunk specifically chose DNS when demonstrating because DNS is not usually encrypted (even though you can encrypt it).
MitM attacks try to spoof the original web site like fishing and for the dns it'sd true but i never take the lesst bussy my job, icloud or google . so i get many time up event if i'm not on wifi but whit good cat 5
@benoitmarc-andre1733 I kind of disagree. HTTPS is really robust, and all you can see is URL in SNI during TLS handshake or in DNS request. You would need to change DNS response to spoof the original page, as payload of HTTPS is encrypted until you own certificates privatekey. Mitigate TLS handshake is also super complicated as selfsigned certificate will be automatically refused and no CA will generate cerificate for already existing domain. At the sametime many web sites nowadays use DNSSEC and HSTS, which prevents practically every MiTM attempt of attack on HTTP protocol. So browsing internet over HTTPS is really secure even if there is someone listening as only info he will get is URL (even that can be changed as DNS request can be encrypted and sent using TLS and TLSv1.3 allows SNI encryption)
except there is information disclosure even when SSL is used... ex: the victim is sitting in his pajamas in a motel6 browsing the raunchiest porn imaginable, and you know this because you just watched him spend 3 hours hitting porn sites over and over, occasionally clogging up the network with what is most likely video streams. you add this to your blackmail runbook, you don't know "exactly" what he was viewing, but he doesn't know that... however, had your target been using a VPN you'd have no idea what was going on. zero. ---- separately, and maybe a salient point, there is more on the 'net than websites, and not all mobile apps use encryption like they should.
yeah you're right but I already mentioned that. Using encrypted DNS stops that though, and you can do it for free. Someone could see its video streams, but so what? Without the domain it could just be youtube or any other video streaming website. My point is that not using a VPN is not "insecure" and "dangerous" like how it's portrayed in this video. You are sacrificing a bit of privacy by not using a VPN but there is not really any security risk. My point is not that commercial VPNs are useless (I use a paid commercial VPN myself) but the average person probably does not need one and companies like Nord manipulate the technical details to get people to buy a service they do not need.@@sexyplexie
Well, secure dns exists
I wil do 1 pushup for every like this comment gets. And 50 for a Chuck heart❤😂
Do 50 for health 😂
Do a push up for all the same comments you left on multiple channels for likes🤣🤣🤣
Edit: The clown couldn't do 1 push up irl💀
@@numb0t Ngl this is the first time i did it lol. Actually crazy the numbers😂😂
@@robertlemonsjr lmao
When do we get our pushups
Evil twins are still a man in the middle...
Chuck, I had 22 years in I.T. from February 1995 at 38 until retirement. As you know, and even indicated that when a man in the middle enters a connection. There is a noticeable pause in the connection if people are paying attention, and packet transfer noticeably slows down!
"If people are paying attention": they're not
"Packet transfer slows down.." : MY internet is slow!
@@YerBrwnDogAteMyRabit
I had 22 years in I.T. from 1995 at 38 until retirement. I'm also a Disabled Vet living on a meager V.A. Medical Pension. I run an old 2015 HP All-In-One (AOI). There are a lot of reason's why people "think" there Internet is slow. How much I.T. and Computer OS knowledge do you have? I might be able to help you increase the speed of your computer which will increase the data transfer.
If the attacker does it properly there wont be a noticeable delay or transfer slow-down.
But as TLS is nowdays the standard, not very much can be done anymore anyways. Man in the middle on that gets detected, even if you had a validly signed CA, you can notice it.
ARP-spoofing can also be detected, but very few systems actually report this as an anomaly. To be fair, most users wouldnt care either way..
Hey I want to start with cyber security penetrating and securing, what language is good to learn first?
@@Mst.Prototyp English. LOL, I know what you mean. If you're talking about programming. C++
So basically the only difference between *Noob* / *Hipster* / *Pro* is the budget they have, nice lol
My thought also!
Apparently the Noob knowing how to do this on the commandline is worse than the Hipster/Pro that use premade tools.........
You can spoof the DNS. But how you will fake the certificate of the https?
exactly my question... he didn't go over the fact that it is way more complex and outright impossible to perform an evel twen attack with many websites due to many reasons... this stuff that he explains and puts emphasis not to use for evil intent are so outdated that it wouldnt even work in a modern setting! great and entertaining content as usual though
Woot, if he spoof the DNS he can just serve any website? The certificate is there to stop the man in the middle attacks, to read the data going from computer to server. If the you spoof the server, so the client talks to your server instead, you can basically send any website to the client, right?
@@GALENGODIS No, the browser will reject it because it can't prove its the actual owner of the domain (because it doesn't have a certificate)
@@GALENGODIS yes it can send any website without ssl. Browsers show big warning for the sites that doesn't use ssl so it is still nearly impossible.
HTTPS: am I a joke to you?
VPN: lol ye u need me bro
Only thing funny for me is, there's a guy named Kevin, who bakes cookies in his KCC, and here's Chuck, who fucking loves coffee...Wow. #GG
This is my second bullrun, and I must say he’s speaking all facts. Influencer get rich off of paid shills and courses not from their portfolio. Don’t be the exit liquidity
It seems according to your video the pro-hacker uses pre-built tools and executes pre-built scripts. He sounds like a script-kiddie to me. What makes him differ from a noob is, that he has the budget to buy this expensive tools. I think the noob is the even better hacker, since he has to do everything for himself and has more insights into his commands and tools.
Using tools like the Flipper Zero and the Pineapple does not make you automatically a Pro.
This guy is amazing, i remember when he said once he was a toilet salesman, I'm just curious because he got the skills to sell you anything, how can he convince you to buy a toilet? Was he like, hey this toilet will make you shittier than this one? hahah
My take aways are. 1. The wifi Pinapple Enterprise is one scarry device! 2. Never use public WiFi. 3. A VPN is not a bad idea if you simply want to surf the internet and do basic stuff in private. One of the primary needs when I purchased my laptop was that it had a cellular modem built in. Sure I could tether to my cell phone but then there is the WiFi again. The built in cellular modem negates any need of WiFi connection most of the time and allows for marginally better security. In my case the bit rate of the cellular modem in the laptop is also much higher thanks to much superior antennas compared to that of being tethered to my cell phone. This allows me to turn off WiFi when I travel which is what I do. Yes I am aware that there are also cellular hacks and devices like the pineapple (Stingray) too but the cost of entry and implementation is considerably higher limiting vulnerability. Another good infomercial.
Great video! I actually really liked the noob, hipster, pro differences. Great balance between cheesy names and technical differences. Would love to see more like this!
I didn't watch it all yet, but the 'pro'' setup looks like a HAARP station...
What if the NordVPN server gets hacked, then they got all you traffic remotely without even having to be near you with a WiFi spoofer. Scary stuff. BTW. The AircrackNG-Suite is useless with longer random WiFi passwords. This video is trying to make it sound like everything is so easy. liol
Somehow hipster and pro looks to me more of a script kiddie with a proper toy. Respect for the noob for understanding and doing the whole setup by himself😅👍🏻
My thoughts exsactly, i was like wait these tools don't let you understand jack shit because I guarantee both those tools/toys are using the same linux based open source applications.
Yeah, I was going to say the noob knowing all that code is not a noob. But I get how programs would make life easier and would be smarter to use them than to not.
its nice that he shows nordvpn actually at work for the sponsorship
Is this that guy that failed on gold rush? The x-metic with the beard? Are you that guy?
Correction, the pro hacker wouldn't even leave his car to enter the business. No need to show up on the security cameras.
Dare I say they don't have to leave their house?
this is probably one of the best advertisements for nord that they have ever commissioned. Nice job.
😂 The very hungry caterpillar…
Great novel.
I should read again it’s been a good 45y since read cover to cover.
Hey Chuck can we got a video about DOT/DOH ? Is it enough for regular people to overcome man in the middle attacks [ to overcome being listening which websites bob reaching ] ?
What's one sign you're old? When you still call Wireshark "Ethereal"
Back in the day we didn’t knew how to say that name so we pronounced it “Ethe-Real” 🤣
16:42 a little detail here: If you point a dipole at a direction like a stick, you are actually pointing in the direction of the blind spot of the radiation pattern. (It's like pointing the handle top of a lantern in the direction you want to read.) Ideally two Dipole Antennas would be parallel vectors, normal to the same plane.
Wondering why do we need to buy separate hardware when everything can be done by using a laptop 😂
laptops have not a strong signal tho, that's an issue
The fact that people have wifi auto-connection set up on their phones is indeed terrifying.
Doesn't SSL kill MITM attacks?
yes
I'd say it depends. For example on what type of data the attacker is targeting and what kind of control they already have. The legit encrypted traffic will be useless for the attacker. But Chuck also mentioned captive portal or dns hijacking with the fake website. If the attacker uses that with a valid ssl certificate which is trusted by the victim's browser, an oblivious victim might not notice that they are visiting a fake website. For example if they just see the padlock icon and assume it's safe while never verifying the certificate. This is still a type of mitm that can work to steal passwords or other form data. Please correct me if I'm wrong though.
Sure until you connect to a site that isn’t using SSL, and they inject malware into your web traffic giving them remote control over your PC.
@@pablodavico No, it doesn't depend
Captive portal doesn't use https and does not have a domain associated with it
DNS hijacking is completely prevented by https (ssl) because the site cannot prove it is the owner of the domain (because it doesn't have an ssl cert)
The only worthwhile attack showcased in this vid was the captive portal attack
Chuck, it is always a pleasure to listen and take in what you are saying. I have been playing with computers since 1974, skipping out of high school to play with a PDP11 at the local teachers college. These days my mind while active, still frustrates me to keep learning to try and stay one step ahead. What I learn today, I will most likely forget in a couple of weeks :-), hence why I actively come back to your site. Kali Linux, brilliant, but it can turn a very dumb person into a uncontrolable hacker, not by their brilliance, but by the simplicity of the tool. Today, I thought I was relatively safe by not using public wifi, how wrong I am, not knowing that my samrt phone would continue to broadcast for the networks which I do trust.
I use to have a phone app that could automate certain tasks, like when GPS co-ordinates are within 50m of "Home" turn on wifi, otherwise disable wifi
Decades later I remember the password to the school's PDP11 but not which class made that relevant. Good times.
Longest ad I've ever watched, and I like it
HEY, NICE LAPTOP CAN u tell what laptop is it... i've checked description but didn't get the same laptop with that RGB effect, btw nice video
This is the thing that I've never understood how people allowed into the wifi standard. Instead of walking into a room and listening to everyone say their own name and then figuring out if you know any of those people, wifi protocol says you should walk into a room and then shout the name of everyone you know asking "are you here"?
It's totally backwards
Bro networking is always and will be easy target, who made it is dump
🔥🔥 Dude you are the best IT guru out there, I've done my CCNA in 2011, but no one has explained topics like you do, You dont just explain "How" but you also explain "Why", adding it with analogies, that's what a great teacher does. Explaining the WHY with ANALOGY. You will be remembered for generations🔥
Only that the teacher forgot to tell about ssl certificates thanks to which you do not eavesdrop on network traffic. What was shown worked 10 years ago, when ssl/tls on the web was not the stadard :)
@@user-dq7zc7lz8qexactly this won’t work now
@@user-dq7zc7lz8q I honestly hate that they're still called SSL certs, when it's really TLS. And honestly, the only reason why SSL certs are the standard is because of LetsEncrypt offering free certificates. Kinda bonkers to think you used to have to pay a couple hundred USD for piece of security, or use some shitty webhost service and pay them $20 or whatever. Yeah, you could selfhost a cert, but then no browser would see it as legit.
@@user-dq7zc7lz8q but then whole video could be squeezed to 1 minute short (or how is yt reel alternative called) :D
love how you make a storytell!
I just watched a 22 minute commercial and I'm not mad!
didn't mention that most of those stock evil twin captive portals use http instead of https or have a broken padlock, and many login pages have to be tweaked to look convincing because they don't look quite right.
That's a really good obsvervation, the default evil twin attack doesnt use https, you can customize it and generate a self signed cert tho. I know a bunch of people fell for evil twin, even if the webpage was marked as secure by the browser with tls encryption, they easily got nervous and frustrated, in order to restore the wireless connectivity, they submit the Wi-Fi password without thinking twice.
@@Francesco-gi8kg Self signed cert won't match the URL though. Your browser will tell you this is happening.
You probably aren't the target then. Most ppl that are tech savvy or work in the industry are able to spot when something looks or feels a bit off. If you know, you know and can react. It's the people who don't know, can't spot irregularities that pass it off as a glitchy system and keep plugging away while giving up all their goods that get targeted. Same reason that phishing and SE are still effective attacks. Doesn't matter how many times you tell them, people still fall for the simplest of methods and are helpless against even the minimally sophisticated attacks.
Why using airodump, or hcxdumptool, its obsolete, just use bettercap with auto PMKID fakeauth clientless attack.
Collecing WPA handshakes is old, and not productive. Everyone uses 5ghz and deauth attack doesn't work there.
Aircrack is also obsolete, because there is hashcat, which can utilize gpu to increase performance a lot.
Not legal advice 😂😉
Sto studiando....già adesso meglio di prima .... ma non sono ancora pronta per attacchi così brutali....devo studiare ancora......grazieeeee
Chuck question my daughter is going for IT. What recommendations can you give her she knows the basics. What steps do you recommend she needs to fallow. Thank you by the way your videos are awesome.
I laughed so hard when the 'Noob" pointed the antennas at his target like it was a dowsing rod!
I've always insisted to my friends and family that they need to turn off the WiFi on their phone when they leave the house because of the twin attack.
Honestly, with how fast and energy-efficient cell data is these days, as well as the proliferation of unlimited data service, I often don't even turn on WiFi access at the house.
Wifi on a good home internet connection still has a lot of advantages, such as being able to access devices in your local network, often lower latency than mobile and "unlimited" mobile plans not really being unlimited. I'd rather have my traffic run over my own house-wide vpn setup at home than whatever my cell carrier does with it, although it's probably pretty safe there as well
@@game-tea I always use a VPN on my cell, your ISP routes data through the same hubs that cell towers connect to, after all, and I've never had issues with my unlimited plan not being unlimited. Can you explain that last one to me?
Me a decade ago pointing my Yagi Antenna at all my neighbors 🤣
Twin attacks need user interaction when the cloned network has a password.
You cannot spoof the password, because its part of the handshake, proving both parties know it.
Lol, I've also noticed =)
Antenna rods have "blind zones" forward and backward of their axis. So, if you want to minimize signal from/to some target, just point antenna tip on it!
Great video as always sir! Not a very well known technique but you must point those antennas directly at your target for maximum efficiency 🤫
Not much you can do? Heres how to stop ever single one of these attacks:
- clear your saved networks every once in a while
- check for https and check if the domain name is accurate.
- dont install certificate root auths you dont trust. Too complex? Wipe your computer once every year or so.
Boom none of these attacks will work on you.
I just started learning hacking and this video just gave me a whole new perspective for vpn rather than just for traveling countries
literally hit the pause button to go make some espresso first. your a gangster.
Even though you captured the data with an MITM attack, as almost all websites use SSL (HTTPS) these days, data is still encrypted and unreadable, so the risk is low. Also with the evil twin attack, there will still be an SSL issue as the fake website (e.g. google login) will not have a valid SSL certificate. And as most web browsers warn if the site is not SSL using HTTP (no SSL), this would require the user to ignore any unsecured website warnings from their device. So VPNs do give an extra layer of protection but it is not required, just don't ignore any warning your device gives you about unsecured websites and all should be good. At least this is how i understand this.
Problem is when there are compromised Root CA certs from time to time. It happens from time to time, and would then allow them to MITM SSL with "legitimate" looking certs.
This video is more about tools. I'd say a pro hacker is probably someone who runs autoscripts in Termux in his mobile phone or in his car😂
Great video sir. Enjoyed it fully
Charles, I love your hair and presentation.
I really like the video editing and animation/drawings
Great video: you make even the mundane sound fun , i love your enthusiasm
Actually, I would consider the noob (whom is making everything manually) as the real pro, he understands how every attack works 'behind the scenes'
I don't use wifi a lot. Typically stuff is hardwired at home. Seems like you're in better shape if you're not broadcasting wifi.
Why do you have to set up flipper zero somewhere instead of just keeping it in your pocket.
It is not true that using public WiFi is unsafe. Such eavesdropping was possible 10 years ago, not in 2024. You forgot about a very important thing, namely SSL certificates, which can no longer be eavesdropped or forged. However, you forgot to mention that.
I understand, though, that the purpose of the video was to highlight the dangers of public networks to encourage the purchase of a VPN service.
also HTTPS made public Wifi safe for 98% times that you are on public Wifi
@@tcbobb1613 the certificates I wrote about are https my friend. I wonder how you calculated this 98% :)
Was looking for this comment
Chuck knows well how to inject a Sponsor into his videos :D Great video btw. learned something again... Thanks Master
Any chance you can make a video on firewalls/layer 3 firewalls?
Awesome explanation, thanks :)
nah, those monitoring wifi cards on the pro hacker would be in some sort of box that would look like a powerbank for his phone and do all the attacks from his phone or use the flipper. About the wifi passwords cracking there is also an alternative more scarier method, once you have collected a bunch of handshakes from all sorts of different wifi networks and you want to crack them an expensive graphics card or even worse an online service that has such graphics cards is all you need to crack them sick fast. very nice and informative video though.
If you really want an coffee shop WiFi password all you need to just use dictionary attack. Simple
Noob on Linux Pro on Windows?
This is very off topic. but what is the background song played from 5.50? 😊 btw really nice and informative video 👍