Track & Connect to Smartphones with a Beacon Swarm [Tutorial]
HTML-код
- Опубликовано: 21 авг 2024
- Our Premium Ethical Hacking Bundle Is 90% Off: nulb.app/cwlshop
How to De-cloak & Connect to Devices using a Beacon Swarm
Full Tutorial: nulb.app/z4d4y
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
Cyber Weapons Lab, Episode 039
When tracking a target, discovering the device MAC address is essential. However, smartphone manufacturers program their devices to give a randomized MAC address when connecting to a Wi-Fi network. By combining the karma attack, the ESP8266 Beacon Spammer, and research by Mathy Vanhoef, we'll show you how to de-cloak smartphone MAC addresses on this episode of Cyber Weapons Lab.
To learn more, check out the article: nulb.app/z4d4y
Follow Null Byte on:
Twitter: / nullbyte
Flipboard: flip.it/3.Gf_0
Website: null-byte.com
Weekly newsletter: eepurl.com/dE3Ovb
Vimeo: vimeo.com/chan...
![Use Nmap for Tactical Network Reconnaissance [Tutorial]](http://i.ytimg.com/vi/ltEFbi_I2KY/mqdefault.jpg)
![Use Nmap for Tactical Network Reconnaissance [Tutorial]](/img/tr.png)
![Haunt a Computer Using SSH [Tutorial]](http://i.ytimg.com/vi/M0eEwqUpKDc/mqdefault.jpg)
![Find Vulnerable Services & Hidden Info Using Google Dorks [Tutorial]](http://i.ytimg.com/vi/u_gOnwWEXiA/mqdefault.jpg)
i saw him blinking 1:48
now i can die in peace
Thanks to this Mr. Whills, he let me know what he could do remotely and what he couldn't, which was the first thing I admired, because others may have lied even if they knew they couldn't get the job done. They can do phone hack, social networks, phone / pc unlocking or any other hack related service you might need. This post is for those who actually require the services of a reliable, trustworthy and confidential hacker. Mr. Whills is reliable and I can vouch for his services.text +1(830) 320-4014 if you need help.
Ha ha 😂
Zero Latency on that pair of Peeper's...
I assume it was a watch dog circuit driven soft systems reset of some kind. His speech buffers smoothed the transition for uninterrupted data streaming.
This why i don't ever use an open wifi network. Great work, respect.
5:03 HE BLINKED!!
1:09 1:08
1:30
I think this guy could out stare chuck norris
Yes, he's a human. Let's get out of there.
Jason V ☆ But not Christopher Walken.
R.I.P. Sweet Prince
The gateway to that new platform we talked about is getting closer. Incorporating different hardware and a bit of coding into the equation was a nice touch. When people ask me where to get started, I send them here.. Thanks for another great video!
Thanks for the comment and for watching!
no prob, always great content... Check this out its like 50 mins long but its about spraying packets into the ring buffer and using the Wifi stacks pcie connection to get to the kernel with Broadpwn and fakeAP.. He then goes on to have these phones think they're connected to their home network and infects them with a worm with zero user interaction its pretty awesome.. From Blackhat vegas last year ruclips.net/video/TDk2RId8LFo/видео.html
Interesting and informative. You are taking this channel to a whole new level. Thanks and keep them coming.
Entertainig
So happy I met @katherineglamour on telegram he changed my life after being duped on this platform so many times he got my cards delivered to me with great balance on it so I’m so proud of him and he is the only one of the few I can vouch for here much love for him❤️💯
A new level of what? Committing crimes? Thats all this crap teaches most people is violating peoples privacy illegally.
@@zkrypticpvp8206 Thanks to this Mr. Whills, he let me know what he could do remotely and what he couldn't, which was the first thing I admired, because others may have lied even if they knew they couldn't get the job done. They can do phone hack, social networks, phone / pc unlocking or any other hack related service you might need. This post is for those who actually require the services of a reliable, trustworthy and confidential hacker. Mr. Whills is reliable and I can vouch for his services.text +1(830) 320-4014 if you need help.
@@joshuamenard699 Just ignore the spammer/scammers they are bots
Dudeee just got recommended your videos, this is insane ... can you really take control of smart phone devices? Like what sort of things can be accomplished with control of a device .. again this is insane . My second video watched from you and I think you just started me down a career path I had no intention of going down. The level of intrigued I am is indescribable .. you make it sound so easy traversing around digital hooblah.🙏🏻
this guy needs a gofundme/patreon or something for better recording gear; the topics and info are well above par and the little extra quality would really help. I keep getting the feeling he's recording this on a cellphone. p.s. who the hell is down voting these videos?
Yes..hook it up let's not get too popular, then we are all hacked!.. right?.
The government could not have wished for a better surveillance device. The smartphone is a dream come true for intel agencies. Camera on both sides; biometric like facial rec and fingerprint; microphone to eavesdrop when not using phone; multiple tracking like gps, cell triangulation, this, providing history and current location; who your contacts are, and get the communication between you and contacts voice(calls) or text/email/apps, and even what your thinking through searches and possibly much more from certain apps that have todo list, long term goals, etc. They don't even have to make you or secretly plant it on you.
This is why I clear out my wifi saved list often. Great video !
I just use, forget this network.....
Cool thing to do is when you connect to a beacon you will be redirected(like guest login page) to access point with rickroll or something
TANK YOU ESSENTIALSPY YOU ARE THE BEST
Hahah anybody else see the ssid “FBI-SurveillanceVan” 😂
It's fairly common actually : )
yeah ive seen that lol
lol
Yeah lol theres two ssids like that in my neighborhood. Also 2 ssids called "touchandgethacked"
yes i have one by me
This may be useful for detecting trespassers in certain areas. People will carry their phones with them even when they commit crimes.
Omg 2 really good videos in a row
Thanks to this Mr. Whills, he let me know what he could do remotely and what he couldn't, which was the first thing I admired, because others may have lied even if they knew they couldn't get the job done. They can do phone hack, social networks, phone / pc unlocking or any other hack related service you might need. This post is for those who actually require the services of a reliable, trustworthy and confidential hacker. Mr. Whills is reliable and I can vouch for his services.text +1(830) 320-4014 if you need help.
This is the most authentic video I've seen in RUclips instead of the others 😂
I like that you captured the WiFi of a FBI Van 16:05
You're on fire with all your great content!
Thank you! This was some original research I was pursuing that a researcher and developer did a lot of the work for, so I was glad to be able to present it here.
This guy is amazing, so happy i found this channel.
Because MAC addresses are randomised, it's still not possible to link a person to a specific device so you can only track random devices and not the individuals who own them. A similar thing is used on bank issued RFID chip-cards to prevent tracking - the card ID is now random, where it used to be fixed. Someone using an RFID gate that someone could walk through could use that for monitoring people - more likely at a supermarket or other commercial place for marketing purposes - whether you use your card or not.
What about looking through their cameras?
Finally someone said it. This whole tutorial seems pointless, unless you know the exact unique BSID of their personal access point at their home. Only then you could link a person being present in a certain area.
Two uploads in one day! Thanks !
Almost done with my BS in Mechanical Engineering. This guy makes me want to switch to C.S. and start over again...
@@emilia8620 no he shouldnt
_Darude LANstrom_ and _FBI Surveillance Van_ are hilarious 😂😂
NSA Contractor Van #3
You're keeping to get better and better! Keep up the good work! Very informative stuff! I'm excited to see the Metasploit part!
Thank you!
@@NullByteWHT You're welcome!
@@NullByteWHT how can I contact you
Pretty good. Based on the vulnerabilities presented, I say open BSSIDs should be automatically deleted after not being used. And that this rule should be part of 802.11 specification. Also to further prevent this abuse in areas where there are active open BSSIDs, one possible solution would be for the operating system to remember the Mac address as well as other telemetry data from that specific BSSID and only allow future automatic connections if and only if the telemetry data matches the already recorded ones, otherwise it would disconnect, alert the user of potential risk and ask for a manual reconnection.
Wouldn't IEEE have to make a new specification if they modified the rules tho?
Once I get my pc or laptop set up I will start applying those things that I've learned from your channel, thanks a bunch.. Take care!
you also need a beacon swarm for this attack
Just be careful dont get arrested with any legal activity bro
One year later bro, how did you make out?
@@gronderful8871 still dont hve pc.. 😂 😂
I feel like this dude can hack me after i leave this comment
Why would I do that HUNter
@@NullByteWHT Dunno, but i would totally hack myself ;)
@@justcallmesteve9123 That's why you aren't a CEH.
And he never blinks, virtually no weakness!!
Wow
I just stumbled and discovered your videos. Love your videos and your easy to understand method of explaining your content. Awesome and keep the videos coming!!
Thank you for watching!
You didn't stumble, you were hacked..
This guy never blinks
not only were you nowhere near a burger king, you were so far away from one it didn't even show in your list of available connections 😄
For windows, a program called wifichannelmonitor is good, if your wi-fi card can do monitor mode. From nirsoft. I see all sorts of devices trying to connect to somewhere (phones and even vehicle systems), living on a main road with a lot of traffic makes for some interesting information, some devices even give a list of previous networks they've connected to.
Sounds cool I'll look into it.
That's why I will never connect to Starbucks or any other hotspots.
Jon just having your WiFi on is good enough, my friend duplicates people’s home network on his WiFi pineapple and it will automatically connect to his WiFi and he can do some crazy stuff.
@@2yoked70 what all can he do then
Just use a vpn
the video is amazing and also informative. just one thing, once i find the devices connected to me , how do i gain access to them. thats the tiltle of the video but u never told how to track them? could you pls reply
He always tell the half truth
RUclips policy bro take a look at nullbyte website
All these people saying he doesn't blink... he blinks all the time! He is just a swift and efficient blinker. Notice that mostly he will blink as his head moves between areas of focus, so between the camera and the board he will generally blink. If he looks down or to the side he is usually blinking, also. And after big gaps of talking to the camera he will even sometimes blink twice as his head moves around.
So he blinks, but if you... uh... "if you blink you'll miss it". 😒
Fascinating stuff, however I'm just getting started with this. Would be nice to have updated info as this video is nearly 2-1/2 years old.
oh my gosh that freaking gaze at the beginning haha very nice video
Do you have a course on Udemy that teaches all these?
Not a bad idea, I'm going to look into it.
I am also willing to pay for great course that teaches ethical hacking from beginner to advanced level
Agreed
Waiting
@@NullByteWHT You'd make a killing for sure.
where all this knowledge come from ?? man you are a genius...keep up the good work
Sir you are doing a great job people must have to support you and appreciate your adorable work
How weird would it be to have Null Byte and NetworkChuck making a video totally different guys? 😂😂
This channel is pure Gold..you got the midas touch.
Thank you for showing everyone how to track me for no reason whatsoever.
7.23 Martin Router King 🤣🤣
Thanks again cody, great video. I like when you use the white board to explain. keep it up
Thank you! Very well done. I ordered that parts. Can't wait to give this a try!
Awesome! Would be cool to make a dead drop device 😀
Dead drop device?
this is the real mr.Robot
You should change the camera focus while writing on the white board.
I'm so glad I found this channel! So informative.
He seriously got really happy to talk about this ☠️😅
Always remember the most disrespectful thing u can do as a hacker is run your nutsack across another man's keyboard
This bro is android.. he doesn't even blink his eye
Fascinating stuff, however I'm just getting started with this. Would be nice to have updated info as this video is nearly 2-1/2 years old. LUXURYHACKS🟢NET
Very interesting video. It’s obvious some time was spent preparing and becoming proficient with the tooling. Well done 👍
How long did it take you to learn all of everything?
Wee-no... R-dwee-no. Also, I think Seytonic pronounces it Space-hun; like Attila the Huhn. I don't think it is Space-hoon. I know they collaborate together so that's likely correct.
Great tutorial though; thanks for posting :)
As someone who has educated themselves in a lot of this with time and a lot of mistakes , it is videos like this that I wish Id have had then. This all started by way of finding a random post on some random blog with an Ubuntu image link over a decade ago and going from there I just wanted to let you know that this channel is awesome. You're awesome. Stay awsome. Keep it coming, especially this next level shit.
This video is as one commenter has already said.. "taken this channel to a whole new level." Nailed it. Keep then coming.
"It hurts when I... oh...these are great..". I died laughing
Android phones now dont just randomize probe source mac addresses, but also creates a random static connection mac that gets associated with an AP and is saved. Each AP gets its own random mac. Which means someone isnt revealed when they connect.
"I was reading this paper" says kody as he reads a flipping PhD paper to deliver this stuff to us
did i told you how much i like this Guy
Well done man. Very informative and simply put
bruh i’ve been in a starring contest w this man for several videos.. i don’t even kno wtf he’s talking about but i’m not giving in
This dude does not blink. Ever.
Great content though.
That's some next level Jason Bourne shit right there...
For me the very best cibersecurity channel. Congrats
Oh perfect I just installed spacehuhn's software on an esp8266 earlier this week!
@Hitecyberspace on telegram got my back when bank seize all my property's , I was left with nothing until I met him telegram.
Lovely mic
I love the way this is done for me! It's always a great day to see him uploading hacks! Massive props to the team WhillsworldNet
Genius work. Good job . Respect
I sat beside a guy who lived in a different county and after my Android showed me weather info from his location. Why?
Aha! He's human! He blinked twice.
Apple devices have the option "Ask me before join into a WIFi". It's annoying has it enable because it pops ups all the time but it's safer
dude duck there is a laser on you lol im like is that my screen ???? lol
This channel is gold
But if the fake network pops up it doesn't mean that my phone will automatically connects to it, even if I was connected to the real one before. Right?
Oh it totally will. That's the point of my research, it doesn't even ask you.
My wifi turns on by its own and connects to the strongest open wifi connection...every. damn. time.
You are like the Sheldon on hacking. So very knowledgeable and well said. Build a school and let me be your first student.
This guy got muscles from fuxking typing
Randomly popping into my recommended. You are good. Keep it up!
Love your vids! Keep going!
with MITM attack you could easily setup a proxy page which will capture login details of an unsuspecting user, but it won't actually send data to the real site, instead it'll return an error saying their password was incorrect, or connection error, some kind of fake message in its place. The user could capture their failed login attempts for the site a person was trying to login to. The user would then have their program disconnect that other user and return them to the real login page where they will then login for real, while you have just easily walked off with their login details, making that other user think they mistyped their password or just having a network error of some sort.
Q: can any LAN user snoop on another LAN user through some MITM attack tools, wireshark and such?
Can such a user also cause harm to the n/w through flooding it or bringing down the n/w?
Are there ways to protect one's n/w against such intrusions?
I ask because, such attacks as mentioned above do not seem to need the router credentials and so theoretically any LAN user can upend his n/w?
TIA
Quality stuff. Learning so much! Thank you a million times!
I didn't understand well, but i understand the concept in general. Interesting man!
Cyber Security IQ, Thanks for the heads up.
This guy is the real mr. robot
Great Content, Kody, just like always
What's the worst things that can happen when someone connects to the attackers WiFi?
What capabilities do you get once connected? Trying this at my lab at home. Great video and thanks for the upload.
You literally got me interested in switching from the oilfield to the infosec industry. Same wage range and infinitely less likely to experience market volatility.
“Track and and connect to smartphones” gg
Gives you too much information about me don't like it
Always intriqueing information and often what keeps me going on my path to IT as a career
Very nice videos bro, also it would have been better if you had shown these 2 devises how they look like, or where to buy them from as we might end up buying wrong product, obviously we are in the learning process and can make mistakes very easily.
Spaceshuhn is german (Huhn = chicken) speed it like „Spacehoon“
So, to defeat this hack, all 1 need do is never authorize future connections, simply don't select "Automatically Connect", not even on your home wifi network, as it's details might get hacked and added to a beacon swarm, then it will be pretty obvious who you are, the only person who connects to your home network. Instead, if you ever need to connect to a network, always opt to punch the necessary buttons to arrive to the connection, at the time you need to connect and never for any future connection that you might presume, but which doesn't justify the security risk of having connection info stored on your phone for hackers abuse.
danielvincentkelley smart man.👍
Can I ask you a question? If I connected to a hotspot from the laptop of another person do you think that the person has now access to my phone?
@@alemart6102 No. I assume your phone was the Hotspot? Change the SSID and Passphrase. Done. Also, if you are friends with this other person who owned the laptop, you can always go into he wireless network settings and delete the profile that remembers the hotspot. But, simply just changing the SSID and Pass of your hotspot will stop their laptop (and all of your own shit) from auto connecting to the hotspot next time it's on.
Stopping future devices does not stop this attack. This attack uses current connected clients using de-auth. It then man-in-the-middle attacks the reconnection. To successfully block these types of attacks, its best to add more layers of security. For example you can add a firewall, a physical firewall to the edge of your connection. Next set the device to only allow certain MAC addresses, enable RADIUS or users accounts, etc. Even if they do successfully compromise your wifi password, they still have extra layer of security to go through, which this tutorial does not cover. Thats the way to truly defeat this attack.
Tor... Tor isn't Tor anymore.
Starbucks unironically calls their WiFi network "starbuxx". At least they're honest.
I am new to this. Going to school for cyber security. Can i do this just with my probook 640 g2???
Yeayyy. He blinked in first minute
I love Null bytes! And I love the Intro! Cyber Weaapons! Oh yeah baby ^^
Thanks to this Mr. Whills, he let me know what he could do remotely and what he couldn't, which was the first thing I admired, because others may have lied even if they knew they couldn't get the job done. They can do phone hack, social networks, phone / pc unlocking or any other hack related service you might need. This post is for those who actually require the services of a reliable, trustworthy and confidential hacker. Mr. Whills is reliable and I can vouch for his services.text +1(830) 320-4014 if you need help.
Great content all the way around. Enjoying the channel. Thank you.