How risky is an Insecure Wifi Network?
HTML-код
- Опубликовано: 12 сен 2024
- How dangerous is an Insecure Wifi Network in 2024
Official Discord - / discord
Follow me on X - / atericparker
Disclaimer: The content in this video is for education and entertainment purposes to showcase the dangers of malware & malicious software. I do not encourage any form of illegal hacking, nor do I encourage the usage of game cheats, cracks or hacks.
Cracks are sometimes shown to highlight the dangers of software piracy, my content is not intended to teach anybody how to pirate, or maliciously hack.
More Malware Investigation Videos:
→ The latest "NORD" Malware - Nordsecured: • The latest 'NORD' Malw...
→🧧VIRUS WARNING🧧 NEW Optifine for Minecraft 1.16 SCAM: • 🧧VIRUS WARNING🧧 NEW Op...
→ The wilkreate RUclips stealer virus that started this whole trend: • Fake sponsor DESTROYS ...
(C) Eric Parker 2024
no wifi should feel insecure... network bullying is NOT okay
negawatt
Fr💀
@@PuceGaming445huhhhh
Bro mas mixed his thoughts 💀
I once connected to McDonald's free Wi-Fi and before I knew it, Anonymous hacked my entire family tree :(
L
darn it!
one of the best IT youtubers rn
He will be big, not extremely fast, but also not slowly
Says more about you than him...
Agreed
Ever since he took out the background music for sure
6:19 Leak
it may be intentional by him
@@Win_7 Whats the point of that 💀
Thanks for pointing out.
@@EricParker It's still visible, before it's censored out
I went to it just now and realized that my ip address might make its way into the video, oops
I think a misconception is that you have to be on an "insecure" network to have a security problem. Being on any network with other users is a risk.
Maybe you trust that both your device and the network itself is secure, which is not always the case, but what about anyone else on the network? They're probably not a malicious actor, it's more likely they're computer illiterate, which means they've probably clicked the wrong thing and their box is already pwned by malicious actor(s) who can then use their machine to attack you.
Hey Erik! I love the channel! Could you make a video on the Roblox chrome extension BTRoblox? It has permissions to read data which could mean account cookies. Thanks! Keep making great content
btroblox is pretty fine for me personally and i think it uses reading data to see prices of robux and stuf on items
it's literally open source
It's safe 💀
👍
sorry but thats normal.. btroblox ive been using for more then 1year, nothing happened. also ropro does the same
There is VERY SIMPLE RULE:
1. Don't go to non-encrypted sites over public WI-FI.
2. That is all.
No VPN necsessary unless you have to go to non-encrypted sites.
don't use WiFi outside of the company one at all. Easy
@@goresunstrider6272 or the home one, obviously
this is one of the 2 cases where using a commercial VPN is a good idea. something like mullvad or proton should work and be more trustworthy than the rebranding of 1000 VPNs that usually happens since they don't do that. (and make sure to turn on disable traffic if not connected to VPN before you connect to the wifi network)
the other case being piracy.
Nice Video. How about cellular networks? Are mobile networks more secure (AT&T, Verizon, etc)? Any other phones reachable on like a mobile LAN?
My understanding is no such sniffing is possible. In theory ina roaming situation there could be a malicious tower but I’ve never heard of it
there were some nasty mitm attacks possible back in the GSM/3G era, where one could take control of a tower or access the unencrypted payload on the backbone
nowadays, with 4 and 5G, and better monitoring from ISP, not so sure, especially given the backbone may be ISP dependant, and with it the attack vector
YOUR UPLOADS ARE SO FAST AFTER YOU POST SNEEK PEEKS THANKS MAN
I was not suprised at all, but good that you learned. by the way WPS Pin that you did talk about sucks when it comes to security. it almost as horrible as having UPNP on the router enabled
Wouldn't DNS over HTTPS also solve the issues that you demonstrated were solved by the VPN?
Hello Sir
WPA3 is no longer operating with PSK, it instead operates with SAE, so even if you got the password, you dont have the encryption key.
good videos :)
This was the video I've been looking for. I have always wondered if vpns really do work and this videos shows that they most certainly do and to what extent. Thanks!
at 6:20 you can see through the censor
it may be intentional by him
Editing pending, was not intentional. I can't stop people but seriously I am not trying to setup a CTF / ARG type of thing, looking ot see what automated vuln software does.
Hmm. If a captive portal uses a self-signed certificate it's definitely not secure, since someone could easily just spoof the page, but I expect it's a little more difficult if a system uses a properly trusted certificate... but if there's someone malicious they could just SSL strip the page and MITM it anyway and unless you were looking out for "hmm why is the login page plain text" (which most users probably wouldn't).
Do you happen to know what effect opportunistic encryption (OWE) has for open networks and sniffing from the air? I'm guessing given that you can just pull it from the air and connect you may be able to figure stuff out, but I'm not so familiar with OWE maybe the encryption is per device which would make it a bit difficult. I'd test but I've no wireless cards I can get to work in promiscuous mode yet.
Been following your videos since the XP online one got some traction and gotta say I really enjoy your content and look forward to seeing them (but I don't comment all that much) :>
Not sponsored by NordVPN, but if you WERE...
Interested in that private VPS thing. It sounded like any vpn is better than no vpn, but then there's a question if you trust the vpn more than the wifi provider.
Also this won't help much if wifi provider blocks wireguard and other vpn protocols because as a public service they'd really be just as interested in seeing what you're doing as any sniffer.
If your wifi provider blocks VPNs your wifi provider is malicious, full stop. There is actually a way to mask a VPN as a DNS server that they are unlikely to catch, but it would be limited to ~ 1 mbps.
@@EricParkerI've seen VPN traffic blocked on hotel WiFi.
Having a VPN back to your home router using port 443 gets around it. A lot of enterprise firewalls use "SSL VPN" (just their own OpenVPN implementation) on 443 for this reason.
You can do all this with openWRT and similar.
Can you do a man in the middle attack next and see if it's possible to see the packets
If you have watched any of the network analysis malware videos I have done, or the "What does windows collect" those all use MITM, but it requires the system installing an SSL cert. There are definitely problems like this possible with a malicious hotspot.
What I show here doesn't require the hotspot be malicious.
What if we connect this to windows xp?
This is interresting ! I was wondering this for a long time, the hospital i went to one day, and used a captive portal
Is there any major security difference with Ethernet if you plug directly into the modem vs plug it into the router?
time to do wireguard over WLAN
You can't get any of my data I use a VPN
Would you be able to test an open VNC connection? Like no password and all? I once had my PC set up this way in high school because the school PCs didn't allow me to enter a VNC password through the browser, but I removed it once I saw my mouse moving on its own one day.
Isnt there a Method to logout users from a current network? Then just let them connect to an evil clone with a custom dns server which serves a phishing Page instead of the actual requested one?
Great video!
Thanks!
What about the AP isolation / SSID isolation feature in professional access points?
Depends on the setup. AP isolation is mostly to prevent networking across guests (in a LAN sense).
Ahhhhh. Somebody that actually knows and thinks!
Any time anybody answers your challenge with: "mostly" yiu know they don't truly understand low level stuff!
@@EricParkerdetails, details!
Cmon, TEACH US!
@@pepeshoppingand yet you have fallen on the same boat
Another great video, Brother
Ethernet is better than Wi-Fi
Yes, it is
Always
Interresting, that's why they say, "insecure", when connecting using a resent OS. Also why am i the only one that made a real comment ? (right now)
Because most of those were posted within a 1 or 2 minutes of posting. They couldn't have watched the video yet.
It does not matter that the captive portal login is encrypted. As an attacker, I will spoof my the login page, and wait for someone to login. If that login is used else ware, like email, the fun really begins.
ok Per Mejdal
Glad to know VPNs hide the information i request and send on public wifis thanks.
What video are you referring to at 5:10?
likely an upcoming one that was mentioned in a previous video.
The VPN thing reminds me of an attack I heard of recently that could bypass VPNs using (if I remember correctly) a DHCP server and admin access to the router, but I forgot the details. Think it was called "TunnelVision". So even with a VPN you might not be safe.
I honestly refuse to use public wifi because I don't trust them, but I'm probably too paranoid 😂
personally I just use mobile data, never will trust them
finally a wifi network I can relate to
Fun is over now ;) Well, enjoy the cat.
This thumbnail is like something from a roblox porn scam, please go back to the old ones haha
Currently in a no Password (and no WPA) wifi. I just love my VPN
Hello, do you remember hearting my comment in the video about the OS when i said i was the 10th comment?, I was actually the 10th comment in that video!
How risky is hooking up with somebody at the hospital? 😂
Sniff sniff
:(
First
secon d
Brother i love your vids, but i just realised, you sound like tristan tate 😂😂
fifth
happy pride month everyone
Lmao omg
pride is a sin
@@sauliusvitkauskas8741shut up
Bro why the gays get a whole month
@@sauliusvitkauskas8741 shut up
Wrong.
A wifi, with a known shared password CAN BE FULLY SAFE by simply implementing SEGMENTATION for ALL the clients!
What does that mean?
Gp find out if you just believe these exaggerated youtubers.
But what exactly do you expect from THESE people that use a VPN, for "protection"!