@@e1woqf Split the bill. Both get it for half price then. Used to be common until people were scared by the "it could be a P. or a T. using your connection, getting you into trouble.". This is why you should know, and get on with, your neighbours.
Basically if you want to be safe against this, just like any other piece of software/website/service - have a really secure password. Larger passwords are exponentially harder to crack (as long as they aren't a common password), especially with a combination of symbols, uppercase, lowercase, and numbers.
Another way to protect yourself is to upgrade your wifi to WPA3, which doesn't have the same auth vulnerability with its handshake. Not every little smart device is compatible with it yet of course, but computers are
Does assigning and limiting IP Adddresses help? Maybe some routers can send a notification when a New device is attempting to access the network. A lot of the world does Not have the skill or money to upgrade to the latest tech or Use IP Provided Routers.
@@nin1ten1do So are a lot of people who are smarter than both of us lol And eventually, one day a backdoor will be found, and a new standard will subsequently be released to replace WPA3 when that happens just like with how WPA3 is replacing WPA2
while whitelisting MAC addresses is helpful and a good step, a fair few devices can spoof any MAC address they want (Hell, my home sever here has that option for both it's adapters in regular desktop Linux, Mint to be precise). As an aside, a hacking tool has no business being that cute.
Two connected network devices can Not have the same Mac address from my understanding. Both devices would receive some but probably not all data. The device would not function properly. This would Alert the network normal users at homes. I like increasing password length and adding special characters as AI and advances in computing make it possible to Crack shorter passwords or passwords not using special characters.
@BangBangBang. pretty sure that IS done because of how trivial it is. How often I'm not sure, but settling up a whitelist still is the security equivalent of using a $5 chain lock on your front door.
@@DFX2KX Exactly, his "logic" is very "special". Trivial things like this are just automatically done by most scripts. Getting a list of allowed mac adresses is standard procedure just in case there is a white list. Precisely because it is so trivial you just exclude this potential source of problems. Diagnosing randomly refused or dropped connections is way more of a hassle then just doing stuff like this from the start. There is no downside to just doing this every time if there are any devices online.
@@KOOLAIDxK1D No, not entirely clickbait. The pwnagotchi can be loaded with a plugin that automatically sends the intercepted hashes to an online cracking service, which emails you if it gets a hit. Doesn't get everything, but its still functional.
Amazing. A standard dictionary attack against a WPA handshake. It's truly revolutionary! I'm sure it'll be able to crack 99% of networks out there, especially the ones with non-dictionary passwords generated automatically by ISPs
You get it! I like the idea of this thing, and will definitely be making one just because this seems a lot easier than carrying around, powering up, and running commands on my Pi 2 but the reality is that this doesn't do anything you can't already do with a laptop and a WiFi adapter. I got all excited when I heard "Automatically" but I guess I needed to remind myself that a 16 year brutce force/dictionary attack is still "Automatic" if it runs itself the whole time.......
Well you need a dictionary that includes the default password lists of your local isps. For example in my area there are 3 major isps and their entire password lists add 600k entries to my dictionary. At least on a laptop that only represents a few minutes of time (I imagine a pi might add 10s of minutes)
@@Matt18001 where I do live we have router provided by the internet provider, with randomized 20 chars pass, made of digits, uppers and lowers, no default lass, so even with brute force, 20 chars would take an eternity, better to go phishing 😉 But using this tool with dictionary on a whole day of walking in a big town can still bring results thanks to the huge quantity of handshakes collected, some may be weak.
Came across this channel in one of your shorts, and began watching your full length videos - really liking the presentation and the content - you have yourself a new sub here.
It's cute, simple and cheap, just wow! And than a very nice video fully explaining how the product is made and how to use it, just AMAZING!! Definitely gonna check out the product!! :3
@@LEGENDS-ex9td It is probably something you can find online, you may not be able to buy it Ready to use, But you can buy all the parts and make one yourself.
First of all you did not create it and it is not new... Those exist for a long time... Second of all it just works for wpa (an already old and vulnerable protocol...) Which no one should use anyways... . And third of all it just catches hashes No passwords... To get a password from a hash youll essentially need to brute force try all password... And hope youll find the right one ... So more of an gimmick than a useful tool to hack wifi routers...
@@TonySmith-zq2hx to my knowledge even hashcat brut-forces to some extent... Sure you can optimize around the human psychology, or commonly used passwords but the rest is brute force... Bc hash-fcn are ment to be one way fcn. (Easy in one way. More or less impossible in the other direction.)
Does this work on WPA3? Video only mentions WPA and WPA2. Also, how about WPA2-enterprise, i.e. EAP-TLS? Should work, since "hack any wifi network" would include that.
So it doesnt actually let you hack any wifi. It does what every other wifi hacking method does. It captures the packages and youre STILL relying on bruteforce/dictionary attack on the hashes. This makes this otherwise cute little tool pretty moot as theres tons of tools out there can you could do this with that would be cheaper to build and smaller.
@@johndoe__8 Its just about capturing the handshakes. You can get an arduino IDE board for like $10 or so. And a cheap wifi antenna for about the same. The rest is code
@10:11 - NOT true anymore. Many devices nowadays use a random MAC to connect by default (unless turned off). This is done for privacy, but also breaks things like static DHCP and knowing if a "new" MAC is an intruder, or just a random one from an existing device. Of course, anyone could just clone a valid device's MAC and use it to hide.. making the security advice given almost useless.
I'm a bit confused. It surely is too slow to crack anything, even a dictionary would be way too slow. So what is it doing? Only collecting handshakes? At some point the video talks about online cracking, if this is needed, how would it be connected to the internet? How would it be "safe" to use? Seems more like a toy than a tool.
Video is misguided. The device just collects unauthorized handshakes which are called IV. You need a lot of them. With that, you would need to run it through a very large dictionary to find the password. Then once found, you can test the password on that network with a wifi device. Ppl watching this and thinking they can just sit next to a wifi network and get in with a click of a button are wrong. The entire point, make your wifi password hard and long. Set up layers in your network. Different vlans, Mac auth, honeypot for unknown device, etc.
Sort of, yes, it is the only thing that will just always work with minimal effort. But many people still make severe mistakes in password choice. But I agree, router defaults have become more sensible during the last 20 years. Doesn't prevent people from changing them to less sensible options.
It gives hacker password hash, which can be used for getting the password via brute force attack. Basically, that's the only option for hacking WPA2 network (at least, for now), but there's two main issues 1. Any Android or iOS (jailbroken) smartphone can do the same thing, so there's not much point in specific device. Sure, it works automatically on any detected network and it automatically transfers hash files to PC that is used for bruteforcing, but it's not like you can set up any phone to do the same thing. 2. WPA3 networks are protected from this attack, so it isn't of any use for them.
Also, I'd like to add that they say that this device is using AI for password generating, but I'm not sure if AI is making password bruteforcing significantly faster. Moreso, this AI is still used not on device, but on PC that is doing bruteforcing, so it's not like you can't just download its code and use it on any PC with any hash, be it hash that you got from the phone or from the laptop.
So if the password is next to hashed also be salted or pepperd it does not work? Arent wifi passwords also salted? Also because the real power comes from the software running on the device, not the raspberry it self. Doing most of the work by api web services. Why not run it on a smart phone? A person looking at a smartphone is a lot less suspisious then someone looking to this device.
It's a novelty item that was popular 3 or 4 years ago as a fun DIY project, the idea being you have a (kinda sorta) Tamagotchi toy that's _also_ capturing handshakes. In reality though, sure, you could just use a phone or some other less obvious device. (and a strong password of 12+ characters, WPA3 etc. all defeat this, it's old news - not to say hash attacks don't still _work_ of course, _plenty_ of bad passwords/WPA2 still out there)
ive had mine for a few years. Nothing new about any of this. Automated capture >> sort ssid's based on isp provider >> generate custom wordlists per isp type >> free wifi. WPA3 has been shipped with products for a while.... but is never enabled by default. Even though your password may be 12+, if it uses common dictionary words its still a shit password
I dont understand , how are you sniffing packets without connecting external wifi adaptor capable of packet injection and monitor mode ? The onboard wifi chip on pi zero does not allow you to do so as far as i know it .
So if your wi fi is being hacked, you automatically know the perp is near by? They have to be in range in order to be able to hack your wi-fi is that correct? Yes or no?
mac address spoofing is a thing, I've done it on hotel wifi before. You find mac address of an already connected device, and spoof it. So I don't quite agree with mac address filtering. Also phones nowadays use random mac addresses. The best way to protect against this kind of hack is to use a strong password, the reason this thing works is because of weak wifi passwords. None wants to type a 20+ character password on a printer, but if you want to be safe you should.
No one wants to type a 20 character password, and they shouldn't be doing that anyway. Plopping in a 40 character password is trivial when you use a password manager like Enpass, or any of the dozens of other ones available. I like Enpass because they don't store your database, YOU do. If you're not using a password manager, I can pretty much guarantee you are using the same password on multiple websites... which is a really stupid thing to do.
Printer, Fridge, Motor Vehicle (try typing on steering wheel buttons) Many things a password manager doesnt solve but its still better to use one.....@@JamesColeman
@@username-mc7jw and now are the problem - you need to login to the password manager which requires the internet, .... which could be accessed through wifi ...
This just collects hashes ? I was kind of interested at first. There are rooted android phones that can do this without all the extra trouble involved with this gadget.
So they said it works with WEP and wpa what about WPA-Enterprise or WPA2-Enterprise or WPA3-Enterprise And if that's the case that it work then maybe the industry needs to look into a different way to do Wi-Fi authentication
this is no different from using wifisher or airmon-ng tools. in the end this "toy" won't crack the password since you need to take the cap file and run it against a massive dictionary to hash the password to plain text.
This is all well & good except for 2 things… 1. No mention is given to the time it takes to crack passwords. 2. Cracking WiFi passwords for more networks, does NOT reduce the cracking time needed for WiFi passwords in the future. Btw… my WiFi is password 50+ random characters. Lol. 😈
You don't need the gateway for SSH access to the device if it is on the same subnet, in particular the standard /24 pushed by DHCP on 99% of all home networks. Just saying, because I am picky. - Great video BTW.
Could be. This voice used to have a real body attached to it in the videos (older videos were fronted by an actual English human) but he/they could've cloned his voice.
Wow...i want to be apart of the hacker community...i jave these ideas i just have trouble translating them into code❤😢 You guys seem chill...any advice?
Because I use Home Assistant, I am only using giving access to known MAC addresses. Not that I am afraid my password will get cracked, it is best to plan for the worst case. For visitors I my router offers a second WiFi network. It even has a third network for Home Assistant appliances, but two will do because of using the MAC addresses. Hint: I use the MAC addresses to give every appliance a fixed IP via DHCP. I found out the hard way after a router failure appliances were not reconnecting perfectly to H.A. thus having fixed IP's makes live a lot easier.
What a clickbait... I think i gonna watch some new eviltwin attack or something new but get the same old PMKID and Handshake methods that we have for years with fancy device like that..
You haven't, or wont "hack" a network in seconds...you will (probably) capture some handshakes that need to be run through something like hashcat...and with modern ssid passwords being so complex you'll be there a long time to crack it. Alarmist vid iym
MAC-Whitelisting is just an absolute basical protection. Zero trust is mandatory for all clients communicating in your network. The problem is not a hacker getting into your wifi. The problem starts, when he finds loads of open ports and loose listeners within the network...
48 letter passwords with specialsigns and numbers, small and big letters will not help at your network against the Pwnagotchi, aditionally make your net invisible..
Its a great tool, hard to believe it was mostly made by one person, too bad the project has been dead for a long while. Also you are making it sound like cracking hashes is cheap/easy, its usually not with strong password requirements ;).
GLHF with my long password consisting of randomly generated characters, the heat death of the universe is waiting. You need to enter the password once, so why not use something secure.
It doesnt actually crack a password though. It just saves a handshake? You would still need to run a brute force or dictionary attack which would make 99% of these handshakes useless. Wps on 2.4ghz is still the easier way.
I changed my router setting that the SSID Invisible so for example if a guest come there is no way that he can use the Wi-Fi Unless I tell him the SSID and the password so that he can enter it manually
I have built one of these and they are pretty Kool tools but this video is very misleading. Keep in mind that you are not "cracking" anything handshake wise. You are doing a reverse dic lookup of hashes. So, if the dictionary/password list you are using to compare your hashes to doesn't have the password in it, you won't discover the AP's password. Having a large password list helps a ton! However, this tool will NOT crack "Any wifi access point" like the video claims. It will also not work on WPA3 last time I checked. I get it, this video is really more about advertising the companies services than the PG but don't be so misleading :(
never trust anyone who makes a :3 face
True :3
:3 fr
:3
3:
:3
My neighbors will usually give me their WiFi passwords if I ask nicely
Why would they do that?
@@e1woqf Split the bill. Both get it for half price then. Used to be common until people were scared by the "it could be a P. or a T. using your connection, getting you into trouble.". This is why you should know, and get on with, your neighbours.
Social engineering 👍
Saving GPU power 😂
Hypothetical post....Nowadays, nobody gives wifi password 😒 🙄
Basically if you want to be safe against this, just like any other piece of software/website/service - have a really secure password. Larger passwords are exponentially harder to crack (as long as they aren't a common password), especially with a combination of symbols, uppercase, lowercase, and numbers.
Or use a LAN.
@@oneproudbrowncoat yeah carry a f wire and box around like a neanderthal
Most people don’t know 😈
Keep educate people but seriously there are 90 tries are successful of 100 times
using WPA3 PMF Enforced network would prevent it from getting the handshake i believe [well at least would help it out]
Does it find and hack wifi that doesn't broadcast its SSID?
Another way to protect yourself is to upgrade your wifi to WPA3, which doesn't have the same auth vulnerability with its handshake. Not every little smart device is compatible with it yet of course, but computers are
Does assigning and limiting IP Adddresses help? Maybe some routers can send a notification when a New device is attempting to access the network. A lot of the world does Not have the skill or money to upgrade to the latest tech or Use IP Provided Routers.
@@jbranche8024 Just use a strong password and you are safe against this attack.
Yes unfortunately very few devices even in late 2023 support WPA3.
dont care your pass i loking for backdoor..
@@nin1ten1do So are a lot of people who are smarter than both of us lol
And eventually, one day a backdoor will be found, and a new standard will subsequently be released to replace WPA3 when that happens just like with how WPA3 is replacing WPA2
The quality, is mind blowing! thank you for all who work hard to get this result, and keep it up, the content is very interesting.
Thank you very much! We appreciate it
while whitelisting MAC addresses is helpful and a good step, a fair few devices can spoof any MAC address they want (Hell, my home sever here has that option for both it's adapters in regular desktop Linux, Mint to be precise).
As an aside, a hacking tool has no business being that cute.
Two connected network devices can Not have the same Mac address from my understanding. Both devices would receive some but probably not all data. The device would not function properly. This would Alert the network normal users at homes. I like increasing password length and adding special characters as AI and advances in computing make it possible to Crack shorter passwords or passwords not using special characters.
@jbranche8024 they cannot, no. But an attacker need only wait for said device to disconnect, or kick it off the net first
ah yes you're the guy recommending to do something that nobody does because its trivial
@BangBangBang. pretty sure that IS done because of how trivial it is.
How often I'm not sure, but settling up a whitelist still is the security equivalent of using a $5 chain lock on your front door.
@@DFX2KX Exactly, his "logic" is very "special".
Trivial things like this are just automatically done by most scripts. Getting a list of allowed mac adresses is standard procedure just in case there is a white list.
Precisely because it is so trivial you just exclude this potential source of problems. Diagnosing randomly refused or dropped connections is way more of a hassle then just doing stuff like this from the start. There is no downside to just doing this every time if there are any devices online.
so it's just an automated interceptor, we still send the data to a rig which will crack the password using hashcat
Yep, clickbait
you could run the recovered hash against a dictionary in the device. Or do the same thing I used to do and automatically upload them to a server
@@KOOLAIDxK1D No, not entirely clickbait. The pwnagotchi can be loaded with a plugin that automatically sends the intercepted hashes to an online cracking service, which emails you if it gets a hit. Doesn't get everything, but its still functional.
@@CMDR_John_Crichton now that sounds more like it
Amazing. A standard dictionary attack against a WPA handshake. It's truly revolutionary! I'm sure it'll be able to crack 99% of networks out there, especially the ones with non-dictionary passwords generated automatically by ISPs
You get it! I like the idea of this thing, and will definitely be making one just because this seems a lot easier than carrying around, powering up, and running commands on my Pi 2 but the reality is that this doesn't do anything you can't already do with a laptop and a WiFi adapter. I got all excited when I heard "Automatically" but I guess I needed to remind myself that a 16 year brutce force/dictionary attack is still "Automatic" if it runs itself the whole time.......
I wouldn't listen to the opinion of a sir named Dyatlov 😂😂😂
But you're right, dictionary are in most of cases useless in my experience.
Well you need a dictionary that includes the default password lists of your local isps. For example in my area there are 3 major isps and their entire password lists add 600k entries to my dictionary. At least on a laptop that only represents a few minutes of time (I imagine a pi might add 10s of minutes)
@@Matt18001 where I do live we have router provided by the internet provider, with randomized 20 chars pass, made of digits, uppers and lowers, no default lass, so even with brute force, 20 chars would take an eternity, better to go phishing 😉
But using this tool with dictionary on a whole day of walking in a big town can still bring results thanks to the huge quantity of handshakes collected, some may be weak.
No lol the video says ANY wifi network. Seriously this clickbait bullshit has to be stopped
Came across this channel in one of your shorts, and began watching your full length videos - really liking the presentation and the content - you have yourself a new sub here.
Welcome aboard! Check out the new one about QR codes * , *
I'd recommend the Raspberry pi zero wh. Thats the model with pins already soldered onto the board like shown in the video
very nice video, I enjoyed watching it entirely
It's cute, simple and cheap, just wow! And than a very nice video fully explaining how the product is made and how to use it, just AMAZING!! Definitely gonna check out the product!! :3
Thanks man! Appreciate your opinion
Where to buy it
@@LEGENDS-ex9td It is probably something you can find online, you may not be able to buy it Ready to use, But you can buy all the parts and make one yourself.
First of all you did not create it and it is not new... Those exist for a long time...
Second of all it just works for wpa (an already old and vulnerable protocol...) Which no one should use anyways...
.
And third of all it just catches hashes No passwords...
To get a password from a hash youll essentially need to brute force try all password... And hope youll find the right one ... So more of an gimmick than a useful tool to hack wifi routers...
fourth of all no body cares
@user-xh2ms3nc5r if that is the case then I was wrong, my bad...
Brute force?? Try hashcat
@@TonySmith-zq2hx to my knowledge even hashcat brut-forces to some extent... Sure you can optimize around the human psychology, or commonly used passwords but the rest is brute force...
Bc hash-fcn are ment to be one way fcn. (Easy in one way. More or less impossible in the other direction.)
Does this work on WPA3? Video only mentions WPA and WPA2. Also, how about WPA2-enterprise, i.e. EAP-TLS? Should work, since "hack any wifi network" would include that.
i think it only work against wpa-psk not wpa3 or EAP-TLS and P-EAP.
So it doesnt actually let you hack any wifi. It does what every other wifi hacking method does. It captures the packages and youre STILL relying on bruteforce/dictionary attack on the hashes.
This makes this otherwise cute little tool pretty moot as theres tons of tools out there can you could do this with that would be cheaper to build and smaller.
What would be cheaper?
@@johndoe__8 Its just about capturing the handshakes. You can get an arduino IDE board for like $10 or so. And a cheap wifi antenna for about the same. The rest is code
Just found and subscribed to your channel, I love the formal white gloves. 😆
@10:11 - NOT true anymore. Many devices nowadays use a random MAC to connect by default (unless turned off). This is done for privacy, but also breaks things like static DHCP and knowing if a "new" MAC is an intruder, or just a random one from an existing device. Of course, anyone could just clone a valid device's MAC and use it to hide.. making the security advice given almost useless.
This is fun programming/engineering.
I'm a bit confused. It surely is too slow to crack anything, even a dictionary would be way too slow. So what is it doing? Only collecting handshakes?
At some point the video talks about online cracking, if this is needed, how would it be connected to the internet? How would it be "safe" to use?
Seems more like a toy than a tool.
Video is misguided. The device just collects unauthorized handshakes which are called IV. You need a lot of them. With that, you would need to run it through a very large dictionary to find the password. Then once found, you can test the password on that network with a wifi device. Ppl watching this and thinking they can just sit next to a wifi network and get in with a click of a button are wrong.
The entire point, make your wifi password hard and long. Set up layers in your network. Different vlans, Mac auth, honeypot for unknown device, etc.
when a windows user feels like hackerman 😂😂
Exactly as soo as you can see drive C:\ you imitatively know that this will be 'bullshit'.
What is Windoze??? Sounds like an inferior OS that only sheep would use.
@@username-mc7jw found the arch user.
The only useful attack you can do with any device labelled "Wi-FI Hacking device" is Wi-FI De-auth/Turning off their wifi.
Sort of, yes, it is the only thing that will just always work with minimal effort. But many people still make severe mistakes in password choice.
But I agree, router defaults have become more sensible during the last 20 years. Doesn't prevent people from changing them to less sensible options.
Luckily WPA3 has protect management frames which prevent this
So I plug this into my wall socket and it takes over NASA right?
Unbelievable! So, if I understand correctly, it doesn't actually give the hacker the Password to the wifi? If not, what good is it then?
It gives hacker password hash, which can be used for getting the password via brute force attack. Basically, that's the only option for hacking WPA2 network (at least, for now), but there's two main issues
1. Any Android or iOS (jailbroken) smartphone can do the same thing, so there's not much point in specific device. Sure, it works automatically on any detected network and it automatically transfers hash files to PC that is used for bruteforcing, but it's not like you can set up any phone to do the same thing.
2. WPA3 networks are protected from this attack, so it isn't of any use for them.
Also, I'd like to add that they say that this device is using AI for password generating, but I'm not sure if AI is making password bruteforcing significantly faster. Moreso, this AI is still used not on device, but on PC that is doing bruteforcing, so it's not like you can't just download its code and use it on any PC with any hash, be it hash that you got from the phone or from the laptop.
Should have named it GetHashGotchi.
@@ДарийФедореев-э7т Thanks!!
@@ДарийФедореев-э7т If I have the latest router, is it WPA3? Thanks again.
Very Good , will build and conquer the world .🙂
I just discovered your channel, and a new video just popped up. Nice!
Welcome! Recommend you watching other experimental videos ;)
so it's only for WPA?
WEP-encrypted wifi is cracked automatically in 5 minutes with 100% success rate.
Almost all wifi is WPA/WPA2 now.
So if the password is next to hashed also be salted or pepperd it does not work?
Arent wifi passwords also salted?
Also because the real power comes from the software running on the device, not the raspberry it self. Doing most of the work by api web services. Why not run it on a smart phone? A person looking at a smartphone is a lot less suspisious then someone looking to this device.
It's a novelty item that was popular 3 or 4 years ago as a fun DIY project, the idea being you have a (kinda sorta) Tamagotchi toy that's _also_ capturing handshakes. In reality though, sure, you could just use a phone or some other less obvious device.
(and a strong password of 12+ characters, WPA3 etc. all defeat this, it's old news - not to say hash attacks don't still _work_ of course, _plenty_ of bad passwords/WPA2 still out there)
ive had mine for a few years. Nothing new about any of this. Automated capture >> sort ssid's based on isp provider >> generate custom wordlists per isp type >> free wifi. WPA3 has been shipped with products for a while.... but is never enabled by default. Even though your password may be 12+, if it uses common dictionary words its still a shit password
so its just a tool for capturing handshakes ?
I dont understand , how are you sniffing packets without connecting external wifi adaptor capable of packet injection and monitor mode ? The onboard wifi chip on pi zero does not allow you to do so as far as i know it .
So if your wi fi is being hacked, you automatically know the perp is near by? They have to be in range in order to be able to hack your wi-fi is that correct?
Yes or no?
Interesting!!
What is the 'effective range' of this gadget?
Does it do wps pixie dust attacks ik it’s kinda old but you’d be surprised how many people are vulnerable to it
mac address spoofing is a thing, I've done it on hotel wifi before. You find mac address of an already connected device, and spoof it. So I don't quite agree with mac address filtering. Also phones nowadays use random mac addresses. The best way to protect against this kind of hack is to use a strong password, the reason this thing works is because of weak wifi passwords. None wants to type a 20+ character password on a printer, but if you want to be safe you should.
No one wants to type a 20 character password, and they shouldn't be doing that anyway. Plopping in a 40 character password is trivial when you use a password manager like Enpass, or any of the dozens of other ones available. I like Enpass because they don't store your database, YOU do. If you're not using a password manager, I can pretty much guarantee you are using the same password on multiple websites... which is a really stupid thing to do.
@@username-mc7jw Something you missed is I mentioned a printer. I guess you never tried entering that password on a printer.
Printer, Fridge, Motor Vehicle (try typing on steering wheel buttons) Many things a password manager doesnt solve but its still better to use one.....@@JamesColeman
@@username-mc7jw and now are the problem - you need to login to the password manager which requires the internet, .... which could be accessed through wifi ...
This just collects hashes ? I was kind of interested at first. There are rooted android phones that can do this without all the extra trouble involved with this gadget.
So they said it works with WEP and wpa what about WPA-Enterprise or WPA2-Enterprise or WPA3-Enterprise
And if that's the case that it work then maybe the industry needs to look into a different way to do Wi-Fi authentication
Hello sir, My waveshare 2.13 display is not switching on after plugging on rasberry pi zero, any reason?
Script Kittys Run free and conquer the world
i feel like this is teaching me on how to hack the neighbours wifi, thanks sumsub!
this is no different from using wifisher or airmon-ng tools. in the end this "toy" won't crack the password since you need to take the cap file and run it against a massive dictionary to hash the password
to plain text.
Still a cool project though, main benefit is it just runs in the background.
Can I use Banana Pi M2 Zero instead of Rpi Zero ?
And will it works at all ?
Thx.
This is all well & good except for 2 things…
1. No mention is given to the time it takes to crack passwords.
2. Cracking WiFi passwords for more networks, does NOT reduce the cracking time needed for WiFi passwords in the future.
Btw… my WiFi is password 50+ random characters. Lol. 😈
Can a flipper zero do the same?
where the hell did you get the eink for $9 its like $20 online
Hello! I love your videos! Do you mind listing out all the parts for Pwnagotchi assembly?
MAC filtering means nothing. Next video - MAC spoofing
i really like it the way you teach us but not like just sitting on sofa and describing about the cyber crime i like it like this pls keep up like this
You don't need the gateway for SSH access to the device if it is on the same subnet, in particular the standard /24 pushed by DHCP on 99% of all home networks.
Just saying, because I am picky. - Great video BTW.
Truth. If you in the network range but still that'd require the target to have an SSH session running ...
Amazing, but you can do this also with a raspberry 4 ? right
It should be called "Libergotchi" 😂 with one of those cheesy thin mustaches
Strong wifi password and you are good.
No way u used notepad++😭😭😭
So it's mainly used for Wardriving?
Did Dr Schlotky get this working with a zero 2 w yet? What about the waveshare v3?
To get an 8Gb capacity microSD from Aliexpress just ensure you buy one with 12TB or more...that way you have a chance...
Got me onevof those fancy Steamdecks. Is there a way to run it on that instead of a Raspberry pie?
Misleading title but still useful.
jammers are a great defense so esp32 marauder is a got to choice
I remember the Tamagotchi days. As I was saying that the other day.
Is it just me or dose the voice sound like an AI voice over?
Could be. This voice used to have a real body attached to it in the videos (older videos were fronted by an actual English human) but he/they could've cloned his voice.
Wow...i want to be apart of the hacker community...i jave these ideas i just have trouble translating them into code❤😢
You guys seem chill...any advice?
MAC filter is more of annoyance for legitimate users rather than effective measure against attackers as spoofing a MAC address is rather trivial
Because I use Home Assistant, I am only using giving access to known MAC addresses. Not that I am afraid my password will get cracked, it is best to plan for the worst case. For visitors I my router offers a second WiFi network. It even has a third network for Home Assistant appliances, but two will do because of using the MAC addresses. Hint: I use the MAC addresses to give every appliance a fixed IP via DHCP. I found out the hard way after a router failure appliances were not reconnecting perfectly to H.A. thus having fixed IP's makes live a lot easier.
Assigning static IPs via DHCP is good, but also close down the pool of DHCP addresses available to guests (on a separate VLAN, of course).
@@username-mc7jw I forgot to say so, thank you for adding this!
What a clickbait...
I think i gonna watch some new eviltwin attack or something new but get the same old PMKID and Handshake methods that we have for years with fancy device like that..
I've had this program for years and years.
You haven't, or wont "hack" a network in seconds...you will (probably) capture some handshakes that need to be run through something like hashcat...and with modern ssid passwords being so complex you'll be there a long time to crack it. Alarmist vid iym
MAC-Whitelisting is just an absolute basical protection. Zero trust is mandatory for all clients communicating in your network.
The problem is not a hacker getting into your wifi. The problem starts, when he finds loads of open ports and loose listeners within the network...
From where do I get all those hardwares I need pwnagotchi
I have a bunch throughout Nashville.
Oh wow, a dictionary attack against WPA2...
What a great Idea. It only takes 2000 years.
Take my money 🙂
48 letter passwords with specialsigns and numbers, small and big letters will not help at your network against the Pwnagotchi, aditionally make your net invisible..
I don't understand how this can break AES-256?
Can you give me the 3D printed model of the drone that you sent on the channel previously?
how do i do such thing with a rpi 4
Can we make one that protects us from hackers?
Does that work on raspberry pi zero 2
So how long will it take to crack a random 63 character WPA2 password?
Tx for sharing the gr8 knowledge.
My pleasure!
Its a great tool, hard to believe it was mostly made by one person, too bad the project has been dead for a long while. Also you are making it sound like cracking hashes is cheap/easy, its usually not with strong password requirements ;).
Jayofelonys fork got updated since years,it runs better than the original
Imagine thinking that hacking WPA encryption from 2005 is legendary.
GLHF with my long password consisting of randomly generated characters, the heat death of the universe is waiting. You need to enter the password once, so why not use something secure.
what screen to use??
Can it crack wifi passwords?
Will this crack doip vehicles?
So it's wifite on steroids
How do u extract.pcap files if failed on dictionary attack
Please send a list with all parts...
this is so cool. but um haha i want the lil bro to make mean faces hahah
It doesnt actually crack a password though. It just saves a handshake? You would still need to run a brute force or dictionary attack which would make 99% of these handshakes useless. Wps on 2.4ghz is still the easier way.
Online jungle, that aptly described internet.👍
Pretty much!
As notorically usual, old fashion wins again. I stick to cables.
Seems I'm not that old school at all, I use LAN cables instead of WiFi
So its all just a dictionary attack?
Hacking in seconds = guess the password. Oh wow so novel.
MAC filtering only works if your attacker doesn't know network sniffing which is highly unlikely. Selling this as a secure solution is stupid
Your name
i wanted this but the hashes seem hard to crack
ive been after one of those battery packs in my location (UK) abd cannot find anyware, anuyone knoq (even if another country
Bought a pretty similar one in Poundland last year (for about 3 quid).
I changed my router setting that the SSID
Invisible so for example if a guest come there is no way that he can use the Wi-Fi
Unless I tell him the SSID and the password so that he can enter it manually
That actually doesn't do anything. For example u can open airodump(network monitoring tool) and your network pops up like any other.
It will just appear as hidden network then you use one of many methods to identify the ssid
I can’t see or find the link can someone send it
10:03
I have built one of these and they are pretty Kool tools but this video is very misleading. Keep in mind that you are not "cracking" anything handshake wise. You are doing a reverse dic lookup of hashes. So, if the dictionary/password list you are using to compare your hashes to doesn't have the password in it, you won't discover the AP's password. Having a large password list helps a ton!
However, this tool will NOT crack "Any wifi access point" like the video claims. It will also not work on WPA3 last time I checked.
I get it, this video is really more about advertising the companies services than the PG but don't be so misleading :(