WiFi Password Warning: Use good passwords otherwise they can be hacked in seconds using cloud GPUs. Create your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode Disclaimer: This video is for educational purposes only. I either have permission to use, or own all equipment used for this demonstration. No actual attack took place on any websites. Only use the tools demonstrated in this video on networks you have permission to attack. Use the tools ethically to improve network security. // Previous Videos // WPA/WPA2 vs hashcat and hcxdumptool: kzfaq.info/get/bejne/i9mnY6ydrMjPc2h-.htmlali 16 secs to break it! 70% of real world WiFi networks owned!: kzfaq.info/get/bejne/kLp5dZx8zp-6pI2K.htmliFi Wifi Adapters: kzfaq.info/get/bejne/a7N_prxku7Swe2w.html Old method using airmon-ng: kzfaq.info/get/bejne/jcyJq9V9xtfQfmw.html Old method using GPUs: kzfaq.info/get/bejne/gJ5xa9V8q8C7XYE.html // Menu // 00:00 - Intro 01:12 - Don't use weak wifi passwords! // Quick wifi cracking demo 05:28 - Setting up for wifi hack // Setting up a Linode server 08:08 - Setting up for wifi hack // Installing Hashcat 09:05 - Setting up for wifi hack // Installing NVIDIA CUDA Toolkit 12:42 - Cracking wifi passwords using Hashcat 17:08 - How the Hashcat command works // Detailed explanation 21:08 - Cracking a range of wifi passwords 27:24 - "Mixed passwords are strong passwords" 27:57 - Cracking a range of wifi passwords (continued) 28:54 - Conclusion // David's Social // Discord: discord.gg/davidbombal Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZfaq Main Channel: kzfaq.info KZfaq Tech Channel: kzfaq.info/love/ZTIRrENWr_rjVoA7BcUE_A KZfaq Clips Channel: kzfaq.info/love/bY5wGxQgIiAeMdNkW5wM6Q KZfaq Shorts Channel: kzfaq.info/love/EyCubIF0e8MYi1jkgVepKg Apple Podcast: davidbombal.wiki/applepodcast Spotify Podcast: open.spotify.com/show/3f6k6gERfuriI96efWWLQQ // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // Hashcat Steps // 1) Setup server in Linode GPU server 2) SSH to server: ssh root@192.168.1.1 3) Install Hashcat: $ sudo apt update $ sudo apt install hashcat $ hashcat -I 4) Install Cuda: (Docs: www.linode.com/docs/products/compute/gpu/guides/install-nvidia-cuda/ ) $ sudo apt update && sudo apt upgrade $ sudo apt install build-essential linux-headers-$(uname -r) 5) Install nvidia drivers (Docs: www.linode.com/docs/products/compute/gpu/guides/install-nvidia-cuda/ ) $ wget developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/x86_64/cuda-ubuntu2204.pin $ sudo mv cuda-ubuntu2204.pin /etc/apt/preferences.d/cuda-repository-pin-600 $ wget developer.download.nvidia.com/compute/cuda/12.0.0/local_installers/cuda-repo-ubuntu2204-12-0-local_12.0.0-525.60.13-1_amd64.deb $ sudo dpkg -i cuda-repo-ubuntu2204-12-0-local_12.0.0-525.60.13-1_amd64.deb $ sudo cp /var/cuda-repo-ubuntu2204-12-0-local/cuda-*-keyring.gpg /usr/share/keyrings/ $ sudo apt-get update $ sudo apt-get -y install cuda $ sudo shutdown -r now 6) Upload files to the server: sftp root@192.168.1.1 put 8-digit-wpa2.hc22000 7) Check GPUs available: hashcat -I 8) Run Hashcat: 8 digits: hashcat -m 22000 8-digit-wpa2.hc22000 -a 3 ?d?d?d?d?d?d?d?d -d 6,7,8,9 -w 4 10 alphanumeric: hashcat -m 22000 10-digit-letters-wpa.hc22000 --increment --increment-min 10 --increment-max 12 -1 ?d?l?u -a 3 ?1?1?1?1?1?1?1?1?1?1?1?1 -d 6,7,8,9 -w 4 ====================== Hashcat commands: ====================== -m 22000 means WPA-PBKDF2-PMKID+EAPOL -a 3 means Attack mode is brute force -d means Backend devices to use, separated with commas -1 means mask to use hashcat.net/wiki/doku.php?id=mask_attack Explanation of WPA/WPA2: hashcat.net/wiki/doku.php?id=cracking_wpawpa2 Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Thank you David once again for a high quality video. While these short and easy passwords are good for making a point, it would be more interesting and useful to try a real world 14 character password, which is a NIST recommendation I assume, having digits, alphabets and special characters. It would be a more powerful point, since many consider such passwords "safe". Thanks again.

Super interesting video! I miss this style of content from you. I like the interviews too but you're a great instructor too

I am so glad that I can do 2 things at the same time watching your videos, learning English and security. Thank you so much for your lessons!

Thanks David for the showing us the way, not to keep passwords simple anymore. Great demo.

Thank you David for this Awesome Video again ! Love it!

This is why using access control (if your router supports it) is important. With this feature, even if your wifi password is hacked, the hacker still needs to be allowed on the network to access it. Also if you use network segmentation to separate your wifi network from the rest, you can limit the damage the hacker can do to only that network if they do get access.

This enables phone hacking to a greater extent, by SCP'ing the captured files over to the cloud GPU VM, takes away processing limitations that a mobile phone may have in comparison. This is a fantastic demonstration of this.

Excellent video, instructions, and tuition David. Many thanks. 👍

Best youtube hacking channel in my opinion! So much to learn and David teaches us all it so well. I wish I was more on the ball to take the opportunity to learn from all the videos but I don't quite have the discipline to focus and one particular area at the moment as it is all so fascinating. Belated new years resolution maybe lol

Thanks David for this amazing video once again!!

I remember back in the day when i was exploring "aircrack-ng" and bruteforcing WPA handshakes.. Back than brutting a 10-12 digit password on a very high end CPU was estimating to take 5-10 years.. As i learned how brutefircing works and how to use wordlists i realized that soon there will be a way to crack a 10-16 mixed digit lowercase password within minutes. I am amazed of how correct my guess was.. Watching this video makes me wanna take my old Alpha WIFI antenna and see how secure my neighborhood is.. Very nice video i learned something new today, thank you!

Ok, but "10 digit password with assumption of first two digits" is no different than simply brute forcing 8 digit password. So adding "assumptions"' and emphasizing on password length is kind of misleading. You might as well say "We've cracked *TWENTY* digit password in minutes _assuming first 12 digits are ......"

David Love your work... Ps: We ( Singapore ) ain't the other part of the world ( haha) probably just a very very tiny dot and hard to find in this big world of ours... cheers and keep up the good work☺

Outstanding demonstration and explanation of something many find confusing and feel it's out of their reach. Not sure I've seen it but a video on passwords and how to choose them or create them both human, app and computer recommendation, Mac always suggests passwords to store in keychain file, are those easy to crack. Maybe ask users to suggest a password and show how easy it is to crack ? Thanks again for a great educational video

Another great video David

First of thanks for the tutorial... but maybe you should tell about the Linode GPU restriction, before baiting us to their website with the 100$. I can't even create the Linode with a GPU, unless I make a plan and contact their support. And your password is the same as in the first tutorial from 18th February 2022. And you were fortunate yet again with the fast result. I mean, you make it sound so easy...

Great video David, thanks.

Great video David! And actually it shows that still 10-character password with all mixed characters is actually strong enough, right?

I appreciate the end with the reasonable note that mixed chars will be much harder to crack. Most routers ship with a default sudo random 8 char alphanumeric string. Yes, knowing that it's only 8 characters can limit your scope and time. But that's still a beefy dataset. Wpa2 has vulnerabilities, but for brute forcing... it's still plenty strong compared to wpa. Most likely you're going to do a man in the middle, or some evil twin attack. It's so much easier then trying to brute force your way in

Not in vain saying that CCIE is equal to Phd, you are really badass geek Dave 🙏🏻👍 Thanks a lot …

Outstanding video !👍

Great tutorial David!

I am learning a lot from your videos! 😍

David, do you sell test questions and answers for exercise and preparing for CCNA exam? If yes, where can we buy?

thank you david it was a video that everyone can understand you are great

you have some of the best vids out there!!!

Cool video. Isn't cracking a 10 digit password that starts with 02 the aame as cracking an 8 digit password? 🤔

Wow well presented. Learned a lot will definitely give this a try.

I watch your every video love from Pakistan 💚

great video. like to ask why only use 4 GPUs? will using more GPUs(if possible) speed things up? thanks.

Sir, I have a question that is if we want to use internal wifi card in kali linux we have to dual boot kali linux using usb drive, but there is a method that we can dual boot kali linux without using any usb drive,cd or dvd, we can flash into our system ssd by doing partition, so after dual booting kali linux without usb drive can we still able to use internal wifi card/chip if it support monitoring and packet injection mod?

thank you for educating us sir.

Stay safe and do the following: -set strong complex router password -set strong complex wifi password -disable router remote management -disable ssh -block all incoming ports -only allow reserved devices

Your video is very interesting, I have registered in Linode with your code but the hashcat issue is a bit complicated and I don't want to enter a wrong command. Could you tell me the command to write in hashcat to decrypt an 8-character password made up of numbers and uppercase and lowercase letters? That would help me a lot... Thank you very much in advance.

I've never seen you work so fast! lol

Hi sir , i respect you a lot plz create a paid course , in which everything is in systematic order and teach us more advanced thing which are illegal to teach on KZfaq . Luv from india. Like u understand what I am saying.

David you're such a swell guy. I don't care what anyone says. : )

Been doing this for years and years now, saves so much time

Nice Video ❤️🤙🏼

Thank you, David.

Thanks David!

Hi David. First i want to thank you for your incredible great videos! For this video you maybe mention that Linode wants you to deposit $100 before you can access GPU instances. I tested google cloud gpu witch needs a credit card to aktivate gpu`s. Next i checked ovh cloud for a gpu instance. There you need to activate a quota, for this they want a photo of your id card. I don`t found any service where to "rent" a gpu instance quickly. Maybe you have some tipps for this?

thank you for the video, it's great. Can it be done using just kalilinux?

Sweet new video!

Thanks for sharing this informative video.

Sir what happens if I change all digits of my device's permanent mac address rather than only 6 digit or it's not possible???

i am a software engineering student . i am a mad fan of you

This is the video I been dreaming about

Do they charge you when it's processing the GPU or as soon as you start the server?

So as long as you use solid passwords, no one with a copy of haschat and wifi attenna will be able to break in too easily. I wonder if quantum computing rigs for brute force attacks would shorten the 7000 years, to minutes?

Couldn’t Wi-Fi router co’s easily fix this by offering 2 factor security? I.e., if someone wants to log into the network they must have correct password then owner of network receives a 6 digit code that the requester must input? Why wouldn’t router companies go this route?

Linode is cancelling almost any new register on his platform. Is there a similar cloudservice to use, as alternative to Linode?

Jumping to this vid from the notifications, lets goooo😍

على هاد الهدرة لي قلتي والله تا شتاركة عندك وغادي ديما نحظر فيديوهات ديالك حنا بغينا الحقيقة والتواضع مشي الكدوب ❤

i never get to crack any wifi before even watching your previous video. Gave up doing it.

what about if the password is 14 digit with number up and lower case and symbol , from your experience if use 4 GPU like this environment . how long it approximately can crack ? or if it is possible to get in within a year ?

command for capturing wifi information in older video does not work now hcxdumptool: unrecognized option -- 'o' and then i changed 'o' with 'w' and now says hcxdumptool: unrecognized option '--activate_beacon' can anyone pleas help?

And thanks again David👍

How much does a pentester cost for personal home security testing?

how do you mix uppercase,lowercase,digits and specials? how can we specify which to use 😭 GPU's into nightmare mode?

i am getting this message "Additional verification is required to add this service. Please open a Support ticket." cant create linode

When you have cracked the password and login to that computer, my question is, can they not see you and ban your ip. I mean with some wifi´s do you get some software so you can see who is logged in to your wifi

How can i snip fb & other password from pc & phone connected to the network. Please suggest me

Does this Lenode server has already installed Ubuntu that you just kinda run? if it does, why they don't preinstall all that you need like CUDA support, like, that's the reason you would use Lenode in the first place? Otherwise you waste time on doing it yourself.

Hii David sir kindly please create in other videos wifi hack in termux set in first introduction to last introduction

Mind blowing 🤯 David sir

we used to use rainbow tables for this.

Just a quick heads up everyone, quite ironically there is a fake David Bombal account going around trying to scam you. Please be careful! And Mr. Bombal, thanks again for another outstanding video :)

linode needs additional verification to start ? Anyone else have this issue ?

Hi! Thank you for your video. Linode is Great. I have it a lot of years. Only 1 question; your "method" work only for "simple" numeric pasword or for all? Thnx

hi ! I really learn somthing from this .

Looks like I'll have to try and test my own wifi password now!

What about passwords with mix of numbers, letters and special characters?

I'm not concerned with passwords where someone knows it's likely certain characters are placed. My greater concern is how cloud computing is rapidly reducing how even totally random passwords are becoming vulnerable. Using numbers, lower and uppercase alphabet characters, with a password that is shorter than 10 digits is now within a reasonable time for cracking when using cloud services.

So much power for weak passwords. Great example not to use weak passwords. What does this sort of power look like against a strong password? In your example of 8-18 digits it stopped at 10. What if the password was 16 digits long with all possible combinations of characters? 2&la7@H9!Na6x$Q as an example?

128x4 = 512 gb Quadro ! And after password cracking is awesome.

Hey David, very random question I'm wanting to start hacking as a serious career, my objective is to create exploits. I understand that there are various exploits for specific devices/networks. I am curious though what is the majority of high level exploits being written in, such as Israel spyware pegasus, or maybe their zero click imessage exploit, or the Olympic Destroyer just to mention a couple. I'm hesitant to learn python due to this as I want to reach the pinnacle in example c# if the majority of high level exploits are written in that as I'm guessing they aren't written in python. I don't want to bounce from one language to another I want to master one that captures the most advance exploits. Hope to hear from you david, thanks for your work.

i got that to work. testing on my home wifi it would take more than 10 years to go thru all possible combinations. i see i have 2 tplink neighbours thou... :>

I will use this video for *"Scientific"* purposes

What program are you running for this on your computer

Hello man, do you know how to install hashcat on M2 silicone. ? Doesnt work for me

Does apple silicon m1 or m2 can do hashcat on apple silicon gpu

Can you use linode for 1-2 hours to avoid paying for a whole month?

good video mate thanks

Can you use this in conjunction with a flipper zero?

can you please make a video on what a hacker can do if he is in your wifi and demonstrate it (by the way love your videos)

What if I use the power of my PC? Rtx 3060 ? It is possible?

Break WiFi networks using Cloud GPUs in seconds . but video lenght is 28:48. Just Awesome tutorial😅😅

Sir love from India❤️

I'm really struggling to comprehend the power a machine with 4 x RTX6000 would have. That's insane

but is there still someone who still set up wifi router to use WEP only?

*Please Help, David Bombal Sir Please Help Me! I Have Successfully Installed Kali Linux On My Laptop And I Have **_Alpha 8188FU_** WIFI ADAPTER. AND The Machine Is Recognising It But I Am Unable To Install The Driver To Practice Wifi Hacking.* *PLEASE HELP ME IN THIS MATTER, PLEASE I WILL BE REALLY THANK TO YOU*

See how long it takes to guess the password if the SSID salt is not broadcasted. Better yet, see how long it takes to crack a Radius server's password that changes every 24 hours. Even these tools are very limited. I still see some old school WEP routers once in a while. LOL.

What if my password is 36 characters long with small and caps and numbers and symbols? How long to crack.

This is great and all... But when will onebpf these guys wize up and have a program on a gui interface? Something even the novice of novices can understand and use. Maybe have a bit of ai engineered into it so it lerns to self install instead of constantly typing in comands and or installing manually.. Sure be nice.. be a great challenge for this comunity to come up with.

Yeah I love when people say this what you said but it's a 30 minute video it's not a second it's a 30 minute video

sir can you help may tu change my laptop WWAN IMEI number my WWAN model is DW 5911e Snapdragon X7 LTE

Amazing video sir

Sir one question can non root device android 12 phone can hack Wi-Fi? I show your Kali net hunter but at the end he ask me for root access. I am a student and I don't want to root or damage my device unless I get new on. Please say yes/no in shortly thanks