hacking every device on local networks - bettercap tutorial (Linux)
Рет қаралды 922,285
Күн бұрынIn this video I’m going to show what a hacker can do, using a man in the middle attack, if they are on the same network as you. This can happen if you login into a public wifi network like your library. I’m also going to show you how to avoid getting hacked on those networks.
Educational purposes only.
Part2: • Video
0:00 Intro + Security Advice
1:01 See everyone on the network
1:47 Spy on all traffic
3:40 Redirect network users to a website
5:00 Browser exploitation: Control the victim device
5:58 Protect yourself
Sources:
www.bettercap.org/
Content:
Hacking everyone on your wifi network.
Hacking home networks.
ARP spoofing attack.
DNS spoofing attack.
DNS Poisoning.
Network probe.
VPN role in protecting your network.
Better cap DNS spoofing attack.
Better cap ARP spoofing attack.
@nourtechtalk Жыл бұрын
Lets play a game: Can you spot and map all the blurred out mac addresses in the video? Hint: The last letter is visible from the first blur. Note: I have regenerated all of them so its alright 😉
@theguywithnoname4745 Жыл бұрын
Wait wdym bro?
@johannesjoestar Жыл бұрын
Aren't they basically visible on the very same blurred frame, logged right above the table? "...endpoint detected as ..."?
@cynagen Жыл бұрын
@@johannesjoestar came here to say, the MAC addresses are still exposed in the initial logs when they scanned the network but blurred out most others
@brandolinocaston Жыл бұрын
Ok, please show me how to change MAC on your blurred Alpha wlan0 Adapter with 00:c0:ca:af:ff:0e MAC :)
@gangbang7354 Жыл бұрын
I don't see my icon /wifi sign/ why? help me my laptop is connected wirelessly but still giving me ethernet by which i cant continuing my efforts plz
@yhytuncer Жыл бұрын
Great video Nour ! I like the way you explain and demonstrate these attacks
@visual975 5 ай бұрын
great video would love to see more of these sorts, earned yourself a new sub! :)
@PixelOtter0813 Жыл бұрын
In the end i thought he was pulling a nord sponsorship lmao , really useful info thanks
@griq Жыл бұрын
I think it’s safe to assume that every video that says “educational purposes” are mostly used for unethical purposes. Good to see how it’s done so I can better protect myself. Thank you sir
@TidanOfc Жыл бұрын
"Good to see how it’s done so I can better protect myself. Thank you sir" this quote alone makes everything you said previously, sound kinda stupid.
@marcorodrigues8303 Жыл бұрын
Sim Fui
@RakibHasan-hs1me Жыл бұрын
Trust me, when they mention educational purposes it means it's actually worthless. You have either own something expensive along with it or find a new work way around to use the and get the job done.
@sazzy94 8 ай бұрын
he is gonna do something illegal@@TidanOfc
@hamzazaman18 7 ай бұрын
well it winds up everyhting lol@@TidanOfc
@razorwire111 Жыл бұрын
I like how you put everything together from attack to mitigation tactics.
@sinisterz3r090 Жыл бұрын
I can also turn off my computer! no more attacks!
@robot67799 Жыл бұрын
I like how your video is straight to the point
@AnantaAkash.Podder 7 ай бұрын
Excellent Tutorial Man... Very well detailed and explained...
@pagikesenja Жыл бұрын
Thank you Nour for your excellent job, more similar videos please..
@ghaithshaqra4100 Жыл бұрын
quick direct and focusing on the details very good bro i will keep watching your new videos 😊
@rajmodi4145 Жыл бұрын
bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do
@cde-lf7iu Жыл бұрын
Very very very good explanation, very detailed and straight to the point we all want. Excelent. Thank you
@VioFax Жыл бұрын
too bad the next video got removed :(
@khusham6216 Жыл бұрын
@@VioFax can you brief it if you've watched it? I would love to know about how to create my own vpn.Thanks
@rajmodi4145 Жыл бұрын
bhai muje sikhaoge kese krna he
@rajmodi4145 Жыл бұрын
bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do
@alexmarchant4277 7 ай бұрын
nice did not know bettercap was in kali now. show people how to make there own OpenVPN :) Keep it up
@frankbazuaye4747 Жыл бұрын
Awesome .So simple and very resourceful .So glad I found your channel pal
@walidejdoevpz6600 Жыл бұрын
pls tell me how to lunche bettercap and how to download it i got stuck in the first thing hlp me pls i need to know
@yourworstfear Жыл бұрын
got u
@user-gr4vx8xz1l Жыл бұрын
I didn’t see anyone mention in the comments this but most routers now a days have the option to setup a guess network that is separate from your network. You could also just create another VLAN for the guest network as well. Also VPN traffic isn’t secure either your traffic is passing through the servers that the vpn is hosted on. Sopeople need to choose vpns with good reputations and not some of the free vpns. Or create their own vpn. Great video though just wanted to add that bit for people.
@sethadkins546 Жыл бұрын
The use of a VPN here was to ensure traffic going across the LAN was secure, not across the internet (as you said at that point you're trusting the VPN provider). Within that context, you can consider it "secure" since it cannot be accessed by attackers.
@Allinone-sh6cj 8 ай бұрын
How to make own vpn?
@that_one_who_knows4311 Жыл бұрын
wow! this is actually a sniffing! very well explained!
@vertexvstore155 Жыл бұрын
just what i was looking for (thanks man)
@dha12oks 7 ай бұрын
Thanks for the video, I'm actually studying at the moment for Cyber Security, and this is a bit of an eye opener towards what I would be going against.
@fargetofargeto5494 Жыл бұрын
This was beautiful. ❤
@BrianMeyers-yl3om Жыл бұрын
Very clear and no b.s. Thank you! subscribed!
@rajmodi4145 Жыл бұрын
bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do
@kiaraki7186 Жыл бұрын
@@rajmodi4145 router ka admin password hai?
@markb4168 7 ай бұрын
agreed
@arhamsayyed9518 Жыл бұрын
Fine! You earned yourself a subscriber.
@op_bill641 29 күн бұрын
I just learned how to do this and im so (negatively) amazed at how easy it is for someone in your network to spy on your device
@user-or2om1dj2k Жыл бұрын
great vid, surprised by the quality by such a smalll ytber
@asubzero_ 6 ай бұрын
I researched Wi Fi networks and watched several tutorials, only now I understand the video in its entirety
@jcgm666 Жыл бұрын
Very good video!
@robyee3325 5 ай бұрын
Well presented. great content!
@rimrihan1281 Жыл бұрын
Very useful video. God bless you.
@stellamwasa4111 Жыл бұрын
Thank you bro for the lesson coz i was looking for this lesson for days
@theMadhatter817 2 ай бұрын
Nice,never seen anyone show proof of concept for a.vpn before
@prozacgodgamedev Жыл бұрын
Correction, you're not seeing all URLS' you're seeing the domain names, with a uri/url slapped on the front of it, to see the whole url, you'd need to see inside the http packet, which you can't because they're all using SSL.
@Log.Rhythm Жыл бұрын
Came to say this! Fear mongering 🙄
@prozacgodgamedev Жыл бұрын
@@Log.Rhythm A lot of this video felt like fear mongering. It wasn't 'that' factually incorrect in the technical side of things, it was just ... not telling the whole story. It's another (in large print) "Look at all the things hackers can do to you!" (and in the small print, whispering) "...when you give them access to your computer or network" I mean, sure with DNS leakage someone might know you're on porn hub, but they won't know the particular degeneracy you're up to.
@willyv374 Жыл бұрын
Ye all those ebay hackers, with their GitHub tools 😂😂😂 this video ist only useful for elders, who don't have a fcking clue at all
@andrestorres7343 Жыл бұрын
Furthermore, even if you are spoofing the DNS requests, you will see a not secure message in the browser (not secure 🔐) as there would be a mismatch in the certificate for the domain...
@PineCoffee Жыл бұрын
Yeah this technique would work well probably in the 2000s and earlier, when most websites are still on http, not https, and browser security was crap back then. It is pretty much useless today.
@theFabz 5 ай бұрын
Excellent 🔥
@MedicalStudentChannel Жыл бұрын
thank you, I learned from you, I am new to Cybersecurity
@THeSRX. Ай бұрын
Is your journey on mid.. I am at beginning 😄
@dadisthatyou452 Жыл бұрын
Thanks. We'll use it for educational purposes. pinky promise
@thegioicaycanhtrangtri 17 күн бұрын
Great one I have ever watched
@1wilfried Жыл бұрын
nice one! keep it up
@raight4552 11 ай бұрын
you have no idea how helpful this video is, question are there budget 802x router i need something affordable
@szdavee92 Жыл бұрын
I think you forget to mention that if a site uses HTTPS you can't see the data just the target IP. If you using a dns spoofing attack you will se nothing because the HSTS kick in. Also u can't inject nothing to site which using HTTPS because the whole http request including the header is encrypted.
@nourtechtalk Жыл бұрын
Very true but you can also downgrade the connection to http and enjoy the show 😁
@mathiasdeweerdt1400 Жыл бұрын
@@nourtechtalk Any modern, respected website will not allow this. HSTS will prevent exactly this.
@ZK-du3pj Жыл бұрын
@@nourtechtalk HSTS is impossible to downgrade down to http.
@Bluexin_ Жыл бұрын
@@nourtechtalk tbh after enabling the https everywhere plugin I started to notice way more how many websites still don't support https. Even govt websites over here 😅 that plugin is a godsend, don't even need to rely on the website maintainers to enable hsts
@johnsailor3590 Жыл бұрын
He did not forget it, a video saying it does not really work won’t be viral
@Jay482 Жыл бұрын
What if the end user do an ipconfig /all just to see every device that’s connected to their network, will they be able to see the attacker if they were connected to the network? And block that unknown ip address through the router network settings. This can also work to prevent attackers, or do a DNS flush to prevent any redirection to websites. Or clearing the cache files from your browser.
@user-wm8yz 2 ай бұрын
thanks ... I was looking for this ...just to get my hands on it and how I can use the commands ...
@litemint09 Жыл бұрын
02:01 you did blurred out the mac address of your device after the net show command, but the mac addresses were seen after you type in mod.prob on, so its useless to blur out
@Beatsonlite Жыл бұрын
bro this is great manze
@Flqmmable Жыл бұрын
Hey great video! Bettercap is awesome. I do have one question though.. I see that you have your website based on the IP of your external wifi adapter (Wlan0) and can connect to wifi networks through it. How did you manage to do that?
@nourtechtalk Жыл бұрын
I have an external wifi adapter connected to my vm vis usb
@Flqmmable Жыл бұрын
@@nourtechtalk When I connect mine, it still says wifi networks are disabled and can only connect to network via the eth0 interface that connects to the network my host is on. Idk why that is
@charlesstephenadio2159 Жыл бұрын
thankyou so much i understand
@unividuv8902 Жыл бұрын
where can i watch 2nd part for this video? Because link in description has been removed video is not available now
@chinedumichael8776 Жыл бұрын
What if I already know the password.. (ie ) I don't need to hack the wifi password. How do I acomplish that too?
@justcallmetruman Жыл бұрын
Your tutorials are very clear and easy to understand, thanks my packet sniffing gangsta! What's the difference between this and ettercap if any?
@nourtechtalk Жыл бұрын
Its easier to use
@smokie365 Жыл бұрын
Just curious how to use buttercup? I have a little raspberry pi that’s running Kali Linux. So is it just a case of running the command? Really would like to try understand how all this works
@asakurakinomoto732 Жыл бұрын
I have a question. what command line i use if i redirect a software just like you did on a website?
@elementsmusicproduction692 Жыл бұрын
What if I setup a vpn on the router instead of the end device? Then all the traffic would still be exposed to the attacker right?
@randomguychannel39 Жыл бұрын
What? The part 2 video was removed, can u post it again? Btw, nice cideo and channel, just4 got a new sub
@kayPlayz. Жыл бұрын
Hi sir can you please launch full course of ethical hacking? I can't pay for course so i am finding it on KZfaq. Your teaching is very good .
@tonilearn Жыл бұрын
another question is: would your access to that computer would leave a footprint (in this case your ip address)? Thanks
@SkyV77 Жыл бұрын
very informative video sir
@AdrianTregoning Жыл бұрын
Why was your part 2 removed by KZfaq? Bleak, would love to learn how to create my own VPN.
@johnreynolds4065 Жыл бұрын
how come other network traffic coming from other IPs shows up when I am just trying to target one IP?
@420familyde 11 ай бұрын
Where did that line came from by 1:51, Im stuck there. What key did you pressed or what did you do?
@kestonsmith1354 Жыл бұрын
How you think celebs private photos get hacked and leaked, it's most of the time someone with a expensive wifi adapter, aircrack-ng, hashcat and an excellent word list, bettercap and beef .
@thevault1575 Жыл бұрын
lol no. most celebs got their photos leaked bc they did not secure their icloud. if someone cracks their icloud, they can get access to all their icloud photos.
@kestonsmith1354 Жыл бұрын
@@thevault1575 not true, you need to their real verified email which is not public information and very hard to acquire. Once you get onto someone's network you can record anything , see which sites they are visiting, capture their passwords, etc. Once you gather the information, it can be sold to the media and other sources for a pretty penny.
@thevault1575 Жыл бұрын
@@kestonsmith1354 Yes it is true... Back in 2014 there was an “event” called “the fappening”. What happened was celebrates photos and videos got leaked and posted onto 4chan & reddit. This was all possible bc of icloud. I agree with you that it would be hard for someone to get a celebs personal email but people are very good at social engineering! From opendatasecurity: “In 2014 there was a massive leak of intimate photographs of famous people that was called the Fappening movement or “Celeb Gate”. How did it happen? By the Apple cloud storage service: iCloud.” I would include the link to the article but I don’t think youtube allows that. Just look up the fappening. It all happened because of icloud.
@kestonsmith1354 Жыл бұрын
@@thevault1575 For the first one, back in 2014, Facebook were very vulnerable to hacks through their login system , it was easy to break into people's accounts. The second one in 2017, how was he able to get hold of their email addresses ..unless they were already part of the a list of emails from a compromised agency server that actors are affiliated with. You can find a lot of people's information on the dark web as well. With social media, it's getting easier and easier
@Anirbansinha24 Жыл бұрын
@@jeoi teri ma ki rockout
@lphdyt Жыл бұрын
I would be interested, how to take control over a Bluetooth connection. Like entering, the data stream between my phone and my Bluetooth box and play other music
@OptimizeTube Жыл бұрын
If I am worried about this and for good reason, let's assume they've already connected. Will resetting the router give me a fresh start? If am afraid that logging in to the router would be a bad idea
@AlexiHusky Жыл бұрын
Doesn't https prevent arp spoofing from being this legible??? I thought urls and host names are encrypted after the hand shake?
@Bwcap Жыл бұрын
Definitely will try!
@yungxxilax9194 Жыл бұрын
does it need an wifi adapter that supports monitor mode and packet injection?
@PNA33 Жыл бұрын
Does the private DNS command on phones protect from these reveals and attacks ?
@alanprado6210 Ай бұрын
When i run those commands I only get my computer, should I change my network adapter settings or smt else to make it work like yours?
@anonymousa3816 5 ай бұрын
When I set the spoofing target setted the spoof on and the sniff on, my other computer on which I was testing, wasnt opening any site, and I wasnt getting the urls, instead I got the routers username and password. What is this happening?
@PatriFATSO Жыл бұрын
Do you use NAT connection? My linux on the virtual machine always get wrong ips
@k3s845 Ай бұрын
Big question for the test would this work if i use my phone as the router with hotspot and connect other 2 devices? To test like you?
@tonilearn Жыл бұрын
The question about using VPN is that: would the VPN owner be able to see all of my inputs to the net? in that case, would they miss use the information they are getting from me? Thanks.. hope you could create a content based upon this question I have.. Cheers
@hasibbinsayed1863 Жыл бұрын
very useful video
@freedomisdead9638 Жыл бұрын
Awesome!
@mathiasdeweerdt1400 Жыл бұрын
I think you should mention HSTS and how it protects the user. Enabling DOH(DNS over https) does also provide extra security and the importance of keeping your browser and operating system up-to-date. Note: You are leaking your MAC addresses you tried to hide in the beginning of the video btw.
@nourtechtalk Жыл бұрын
Hi Mathias, I talked about hsts in my second video where I demonstrated the man in the middle attack but unfortunately it got removed from youtube. DoH is a great technology but its not widely supported by dns resolvers. DNS remains the achilles heel of the internet.
@penguin--_-- Жыл бұрын
@@nourtechtalk please re-up.
@darthwater999 Жыл бұрын
@@nourtechtalk Many people upload their banned video on odysee, a KZfaq like website with few moderation
@XiaolinDraconis Жыл бұрын
Re-upload unpublished but leave the link in description or pinned comment.
@CoverDrive007 Жыл бұрын
@@nourtechtalk sir do u have any blog?
@ElixirEcho Жыл бұрын
The thing with VPN is do you trust the other side's network and their ISPs? If you VPN back to you house, then all you gotta trust is your own network and ISP.
@yashpalhare8654 Жыл бұрын
Sir , WSL mein se windows 11 main Kali ko install kiya to sab cyber security related kam hoge kya. Reply do🙏🙏
@0xBerto Жыл бұрын
Hey, not sure if you caught this for your future videos. Your first probe reveals your MAC addresses that you then censored in the “show” command. 😅 anyways. Thanks !
@Allinone-sh6cj 8 ай бұрын
What will happen if someone got your MAC address?
@TheGamer507 Жыл бұрын
when i turn on probe, i dont see "forwarding". when i turn on sniff, i cant browse the web. apache2 and beef-xss works
@somahqari9894 2 ай бұрын
thank you for this video. How could I get to know if the application is data encrypted or not? via Wireshark
@asipalacios8701 4 ай бұрын
after laucnching better cap an typing net.probe on my terminal crashes every single time. what to do?
@m4vf Жыл бұрын
That's why when I visit Facebook, I always use an ethernet cable plugged into their mainframe, thus knowing that I'm directly connected to Facebook. The only issue is that I walk down to their HQ every time.
@b.wallet5295 Жыл бұрын
Lol
@l3gend272 Жыл бұрын
1:51 you hid you MAC addresses at the bottom, but isn’t it showing at the top in green????
@nourtechtalk Жыл бұрын
Yeah I had regenerate all of them 🤣
@dro6937 Жыл бұрын
i got a problem i tried this on my mobile and laptop when i turn on the apoofing and sniffing the wifi turn off
@anon2030 Жыл бұрын
“SSL hijacking is found, recommend replacing the network.” This is what the network security app keeps telling me, n it’s been a few years now. The yt app just shut down by itself. It’s been doing that quite often too.
@omerhd958 Жыл бұрын
When i run it it's giving me results after 5 or 7 seconds not like what is the solution
@user-hw9sd2sb8r 5 ай бұрын
I am using linux kali on a virtual machine but it does not show any devices connected to the same wifi
@easylearning1207 Жыл бұрын
I tried to do the same in my laptop, I don't know why but when I wanted to visit websites to make sure that it shows me information about my actions on laptop suddenly internet stoped working
@dhruvgupta5663 2 ай бұрын
How I can connect my Kali with Wlan it's only showing ethernet option and I'm using in VMware
@elmehdaoui1287 8 ай бұрын
do i need a wireless adapter to do that , because the devices not showing up
@tonycheung7624 Жыл бұрын
Amazing Video
@misteranonymous1157 8 ай бұрын
Do we need a wifi adapter for this to work? Cuz i dont get the same options when i type net.probe on
@IzharKhan-gm7wp Ай бұрын
i get new ip and the suddenly lot this,, it is happening all the time when we show the probe so what is the solution
@youtonew 5 ай бұрын
after using this when i go to any website for testing this will not open any web site its show error
@JuliusTanuwijaya Ай бұрын
Thank you 4 sharing
@XXdentistXX 6 ай бұрын
I tried the steps with nethunter on android i cant sniff packets from the target i get only packets from local dns .. does thats mean im not on monitor mode ?
@DruggiePlays Ай бұрын
So if i theoretically use wpa app to find vulnerable routers to connect i theoretically can install malware on modems to spoof and redirect? If so how without the router password?
@motivationinspiration01 Жыл бұрын
Sir are you using Kali Linux on virtual machine ?
@ADIVictorian 10 күн бұрын
quick question, could i target multiple devices at once? like maybe, 20, 100, 1000?
@SamusLovesMilk Жыл бұрын
I've got Kali on a VM on my windows PC connected through cable. Trying to get all IPs from nmap or bettercap only shows the IP of my windows and the gateway. Why? There shouldn't be a problem as I'm scanning the whole subnet. Doing arp -a on CMD works way better so far, hmm.. This is just me trying to have fun here at home
@Brianmeneer Жыл бұрын
So im doing this on a Kali VM on my PC. The sniffing stuff works well if I do stuff on my pc, but not if I try to sniff my laptop. The internet on my laptop will just load forever and give up. In my VM settings i've got the network settings set to bridged adapter. It should work right? I can still ping my laptop from my vm...
@chevelle321 Жыл бұрын
Did you ever figure it out? I'm running into a similar issue. bettercap is connecting to my RDP gateway and not my actual gateway for my router. Any ideas on how to change it?
@vekoko Жыл бұрын
how can I completely disable an android phone from accessing wi fi connection using platform tools/ADB
@Shawn12832 12 күн бұрын
I can't get bettercap to download to kali i'm using the latest version of kali in my VM
@Schalla_Man 4 ай бұрын
Hi I need help! I followed every step exactly and got no error messages but it didnt take me to the apache page. It either loaded the website normally or just didnt load and said 'site couldnt be reached' Please help i would really appreciate it thanks in advance.
@shaned7545 Жыл бұрын
Even if I'm not connected thru my wifi but instead using my ethernet cable? I can be hacked?
Nour's tech talk
Рет қаралды 53 М.
Nour's tech talk
Рет қаралды 49 М.