• [VIDEO] Stealing Data Over Open WiFi [The Modern Rogue]
    13 replies, posted
https://youtu.be/NkNgW3TwMy8 Additional Information The WiFi Pineapple is sold on Hak5's store https://shop.hak5.org/products/wifi-p... https://www.wifipineapple.com/ How a Wi-Fi Pineapple Can Steal Your Data (And How to Protect Yourself From It) https://motherboard.vice.com/en_us/ar... Websites Visited http://thekingofmouths.com https://spacejam.com http://bitchen.com http://dustbrothers.com
So there's this Silicon Valley episode where the guys try to sabotage their rivals with these things at a major tech conference, and the only reason they get caught is because Richard acts like a major dickbag in a completely unrelated situation and gets security called. It's funny, but it's totally believable that a room full of tech dudes would probably fall for this sort of thing, mainly out of sheer apathy. I'd wager that if a few don't it's probably just because they never use public WiFi just because they have decent data contracts. (Also you don't need this specific piece of $200 hardware to do this sort of thing, in case that wasn't obvious, that said, I imagine it's a shit ton easier than using rooted Android devices, RPis or Linux booted laptops with fancy WiFi adaptors)
yo so many people hack wifi remotely, this is like someone saying hey guys there's this cool thing called Windows xp on Windows 10 release date
definitely don't use it at a hacker convention https://files.facepunch.com/forum/upload/58207/bd53342f-3830-47f7-924c-e19ea30415bc/image.png
Joey is probably the worst.
of all the youtube videos to NOT be sponsored by nordVPN...
Shouldn't access points create some secret handshake when you first connect to prevent this from happening?
Wpa2 has a four way handshake, but we know open networks have no security
got any specific vid on that subject?
How useful is this in practice? Most websites use SSL nowadays. I guess you could serve your own version of Facebook's login page if you want Facebook account details I guess but even then the browser would warn you that something is amiss. It's not like you can get a valid SSL certificate for a domain you don't own. Wouldn't this only work if the site isn't secured with SSL, or the person you're trying to steal data from is mindlessly ignoring all the big red warnings when trying to log into a site?
There's an alarming number of people out there who do the latter. They either don't read, or read it and don't understand because anything a computer spits out at them, no matter how clearly and user-friendly they're written, is super daunting and confusing because for a good number of people computers and technology is a big scary puzzle, so they ignore it and then wonder why all their money is gone and their identity is stolen or something. It's usually the former though- If there's one thing that life has taught me is that very few people in the world bother to read a God damn thing put in front of them. So due to both factors boiling down to either stupidity or willful ignorance, hacks like these among other "duh" scams/hacks work way more often than they should.
Not sure why but the reaction this guy has at the beginning of the video really cracks me up. https://files.facepunch.com/forum/upload/125/03cce4e0-c0c4-4846-84d9-c0086653b9ea/2019-02-10-113817_587x755_scrot.png
Many sites are not setup to protect against attacks like SSL stripping / log jam / downgrade. You'd never get an SSL warning and you'd be vunerable to an active attacker. At least, that's my novice understanding.
no but anyone who does networking in a decent job position knows how and probably a lot of computer science/networking students
Sorry, you need to Log In to post a reply to this thread.