Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,650 --> 00:00:06,980 So in the previous video we saw how easy it is to crack a key in a busy network so we had a busy network. 2 00:00:06,980 --> 00:00:14,160 We had a client that was watching videos all the time and we saw how the data was increasing very quickly. 3 00:00:14,170 --> 00:00:20,390 Now the question is are the problem that we're going to face is an access point that doesn't have any 4 00:00:20,390 --> 00:00:24,940 clients connected to it or an access point that has a client connected to it. 5 00:00:25,040 --> 00:00:31,040 But he's not using the Internet as heavy as we saw in the previous video maybe just reading articles 6 00:00:31,460 --> 00:00:39,860 or just going on Facebook or whatever but not using as much data as we saw last time. 7 00:00:39,880 --> 00:00:49,020 So let me just show you an example of that I'm just going to run aero down against the targets the targets 8 00:00:49,020 --> 00:00:55,120 access point to test AP just to have a lock on an ideal access point. 9 00:00:55,120 --> 00:00:56,040 So we have test. 10 00:00:56,060 --> 00:00:58,980 AP Now the same access point that we used before. 11 00:00:59,120 --> 00:01:04,680 The only difference is is that I've disconnected the device that was connected and you can see here 12 00:01:04,690 --> 00:01:10,810 in the second area the client area that there is no clients connected and you can see the data is zero 13 00:01:10,900 --> 00:01:16,200 and didn't even go to one so that's going to be a problem. 14 00:01:16,230 --> 00:01:17,580 So we're going to face. 15 00:01:17,940 --> 00:01:21,500 We won't be able to crack the key like this with zero data. 16 00:01:21,540 --> 00:01:30,310 So what we can do is we can inject packets into the traffic one to inject packets into the traffic. 17 00:01:30,350 --> 00:01:35,200 We can't force the AP to create new packets with new IP in them. 18 00:01:35,300 --> 00:01:38,170 We capture the IP and we do that again. 19 00:01:38,300 --> 00:01:40,470 That's the basic case that what we're going to do. 20 00:01:40,550 --> 00:01:43,360 We're going to explain three methods of doing this. 21 00:01:43,370 --> 00:01:45,930 We're going to explain them in detail and the next videos. 22 00:01:45,980 --> 00:01:50,260 So for now we're just having a quick look on how packet injection is going to work. 23 00:01:51,370 --> 00:01:58,540 But before we can inject package into the air we have to authenticate our device with the target access 24 00:01:58,540 --> 00:02:01,620 point see the way that Access Points work. 25 00:02:01,840 --> 00:02:09,250 And they have a list of all the devices that are connected to them and they ignore any packet that comes 26 00:02:09,250 --> 00:02:12,030 from a device that is not connected to them. 27 00:02:12,520 --> 00:02:17,920 So if a device that doesn't have the key tries to send a packet to your router your answer will just 28 00:02:17,920 --> 00:02:18,420 ignore it. 29 00:02:18,430 --> 00:02:21,630 It won't even try to read it or see what's in there. 30 00:02:21,640 --> 00:02:27,250 So before we can inject packets to the router we're going to have to authenticate ourselves with the 31 00:02:27,250 --> 00:02:27,930 router. 32 00:02:30,800 --> 00:02:35,550 We're going to use a method called fake authentication and it's very simple. 33 00:02:35,600 --> 00:02:41,270 We're going to have to do it before any Every time we try to inject going explain that now and then 34 00:02:41,270 --> 00:02:44,310 in the future we're just going to run the command straightaway. 35 00:02:44,390 --> 00:02:47,020 So I have done already running. 36 00:02:47,060 --> 00:02:50,620 Now let's see how we can fake authenticate ourselves. 37 00:02:50,640 --> 00:02:57,080 Remember when I talked about airdrome and initially as I said this is the type of authentication. 38 00:02:57,200 --> 00:02:59,450 And I said I'll come back for it later. 39 00:02:59,480 --> 00:03:02,610 So you see now the off is there is nothing here. 40 00:03:02,630 --> 00:03:09,350 Once we do the fake authentication you're going to see an O.P. and shown up here which means with successfully 41 00:03:09,370 --> 00:03:15,780 the fake authenticated our device with the target access point. 42 00:03:15,920 --> 00:03:18,470 So to do this we're going to use airplanes. 43 00:03:20,880 --> 00:03:28,530 We're going to use Paco's attack so we could type attack and then we're going to put the type or the 44 00:03:28,530 --> 00:03:31,510 number of packets that we want to send. 45 00:03:31,530 --> 00:03:33,510 So I'm just going to do zero. 46 00:03:33,510 --> 00:03:38,370 Some people use a large number one they have when they're carrying attack they'll take like five or 47 00:03:38,370 --> 00:03:39,210 ten minutes. 48 00:03:39,300 --> 00:03:44,500 But for me I like to just use 0 and maybe do it later manually. 49 00:03:44,820 --> 00:03:53,490 So take us zero we're going to use the option A the target market dress. 50 00:03:53,540 --> 00:03:57,640 So I'm just going to copies from here and paste that 51 00:04:00,820 --> 00:04:04,500 St.. 52 00:04:04,600 --> 00:04:11,690 We're going to use hate to put our mark address so that our mac address gets authenticated with the 53 00:04:12,050 --> 00:04:13,300 target network. 54 00:04:13,360 --> 00:04:23,440 So to get our market address we're just going to run the command ifconfig non-zero. 55 00:04:23,660 --> 00:04:25,160 And that's my MAC address. 56 00:04:25,160 --> 00:04:26,270 So I'm just going to copy it 57 00:04:29,050 --> 00:04:30,910 Landseer was the name of my wife by card. 58 00:04:30,910 --> 00:04:36,810 You can put mon's Yoko's there the same card so they have the same McElroy's. 59 00:04:36,910 --> 00:04:45,720 I'm going to paste it here and then I'll put the name of my wife I card mon's zero so about airplanes. 60 00:04:46,380 --> 00:04:51,040 The type of attacks that we're trying to do or trying to do a fake authentication attack to authenticate 61 00:04:51,460 --> 00:04:58,160 our mac address so that we can inject packets into the target network. 62 00:04:58,300 --> 00:05:05,530 We're going to send zero which means one do it once and then we put the MAC address of the access point 63 00:05:06,010 --> 00:05:09,030 and then page we put the MAC address of the device. 64 00:05:09,040 --> 00:05:14,750 We want to do a fake authentication too and that's my own wireless card. 65 00:05:15,040 --> 00:05:23,320 And then mon's your own name of the Wi-Fi card and then I'm going to have and as you can see that said 66 00:05:23,320 --> 00:05:30,600 an authentication request and it was successful and association is successful now. 67 00:05:30,670 --> 00:05:33,870 So and you can see here and the old. 68 00:05:34,120 --> 00:05:38,050 It became an open network and our client. 69 00:05:38,050 --> 00:05:43,640 This is my attacking device showed up as if it's it's a client connected to the network. 70 00:05:43,670 --> 00:05:45,020 We're actually not connected. 71 00:05:45,140 --> 00:05:50,280 Well we have we are authenticated with the network and we have associated with the network. 72 00:05:50,420 --> 00:05:53,310 So we can inject packets into this access point. 73 00:05:53,310 --> 00:06:00,530 Now because it will receive and request that we send it now it's not going to ignore our requests as 74 00:06:00,540 --> 00:06:06,710 the next videos we're going to see how we can inject packets into the air and how we're going to make 75 00:06:06,710 --> 00:06:09,580 this data go up very very quickly. 8192