All language subtitles for 13. Sniffing & Analysing Login Credentials

af Afrikaans
sq Albanian
am Amharic
ar Arabic Download
hy Armenian
az Azerbaijani
eu Basque
be Belarusian
bn Bengali
bs Bosnian
bg Bulgarian
ca Catalan
ceb Cebuano
ny Chichewa
zh-CN Chinese (Simplified)
zh-TW Chinese (Traditional)
co Corsican
hr Croatian
cs Czech
da Danish
nl Dutch
en English
eo Esperanto
et Estonian
tl Filipino
fi Finnish
fr French
fy Frisian
gl Galician
ka Georgian
de German
el Greek
gu Gujarati
ht Haitian Creole
ha Hausa
haw Hawaiian
iw Hebrew
hi Hindi
hmn Hmong
hu Hungarian
is Icelandic
ig Igbo
id Indonesian
ga Irish
it Italian
ja Japanese
jw Javanese
kn Kannada
kk Kazakh
km Khmer
ko Korean
ku Kurdish (Kurmanji)
ky Kyrgyz
lo Lao
la Latin
lv Latvian
lt Lithuanian
lb Luxembourgish
mk Macedonian
mg Malagasy
ms Malay
ml Malayalam
mt Maltese
mi Maori
mr Marathi
mn Mongolian
my Myanmar (Burmese)
ne Nepali
no Norwegian
ps Pashto
fa Persian
pl Polish
pt Portuguese
pa Punjabi
ro Romanian
ru Russian
sm Samoan
gd Scots Gaelic
sr Serbian
st Sesotho
sn Shona
sd Sindhi
si Sinhala
sk Slovak
sl Slovenian
so Somali
es Spanish
su Sundanese
sw Swahili
sv Swedish
tg Tajik
ta Tamil
te Telugu
th Thai
tr Turkish
uk Ukrainian
ur Urdu
uz Uzbek
vi Vietnamese
cy Welsh
xh Xhosa
yi Yiddish
yo Yoruba
zu Zulu
or Odia (Oriya)
rw Kinyarwanda
tk Turkmen
tt Tatar
ug Uyghur
Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:01,150 --> 00:00:09,070 Okay now that we have created our fake access point and it's working perfectly against CPS hate STDs 2 00:00:09,460 --> 00:00:15,610 and all web sites it's automatically show in it's logon screen and the logon screen looks exactly like 3 00:00:15,610 --> 00:00:18,040 the logon screen that the people are used to. 4 00:00:18,040 --> 00:00:23,380 We are ready to move to the next step which is the authenticating users. 5 00:00:23,440 --> 00:00:30,400 So you're going to go ahead use airplay ngi and authenticate all users or some users from the actual 6 00:00:30,400 --> 00:00:36,510 network so that they connect to your version to a network and enter their password in there. 7 00:00:36,520 --> 00:00:41,620 Now I'm not going to be covering that because I've already covered how to run a authentication attack 8 00:00:41,660 --> 00:00:44,930 again single multiple and all clients before. 9 00:00:45,100 --> 00:00:50,560 So I'm going to skip over this and I'm going to assume that you already authenticated your clients and 10 00:00:50,560 --> 00:00:55,730 your client is now or clients are connecting to your fake access point. 11 00:00:55,780 --> 00:01:02,200 The final step is going to be sniffing the log in and the password that they're going to be entering. 12 00:01:02,200 --> 00:01:08,110 Now I've also covered sniffing before but this is the end result of everything that we have done so 13 00:01:08,110 --> 00:01:08,440 far. 14 00:01:08,440 --> 00:01:10,060 So I can help to show it. 15 00:01:10,210 --> 00:01:17,320 And I'm also going to do it using a slightly different way just to show you a handier way for this particular 16 00:01:17,320 --> 00:01:18,800 scenario. 17 00:01:19,120 --> 00:01:21,560 So I'm going to go to my caddie machine. 18 00:01:21,760 --> 00:01:27,240 So I already have my wireless access point running and it's called the Royal Wi-Fi version too. 19 00:01:27,250 --> 00:01:33,730 As you know now all I have to do is just capture the packets and I'm just going to use something a little 20 00:01:33,730 --> 00:01:34,440 bit different. 21 00:01:34,440 --> 00:01:38,570 Like I said because I think this is going to be more convenient. 22 00:01:38,620 --> 00:01:46,140 So we're going to use a tool called the shark and this is actually what wireshark uses when sniffing 23 00:01:46,140 --> 00:01:47,500 for data. 24 00:01:47,670 --> 00:01:56,080 We're going to set the interface 2.0 and we're going to use Dasch W to store the data in a file and 25 00:01:56,080 --> 00:02:06,010 that's called this royal wife I that cup so there isn't a very simple command we're doing teeshirt we're 26 00:02:06,020 --> 00:02:12,650 giving it the interface that we want to sniff the data on and I'm using zero because none zero is the 27 00:02:12,650 --> 00:02:16,250 wireless adapter that we're using to broadcast the signal. 28 00:02:16,280 --> 00:02:21,890 So any request to target sends they're actually going to send it to the router and the router in this 29 00:02:21,890 --> 00:02:31,070 case is lan 0 because it's what broke broadcasting our signal Worster everything using the dash w option 30 00:02:31,460 --> 00:02:35,100 into a file called Royal Wi-Fi. 31 00:02:35,180 --> 00:02:40,910 I'm going to hit enter and as you can see this is not going to display anything for me. 32 00:02:40,910 --> 00:02:43,860 This is literally just going to capture packets. 33 00:02:43,890 --> 00:02:47,070 Store them in a file called Royal Wi-Fi Cup. 34 00:02:47,420 --> 00:02:53,670 So that's why it's really handy because I can just let this run and then come back to it later on open 35 00:02:53,680 --> 00:02:56,650 it and Wireshark and analyze it. 36 00:02:56,660 --> 00:02:58,790 So let's go to the Windows machine. 37 00:03:00,480 --> 00:03:02,980 And let's connect royal Wi-Fi. 38 00:03:08,810 --> 00:03:14,720 And as you can see as we've seen before when you try to lie again when you connect you'll automatically 39 00:03:14,720 --> 00:03:16,600 get the log in page. 40 00:03:16,610 --> 00:03:23,300 Now we're assuming that you should of by now you should have ran the authentication attack so that nobody 41 00:03:23,300 --> 00:03:28,670 can connect to the actual network and they can only connect to your fake AP. 42 00:03:28,910 --> 00:03:30,480 So they're going to go on English. 43 00:03:30,620 --> 00:03:35,870 This is not going to be suspicious at all to them because this is exactly the same page that they're 44 00:03:35,870 --> 00:03:38,190 used to enter their information on. 45 00:03:38,810 --> 00:03:44,800 So the user is going to put their user name which is and I'm going to put the password which is one 46 00:03:44,800 --> 00:03:46,300 two three four five six 47 00:03:48,980 --> 00:03:58,330 I'm going to click on Logan and as you can see it's automatically tell me could not get portal configuration. 48 00:03:58,330 --> 00:04:03,160 So the person is going to think that there is an error or something is going wrong. 49 00:04:03,160 --> 00:04:10,570 Now let's go back to the Callimachi and I'm going to stop this by doing Control-C and then I'm going 50 00:04:10,570 --> 00:04:11,800 to open Wireshark 51 00:04:15,270 --> 00:04:20,160 and we'll analyze the file that contains the data that we just captured. 52 00:04:20,820 --> 00:04:32,230 So I'm going to go to File Open and the file that we just created is called Royal y Fido's Cup. 53 00:04:32,390 --> 00:04:33,390 Gonna click on open 54 00:04:36,420 --> 00:04:40,280 and as you can see we have all the packets that we captured so far. 55 00:04:40,280 --> 00:04:48,120 And here now what we're looking for and what we're interested in is TTP packet's because as you remember 56 00:04:48,120 --> 00:04:54,900 we added a form in the same old page and we said that for him to use a post request. 57 00:04:55,410 --> 00:05:01,460 And that's why I said if we are that it's going to be very easy for us to analyze and find the username 58 00:05:01,470 --> 00:05:03,210 and password. 59 00:05:03,210 --> 00:05:11,030 So in the filter and here I'm just going to type in TTP and that will show me only the TTP packets that 60 00:05:11,030 --> 00:05:13,820 were sent over this network. 61 00:05:14,190 --> 00:05:19,140 And as you can see here all these requests are get through quest. 62 00:05:19,250 --> 00:05:24,470 Now again we set the method in our forums that we either manually to use post. 63 00:05:24,470 --> 00:05:27,880 So we're going to look for something that says post in here. 64 00:05:30,180 --> 00:05:30,600 OK. 65 00:05:30,610 --> 00:05:33,890 And we have a post request in here. 66 00:05:34,030 --> 00:05:42,550 Now if we click on the Hastey MLA form you can see that we have a form item called username and the 67 00:05:42,550 --> 00:05:44,290 value for that was. 68 00:05:44,920 --> 00:05:51,250 And then we have another form item and the value for that is 1 2 3 4 5 6. 69 00:05:51,670 --> 00:05:55,840 So we managed to capture the username and password right now. 70 00:05:56,170 --> 00:06:02,090 And all we have to do is just go in and log into that network news in the username and password. 7480

Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.