Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,740 --> 00:00:05,070
And this lecture we're going to talk about an attack called the authentication attack.
2
00:00:05,070 --> 00:00:11,910
This attack basically allows us to disconnect any device from any network even if that network uses
3
00:00:11,910 --> 00:00:12,810
encryption.
4
00:00:12,810 --> 00:00:17,820
Even if we don't know the key to that network and even if we're not connected to that network.
5
00:00:18,000 --> 00:00:23,250
So we're still in the pre-conception attack section which means all the attacks that we're talking about
6
00:00:23,250 --> 00:00:26,430
work without the need to connect to the network.
7
00:00:26,640 --> 00:00:31,320
So we're going to be targeting that and network that we don't know it's password and we're not actually
8
00:00:31,320 --> 00:00:32,170
connected to.
9
00:00:32,550 --> 00:00:38,970
And we'll be able to disconnect any device from any network as long as the device and the network are
10
00:00:38,970 --> 00:00:40,950
within our Wi-Fi range.
11
00:00:42,340 --> 00:00:48,520
We're going to change our MAC address and pretend to be the target computer and send the request to
12
00:00:48,520 --> 00:00:54,760
the router tell on it that I want to disconnect from you then we're going to change our MAC address
13
00:00:54,940 --> 00:01:01,510
and pretend to be the router and tell the client tell our target computer that I'm the router and I'm
14
00:01:01,510 --> 00:01:06,130
going to disconnect you right now because you requested to be disconnected by doing that.
15
00:01:06,220 --> 00:01:10,500
We'll be able to disconnect the target computer from the router.
16
00:01:10,510 --> 00:01:15,190
So again we're going to pretend to be the target computer and tell the router that we want to disconnect
17
00:01:15,580 --> 00:01:19,860
then we're going to pretend to be the router and tell the computer I'm going to disconnect you.
18
00:01:20,140 --> 00:01:23,890
And by doing so we'll be able to disconnect that computer.
19
00:01:23,890 --> 00:01:26,790
All of this is going to be done using a tool called a replay.
20
00:01:26,800 --> 00:01:29,340
And you sir I should not going to be doing that manually.
21
00:01:29,380 --> 00:01:32,140
The tool will be doing everything for us.
22
00:01:32,170 --> 00:01:33,430
So let me show you how we do that.
23
00:01:33,430 --> 00:01:35,490
It's very simple and very easy.
24
00:01:35,500 --> 00:01:42,590
First of all I'm going to run dump and jihad against my target network and I'm going to be targeting
25
00:01:42,590 --> 00:01:44,140
a different network right now.
26
00:01:44,300 --> 00:01:47,150
And that's again one of my networks.
27
00:01:47,330 --> 00:01:51,570
It's called UPC and it ends up with 9 1 6.
28
00:01:52,070 --> 00:01:58,860
And in this particular example I'm going to try to disconnect this Windows machine from the Internet.
29
00:01:58,990 --> 00:02:03,610
So just to show you its MAC address so we know if I do IP config Oh
30
00:02:07,480 --> 00:02:15,140
you'll see that the MAC address for this computer is 0 0 to 1 and ends up with 0 6 so if we go here
31
00:02:15,800 --> 00:02:17,300
we can see that.
32
00:02:17,330 --> 00:02:23,870
I'm just going to Control-C to stop this and we can see that we have that machine in the Windows machine
33
00:02:23,870 --> 00:02:30,350
is shown up here in the second section of a dump and g which is the section that contains the connected
34
00:02:30,410 --> 00:02:32,310
devices are the connected clients.
35
00:02:32,330 --> 00:02:38,330
As we said before and we can see that the Windows computer is showing up here with this mac address.
36
00:02:38,420 --> 00:02:42,540
So if we want to disconnect that computer we can do that use an airplane.
37
00:02:42,540 --> 00:02:48,330
And as I said and the command is going to be very simple it's going to be a replay and you know play
38
00:02:48,330 --> 00:02:52,610
airplanes can be used to do a lot of things and we'll see that in future lectures.
39
00:02:52,610 --> 00:02:55,760
For now we want to use it to do a deal authentication attack.
40
00:02:55,850 --> 00:03:02,690
So we're going to tell it that I want to run a D authentication attack off then we're going to specify
41
00:03:02,690 --> 00:03:05,670
the number of the authentication packets to send.
42
00:03:05,870 --> 00:03:12,770
And we're going to use a very large number so we keep sending these packets and the device stays disconnected.
43
00:03:12,960 --> 00:03:16,440
Then we're going to give it the MAC address of the target access point.
44
00:03:16,440 --> 00:03:20,070
So this is the target wireless network or access point.
45
00:03:20,190 --> 00:03:21,760
And this is the MAC address of it.
46
00:03:21,780 --> 00:03:23,300
It's the same as this
47
00:03:26,830 --> 00:03:28,590
then we're going to say minus.
48
00:03:28,810 --> 00:03:34,210
To give that the machine that we want to disconnect and in our example we want to disconnect the Windows
49
00:03:34,210 --> 00:03:34,890
machine.
50
00:03:35,080 --> 00:03:38,030
And this is its MAC address.
51
00:03:38,270 --> 00:03:42,610
So I'm going to copy it and I'm going to paste it here.
52
00:03:44,470 --> 00:03:49,050
And finally we're going to give it the interface that has monitor mode enabled on it.
53
00:03:49,050 --> 00:03:52,330
And for me it's called Mohn 0.
54
00:03:52,370 --> 00:03:54,610
I get the command is very simple.
55
00:03:54,610 --> 00:03:56,350
It's a replay ngi.
56
00:03:56,500 --> 00:03:58,750
That's the program that we're going to use.
57
00:03:58,780 --> 00:04:02,350
We're learning that we want to do the authentication attack.
58
00:04:02,350 --> 00:04:07,600
We're going to use a very large number of packets to keep the target's computer disconnected and we
59
00:04:07,600 --> 00:04:09,520
want to target this network.
60
00:04:09,520 --> 00:04:14,830
So this is the s s I.D. or the MAC address of the target access point or network.
61
00:04:15,310 --> 00:04:21,670
And we want to disconnect this specific device from that network so we're under disconnect in one device
62
00:04:21,670 --> 00:04:22,590
from that network.
63
00:04:22,690 --> 00:04:27,220
And we gave it the MAC address of that device and that's my Windows device.
64
00:04:27,220 --> 00:04:32,260
So now let's just go back here to the Windows device and again you can see the MAC address here.
65
00:04:32,410 --> 00:04:38,530
If we click here on the Wi-Fi you'll see that this machine is actually connected over Wi-Fi and it's
66
00:04:38,530 --> 00:04:39,840
connected to that network.
67
00:04:39,850 --> 00:04:48,070
The UPC 0 9 1 6 at the end and if we go to the browser and open something you'll see that we have internet
68
00:04:48,070 --> 00:04:57,140
connection so if you go to Google dotcom you can see that this computer is actually connected to the
69
00:04:57,140 --> 00:04:58,120
Internet.
70
00:04:58,220 --> 00:05:05,900
So I'm going to go here and I'm going to hit enter to run this attack.
71
00:05:05,920 --> 00:05:10,610
Now if we go to the Windows machine and try to open anything.
72
00:05:10,690 --> 00:05:13,080
So let's go to being dot com for example.
73
00:05:15,380 --> 00:05:18,290
You'll see that we lost our internet connection.
74
00:05:18,290 --> 00:05:22,890
And if you look here on the Wi-Fi icon you'll see that it's actually not connected anymore.
75
00:05:23,180 --> 00:05:27,950
And we can see that this is our network and again we're still we're not connected to it.
76
00:05:28,130 --> 00:05:34,910
And even if we try to go and connect to it we won't be able to connect because the Linux machine is
77
00:05:34,910 --> 00:05:40,790
constantly sending the authentication packets preventing this machine from connecting.
78
00:05:40,790 --> 00:05:43,110
So again it looks like as if it's connected.
79
00:05:43,320 --> 00:05:50,060
But if we go here and try to open something you'll see that we have no internet connection now and clicking
80
00:05:50,060 --> 00:05:53,430
on the try again and nothing is happening.
81
00:05:53,480 --> 00:05:57,190
If we give it a bit more time we actually going to get disconnected again.
82
00:05:58,160 --> 00:06:02,420
Now being is not loading even if we go and try Google.
83
00:06:02,580 --> 00:06:09,270
And again we lost the connection right here and we're back to basically disconnected like completely
84
00:06:09,270 --> 00:06:10,110
disconnected.
85
00:06:10,110 --> 00:06:13,700
It's not like we're connected to the network and we don't have internet access.
86
00:06:13,710 --> 00:06:16,140
We're actually completely disconnected from the network.
87
00:06:16,320 --> 00:06:21,300
And Windows is constantly trying to connect back but as soon as it connects back it gets disconnected
88
00:06:21,300 --> 00:06:27,870
again because this machine is constantly sending these the authentication packets.
89
00:06:27,870 --> 00:06:32,950
Now again this attack works without the need to know the key or the password to the target network.
90
00:06:33,090 --> 00:06:39,930
And it works against all operating systems so against Windows Linux OSS ex iPhone Android whatever as
91
00:06:39,930 --> 00:06:46,140
long as the device uses Wi-Fi you can use this attack and kick them out of any network that they're
92
00:06:46,140 --> 00:06:46,970
connected to.
93
00:06:47,840 --> 00:06:53,030
Now to exit out of this attack you can just press control-C at the same time and it will terminate.
9904
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.