1
00:00:01,710 --> 00:00:16,490
The Estonia attack on the Terminator terminal and then split screen into two it no just to check.

2
00:00:16,550 --> 00:00:24,210
I have to Wi-Fi ISIS point a Wi-Fi adapter if I die I don't think you will see my do I fired up the

3
00:00:24,870 --> 00:00:32,240
double line one is my stun no Wi-Fi that you only need one I plug in a second one because my second

4
00:00:32,240 --> 00:00:36,790
Wi-Fi adapter is capable of monitoring what I am using.

5
00:00:36,840 --> 00:00:38,360
How far.

6
00:00:39,110 --> 00:00:40,700
You have a phone network adapter.

7
00:00:41,270 --> 00:00:41,920
Uh yeah.

8
00:00:41,930 --> 00:00:43,360
MODEL IS ALPHA.

9
00:00:43,550 --> 00:00:45,790
A W U S 0 3 6.

10
00:00:45,830 --> 00:00:50,100
In case you Wi-Fi you SB adapter.

11
00:00:50,930 --> 00:00:52,670
So you only need one.

12
00:00:52,700 --> 00:00:55,500
I will be using the bill in one so in the top mean.

13
00:00:55,580 --> 00:00:56,030
No.

14
00:00:56,540 --> 00:00:57,680
Until you get it.

15
00:00:57,940 --> 00:01:00,710
Yeah get in for the ending.

16
00:01:00,900 --> 00:01:01,100
Yeah.

17
00:01:01,170 --> 00:01:01,350
Yeah.

18
00:01:01,390 --> 00:01:02,330
Yes.

19
00:01:02,420 --> 00:01:04,060
And you will see the ISA program.

20
00:01:04,070 --> 00:01:04,500
Go.

21
00:01:04,550 --> 00:01:05,320
Get in.

22
00:01:05,650 --> 00:01:08,210
As each soldier going to run the

23
00:01:19,900 --> 00:01:27,090
yes press Enter he's checking whether we have all the necessary programs before he starts near day

24
00:01:32,940 --> 00:01:33,340
no.

25
00:01:33,390 --> 00:01:34,250
Press enter again

26
00:01:38,530 --> 00:01:41,320
so he checks whether it is necessary to update.

27
00:01:41,620 --> 00:01:43,360
So there is no need to update from my case.

28
00:01:43,360 --> 00:01:50,370
Just PRESENTER Now we choose the W then one Wi-Fi adapter so our price to the

29
00:01:54,930 --> 00:01:59,210
net I'm going to put the double line one and get into the money then what.

30
00:01:59,940 --> 00:02:03,630
So I select to have press enter

31
00:02:07,590 --> 00:02:13,590
and now you see no need to mount any to be named b w lan one one presenter

32
00:02:18,070 --> 00:02:24,280
and now we wonder you would do not take I'm a seven so selling them as I want and press enter

33
00:02:29,170 --> 00:02:31,440
and now we need to select the targets.

34
00:02:31,760 --> 00:02:32,890
I split up with targets.

35
00:02:33,230 --> 00:02:35,750
So put number four press enter

36
00:02:38,870 --> 00:02:47,560
and now present day again to scan so you pop out the window we show on a our hand corner and once you

37
00:02:47,560 --> 00:02:50,350
see the target that you want to attack your target.

38
00:02:50,360 --> 00:02:53,570
So SS points as a surprise at least a year.

39
00:02:53,650 --> 00:03:01,150
So I found my SAS brand that I want to target so I press control C to close the small window control.

40
00:03:01,160 --> 00:03:03,300
See.

41
00:03:03,550 --> 00:03:08,490
Then you will populate uh with a list of possible access points that you can a day.

42
00:03:08,530 --> 00:03:16,910
I'm gonna take them before so I say like for and press enter.

43
00:03:17,340 --> 00:03:20,970
Now you can see the barometer on the top left hand corner.

44
00:03:20,970 --> 00:03:26,280
We are using that we learned one and then the SS ivy for a target.

45
00:03:26,500 --> 00:03:29,970
Is this one decent MAC address someday of the target.

46
00:03:29,970 --> 00:03:32,100
The target SS I.D. call indeed you know.

47
00:03:32,110 --> 00:03:38,940
So when one general one so we are gonna attack using number nine or 10 attack.

48
00:03:39,030 --> 00:03:43,840
We've kept the So So night and press enter

49
00:03:46,680 --> 00:03:47,480
present day again

50
00:03:50,380 --> 00:03:51,200
and in press.

51
00:03:51,210 --> 00:03:53,550
Again it was scandal targets.

52
00:03:53,580 --> 00:04:03,910
A second time once you see your target which is this one for me press control see to close this window

53
00:04:03,940 --> 00:04:08,880
on the top right corner you will repopulate again.

54
00:04:08,910 --> 00:04:14,250
So this time again select the target that you want to take which is your main number six.

55
00:04:14,410 --> 00:04:16,870
So all of Type 6 and press enter

56
00:04:20,560 --> 00:04:23,270
and now I am ready to attack.

57
00:04:23,380 --> 00:04:25,720
So let's head over to our Windows machine.

58
00:04:26,680 --> 00:04:32,400
So this is my victim which is connected to the access point target which I am going to attack.

59
00:04:32,800 --> 00:04:41,140
If I check my Wi-Fi you can see I am connected to the target access point which is integer 9 7 1 1 and

60
00:04:41,140 --> 00:04:43,000
I will go easy on access.

61
00:04:43,000 --> 00:04:47,470
So let's head back to the copy machine.

62
00:04:47,470 --> 00:04:53,710
So now we are going to use number two to disconnect any computer which is connected to this access point

63
00:04:54,730 --> 00:05:06,090
so select them a 2 and present a had a yes or no and for no if you want to use.

64
00:05:06,100 --> 00:05:08,990
Yes you need to have to Wi-Fi it s s s s.

65
00:05:09,700 --> 00:05:11,750
If you only have one Wi-Fi.

66
00:05:11,770 --> 00:05:15,440
Uh yeah Wi-Fi adapter you cannot press a Y.

67
00:05:15,550 --> 00:05:23,640
So I assume most of you have only one Wi-Fi adapter so that I know for this this is not necessary.

68
00:05:28,460 --> 00:05:28,620
No.

69
00:05:28,770 --> 00:05:29,410
Oh here.

70
00:05:29,670 --> 00:05:31,480
Uh you you want a spoon.

71
00:05:31,530 --> 00:05:37,680
This is up to you if you want a spoof you'll make an address explaining why you've not expressed no

72
00:05:38,470 --> 00:05:39,720
it's not necessary to spoon.

73
00:05:40,140 --> 00:05:43,780
So now I see you do have a handshake from the handshake.

74
00:05:44,430 --> 00:05:51,360
Is uh necessary so that you can call check whether or not the the victim enters the correct password

75
00:06:02,080 --> 00:06:02,730
so time.

76
00:06:02,730 --> 00:06:06,120
No.

77
00:06:06,410 --> 00:06:14,670
Here and the 100 day maximum it is a time out in order to for this point to wait for a handshake.

78
00:06:14,680 --> 00:06:22,150
They capture this PRESENTER And now you will go and try to capture the handshake for presenter

79
00:06:52,520 --> 00:06:54,830
so you will see congratulations.

80
00:06:54,950 --> 00:06:56,570
You have already captured the NJ fan.

81
00:06:57,020 --> 00:07:01,810
So now uh this is the default location to start the handshake from.

82
00:07:02,360 --> 00:07:05,480
If you want to accept default present day.

83
00:07:05,510 --> 00:07:08,140
If not you can and uh.

84
00:07:08,270 --> 00:07:09,220
Alternative path.

85
00:07:11,870 --> 00:07:14,210
So the you obviously day no

86
00:07:17,140 --> 00:07:22,690
and now it is going to ask you the location to store the captured password later on.

87
00:07:22,690 --> 00:07:25,690
So if you're okay with this path yes press enter.

88
00:07:25,690 --> 00:07:27,290
If not you'll be able to enter.

89
00:07:27,310 --> 00:07:30,040
Uh alternative power center.

90
00:07:31,510 --> 00:07:34,160
So now you're ready to launch the attack.

91
00:07:34,210 --> 00:07:40,980
So just presenter and here you can see the parameters how they get ready to launch a day.

92
00:07:41,170 --> 00:07:42,780
And I ask you one.

93
00:07:42,850 --> 00:07:48,210
Uh website you on the show when the person next to the access point the is X why.

94
00:07:48,460 --> 00:07:50,050
So we want to show uh.

95
00:07:50,280 --> 00:07:55,780
Let's say they were asked to use it enter the passive juice for me I was using English one is English

96
00:07:57,420 --> 00:07:58,780
and now you're ready to start.

97
00:07:59,290 --> 00:08:04,340
So he says Yeah multiple window would be open and close anyone.

98
00:08:04,390 --> 00:08:10,850
So uh once you start your time he will open about five or six of those.

99
00:08:11,080 --> 00:08:13,940
And then don't close them if you want to.

100
00:08:14,320 --> 00:08:22,310
If you want to establish a press enter on this window and the script will close em all.

101
00:08:22,390 --> 00:08:26,880
So if you want to study night you present in this window not any other window.

102
00:08:27,460 --> 00:08:28,860
So now you press enter the stack

103
00:08:35,350 --> 00:08:40,500
so the attack has started and now you open up the SS my window.

104
00:08:40,520 --> 00:08:47,620
It shows you access point has already been created and it is broadcasting a census I.D. as integer 9

105
00:08:47,650 --> 00:08:51,520
7 one 1 which is identical to the real SS I.D.

106
00:08:56,120 --> 00:09:00,080
And remember this is a fake society and a user.

107
00:09:00,200 --> 00:09:02,210
We see that it is the same.

108
00:09:02,270 --> 00:09:09,830
Same name as the origin of society now a static DCP server the DCP so you give an IP address to anyone

109
00:09:09,830 --> 00:09:16,850
who connects to the access point and now is also that the D authentication a day to disconnect all class

110
00:09:16,880 --> 00:09:24,740
connected to the real access point and then over here you see the control screen uh here the how long

111
00:09:24,770 --> 00:09:32,450
and thing is has been running in seconds as you can see is increasing seconds and yet how many times

112
00:09:32,930 --> 00:09:40,380
the uh users have made them to to connect and give the password at a moment.

113
00:09:40,440 --> 00:09:41,730
All kinds I can tell you.

114
00:09:42,590 --> 00:09:50,240
Then again this is to spoof anybody who connects to the face s point and you redirect them to the log

115
00:09:50,240 --> 00:09:56,680
in screen which we are going to show to ask them to do the password and below that.

116
00:09:56,690 --> 00:10:03,140
So there is a web server which is running on the galley machine and this website where we serve the

117
00:10:03,760 --> 00:10:05,930
logging screen.

118
00:10:05,990 --> 00:10:13,700
So now let's head over to the target in those computer which is connected to the organizers point as

119
00:10:13,700 --> 00:10:23,470
you can see it has been uh disconnected from the U S S point it was already connected to this and you

120
00:10:23,510 --> 00:10:29,810
try to connect to this again and you will find you will be able to connect to because the uh the article

121
00:10:29,840 --> 00:10:35,740
or the authentication that time has been running keeps on trying and find that you cannot connect.

122
00:10:36,140 --> 00:10:37,490
As you can see you can't go.

123
00:10:37,760 --> 00:10:41,620
Eventually the user will take this on because he has the same name.

124
00:10:41,640 --> 00:10:47,920
They also will be tricked into thinking that uh something has gone wrong with the access point and that's

125
00:10:47,930 --> 00:10:49,340
why it is showing at MIS too.

126
00:10:49,370 --> 00:10:55,400
So the user in a Sunday will take on this one and then click on Connect and then Y is gonna turn up

127
00:10:55,540 --> 00:11:02,900
the proposed game open by the user won't be able to go anyway so the user who tried to go to a Web site

128
00:11:04,580 --> 00:11:16,490
by giving the you are for example via the web cam and immediately uh uh log in screen will be shown

129
00:11:16,910 --> 00:11:26,250
and he has to use it to enter the password for the Wi-Fi access point so the user will be king of mean

130
00:11:26,300 --> 00:11:27,790
he may not be in a real password

131
00:11:31,350 --> 00:11:32,680
my desk in a fake one.

132
00:11:33,150 --> 00:11:40,380
So for example I a keen uh fake uh password and so I mean and he will say the password is incorrectly

133
00:11:40,410 --> 00:11:42,150
that I think that the main screen.

134
00:11:42,150 --> 00:11:46,230
So now the user might gain the real one this time.

135
00:11:46,410 --> 00:11:48,330
So the key in the real password

136
00:12:06,170 --> 00:12:14,450
and then clicks I mean and this time that puzzle is correct the connection will be establishing a few

137
00:12:14,450 --> 00:12:15,320
moments.

138
00:12:15,320 --> 00:12:18,830
So now let's head back to the copy machine and you can see here

139
00:12:21,590 --> 00:12:27,800
cultivation shows yet and the runtime is three minutes doing a second and a password has been successfully

140
00:12:27,800 --> 00:12:28,650
kept it.

141
00:12:28,760 --> 00:12:29,530
This is a password.

142
00:12:30,110 --> 00:12:33,160
And it is also saving this for.

143
00:12:33,520 --> 00:12:36,280
So now you can press enter on the menu window.

144
00:12:36,820 --> 00:12:45,310
Uh to close everything so that you would remain remaining doing presenter and everything we shut down

145
00:12:47,560 --> 00:12:55,190
so that the user will now be able to reconnect back to a obviously no uh real Wi-Fi access point.

146
00:12:55,330 --> 00:13:00,570
So um this is how we launch uh these uh you would do an attack.

147
00:13:00,710 --> 00:13:02,740
So thank you for watching.