hacking every device on local networks - bettercap tutorial (Linux)

Рет қаралды 1,038,269

Күн бұрын

Пікірлер: 619

@nourtechtalk Жыл бұрын

Lets play a game: Can you spot and map all the blurred out mac addresses in the video? Hint: The last letter is visible from the first blur. Note: I have regenerated all of them so its alright 😉

@theguywithnoname4745 Жыл бұрын

Wait wdym bro?

@johannesjoestar Жыл бұрын

Aren't they basically visible on the very same blurred frame, logged right above the table? "...endpoint detected as ..."?

@cynagen Жыл бұрын

@@johannesjoestar came here to say, the MAC addresses are still exposed in the initial logs when they scanned the network but blurred out most others

@brandolinocaston Жыл бұрын

Ok, please show me how to change MAC on your blurred Alpha wlan0 Adapter with 00:c0:ca:af:ff:0e MAC :)

@gangbang7354 Жыл бұрын

I don't see my icon /wifi sign/ why? help me my laptop is connected wirelessly but still giving me ethernet by which i cant continuing my efforts plz

@PixelOtter0813 Жыл бұрын

In the end i thought he was pulling a nord sponsorship lmao , really useful info thanks

@rcstuff71 15 күн бұрын

cool

@griq Жыл бұрын

I think it’s safe to assume that every video that says “educational purposes” are mostly used for unethical purposes. Good to see how it’s done so I can better protect myself. Thank you sir

@TidanOfc Жыл бұрын

"Good to see how it’s done so I can better protect myself. Thank you sir" this quote alone makes everything you said previously, sound kinda stupid.

@marcorodrigues8303 Жыл бұрын

Sim Fui

@RakibHasan-hs1me Жыл бұрын

Trust me, when they mention educational purposes it means it's actually worthless. You have either own something expensive along with it or find a new work way around to use the and get the job done.

@sazzy94 Жыл бұрын

he is gonna do something illegal@@TidanOfc

@hamzazaman18 11 ай бұрын

well it winds up everyhting lol@@TidanOfc

@op_bill641 5 ай бұрын

I just learned how to do this and im so (negatively) amazed at how easy it is for someone in your network to spy on your device

@razorwire111 Жыл бұрын

I like how you put everything together from attack to mitigation tactics.

@sinisterz3r090 Жыл бұрын

I can also turn off my computer! no more attacks!

@user-gr4vx8xz1l Жыл бұрын

I didn’t see anyone mention in the comments this but most routers now a days have the option to setup a guess network that is separate from your network. You could also just create another VLAN for the guest network as well. Also VPN traffic isn’t secure either your traffic is passing through the servers that the vpn is hosted on. Sopeople need to choose vpns with good reputations and not some of the free vpns. Or create their own vpn. Great video though just wanted to add that bit for people.

@sethadkins546 Жыл бұрын

The use of a VPN here was to ensure traffic going across the LAN was secure, not across the internet (as you said at that point you're trusting the VPN provider). Within that context, you can consider it "secure" since it cannot be accessed by attackers.

@Allinone-sh6cj Жыл бұрын

How to make own vpn?

@robot67799 Жыл бұрын

I like how your video is straight to the point

@cde-lf7iu Жыл бұрын

Very very very good explanation, very detailed and straight to the point we all want. Excelent. Thank you

@VioFax Жыл бұрын

too bad the next video got removed :(

@khusham6216 Жыл бұрын

@@VioFax can you brief it if you've watched it? I would love to know about how to create my own vpn.Thanks

@rajmodi4145 Жыл бұрын

bhai muje sikhaoge kese krna he

@rajmodi4145 Жыл бұрын

bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do

@BrianMeyers-yl3om Жыл бұрын

Very clear and no b.s. Thank you! subscribed!

@rajmodi4145 Жыл бұрын

bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do

@kiaraki7186 Жыл бұрын

@@rajmodi4145 router ka admin password hai?

@markb4168 Жыл бұрын

agreed

@theeverleinhour9616 2 ай бұрын

I am mindblown and grateful for having stumbled into this video. Thank you so much for raising awareness on these kinds of risks, it really helps in protecting myself!

@prozacgodgamedev Жыл бұрын

Correction, you're not seeing all URLS' you're seeing the domain names, with a uri/url slapped on the front of it, to see the whole url, you'd need to see inside the http packet, which you can't because they're all using SSL.

@Log.Rhythm Жыл бұрын

Came to say this! Fear mongering 🙄

@prozacgodgamedev Жыл бұрын

@@Log.Rhythm A lot of this video felt like fear mongering. It wasn't 'that' factually incorrect in the technical side of things, it was just ... not telling the whole story. It's another (in large print) "Look at all the things hackers can do to you!" (and in the small print, whispering) "...when you give them access to your computer or network" I mean, sure with DNS leakage someone might know you're on porn hub, but they won't know the particular degeneracy you're up to.

@willyv374 Жыл бұрын

Ye all those ebay hackers, with their GitHub tools 😂😂😂 this video ist only useful for elders, who don't have a fcking clue at all

@andrestorres7343 Жыл бұрын

Furthermore, even if you are spoofing the DNS requests, you will see a not secure message in the browser (not secure 🔐) as there would be a mismatch in the certificate for the domain...

@Willowox Жыл бұрын

Yeah this technique would work well probably in the 2000s and earlier, when most websites are still on http, not https, and browser security was crap back then. It is pretty much useless today.

@kestonsmith1354 2 жыл бұрын

How you think celebs private photos get hacked and leaked, it's most of the time someone with a expensive wifi adapter, aircrack-ng, hashcat and an excellent word list, bettercap and beef .

@thevault1575 Жыл бұрын

lol no. most celebs got their photos leaked bc they did not secure their icloud. if someone cracks their icloud, they can get access to all their icloud photos.

@kestonsmith1354 Жыл бұрын

@@thevault1575 not true, you need to their real verified email which is not public information and very hard to acquire. Once you get onto someone's network you can record anything , see which sites they are visiting, capture their passwords, etc. Once you gather the information, it can be sold to the media and other sources for a pretty penny.

@thevault1575 Жыл бұрын

@@kestonsmith1354 Yes it is true... Back in 2014 there was an “event” called “the fappening”. What happened was celebrates photos and videos got leaked and posted onto 4chan & reddit. This was all possible bc of icloud. I agree with you that it would be hard for someone to get a celebs personal email but people are very good at social engineering! From opendatasecurity: “In 2014 there was a massive leak of intimate photographs of famous people that was called the Fappening movement or “Celeb Gate”. How did it happen? By the Apple cloud storage service: iCloud.” I would include the link to the article but I don’t think youtube allows that. Just look up the fappening. It all happened because of icloud.

@kestonsmith1354 Жыл бұрын

@@thevault1575 For the first one, back in 2014, Facebook were very vulnerable to hacks through their login system , it was easy to break into people's accounts. The second one in 2017, how was he able to get hold of their email addresses ..unless they were already part of the a list of emails from a compromised agency server that actors are affiliated with. You can find a lot of people's information on the dark web as well. With social media, it's getting easier and easier

@Anirbansinha24 Жыл бұрын

@@jeoi teri ma ki rockout

@ghaithshaqra4100 Жыл бұрын

quick direct and focusing on the details very good bro i will keep watching your new videos 😊

@rajmodi4145 Жыл бұрын

bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do

@szdavee92 Жыл бұрын

I think you forget to mention that if a site uses HTTPS you can't see the data just the target IP. If you using a dns spoofing attack you will se nothing because the HSTS kick in. Also u can't inject nothing to site which using HTTPS because the whole http request including the header is encrypted.

@nourtechtalk Жыл бұрын

Very true but you can also downgrade the connection to http and enjoy the show 😁

@mathiasdeweerdt1400 Жыл бұрын

@@nourtechtalk Any modern, respected website will not allow this. HSTS will prevent exactly this.

@ZK-du3pj Жыл бұрын

@@nourtechtalk HSTS is impossible to downgrade down to http.

@Bluexin_ Жыл бұрын

@@nourtechtalk tbh after enabling the https everywhere plugin I started to notice way more how many websites still don't support https. Even govt websites over here 😅 that plugin is a godsend, don't even need to rely on the website maintainers to enable hsts

@johnsailor3590 Жыл бұрын

He did not forget it, a video saying it does not really work won’t be viral

@asubzero_ 10 ай бұрын

I researched Wi Fi networks and watched several tutorials, only now I understand the video in its entirety

@yhytuncer 2 жыл бұрын

Great video Nour ! I like the way you explain and demonstrate these attacks

@frankbazuaye4747 Жыл бұрын

Awesome .So simple and very resourceful .So glad I found your channel pal

@walidejdoevpz6600 Жыл бұрын

pls tell me how to lunche bettercap and how to download it i got stuck in the first thing hlp me pls i need to know

@yourworstfear Жыл бұрын

got u

@AnantaAkash.Podder 11 ай бұрын

Excellent Tutorial Man... Very well detailed and explained...

@dha12oks 11 ай бұрын

Thanks for the video, I'm actually studying at the moment for Cyber Security, and this is a bit of an eye opener towards what I would be going against.

@alexmarchant4277 11 ай бұрын

nice did not know bettercap was in kali now. show people how to make there own OpenVPN :) Keep it up

@pagikesenja Жыл бұрын

Thank you Nour for your excellent job, more similar videos please..

@theMadhatter817 6 ай бұрын

Nice,never seen anyone show proof of concept for a.vpn before

@m4vf Жыл бұрын

That's why when I visit Facebook, I always use an ethernet cable plugged into their mainframe, thus knowing that I'm directly connected to Facebook. The only issue is that I walk down to their HQ every time.

@b.wallet5295 Жыл бұрын

Lol

@mathiasdeweerdt1400 Жыл бұрын

I think you should mention HSTS and how it protects the user. Enabling DOH(DNS over https) does also provide extra security and the importance of keeping your browser and operating system up-to-date. Note: You are leaking your MAC addresses you tried to hide in the beginning of the video btw.

@nourtechtalk Жыл бұрын

Hi Mathias, I talked about hsts in my second video where I demonstrated the man in the middle attack but unfortunately it got removed from youtube. DoH is a great technology but its not widely supported by dns resolvers. DNS remains the achilles heel of the internet.

@penguin--_-- Жыл бұрын

@@nourtechtalk please re-up.

@darthwater999 Жыл бұрын

@@nourtechtalk Many people upload their banned video on odysee, a KZbin like website with few moderation

@XiaolinDraconis Жыл бұрын

Re-upload unpublished but leave the link in description or pinned comment.

@CoverDrive007 Жыл бұрын

@@nourtechtalk sir do u have any blog?

@l3gend272 Жыл бұрын

1:51 you hid you MAC addresses at the bottom, but isn’t it showing at the top in green????

@nourtechtalk Жыл бұрын

Yeah I had regenerate all of them 🤣

@that_one_who_knows Жыл бұрын

wow! this is actually a sniffing! very well explained!

@FredrickSiegmund 2 ай бұрын

Wow! This channel is worth sharing to schools

@arhamsayyed9518 Жыл бұрын

Fine! You earned yourself a subscriber.

@visual975 9 ай бұрын

great video would love to see more of these sorts, earned yourself a new sub! :)

@exe.srijan Жыл бұрын

holy shit your 10 min video is more educational than my school

@vertexvstore155 Жыл бұрын

just what i was looking for (thanks man)

@MedicalStudentChannel Жыл бұрын

thank you, I learned from you, I am new to Cybersecurity

@THeSRX. 5 ай бұрын

Is your journey on mid.. I am at beginning 😄

@litemint09 Жыл бұрын

02:01 you did blurred out the mac address of your device after the net show command, but the mac addresses were seen after you type in mod.prob on, so its useless to blur out

@0xBerto Жыл бұрын

Hey, not sure if you caught this for your future videos. Your first probe reveals your MAC addresses that you then censored in the “show” command. 😅 anyways. Thanks !

@Allinone-sh6cj Жыл бұрын

What will happen if someone got your MAC address?

@SA-yz5hg Жыл бұрын

man downloading that app for the first time in linux was a pain!!

@翁尧 Жыл бұрын

great vid, surprised by the quality by such a smalll ytber

@JoesephOIU Жыл бұрын

Just turn on mac filtering and add your devices mac addresses. that way no one else can access your wifi even if the have the password

@fargetofargeto5494 Жыл бұрын

This was beautiful. ❤

@Flqmmable Жыл бұрын

Hey great video! Bettercap is awesome. I do have one question though.. I see that you have your website based on the IP of your external wifi adapter (Wlan0) and can connect to wifi networks through it. How did you manage to do that?

@nourtechtalk Жыл бұрын

I have an external wifi adapter connected to my vm vis usb

@Flqmmable Жыл бұрын

@@nourtechtalk When I connect mine, it still says wifi networks are disabled and can only connect to network via the eth0 interface that connects to the network my host is on. Idk why that is

@justcallmetruman Жыл бұрын

Your tutorials are very clear and easy to understand, thanks my packet sniffing gangsta! What's the difference between this and ettercap if any?

@nourtechtalk Жыл бұрын

Its easier to use

@radvinehf 4 ай бұрын

Thank you now i can rickroll everyone on my network!

@dadisthatyou452 Жыл бұрын

Thanks. We'll use it for educational purposes. pinky promise

@anon2030 Жыл бұрын

“SSL hijacking is found, recommend replacing the network.” This is what the network security app keeps telling me, n it’s been a few years now. The yt app just shut down by itself. It’s been doing that quite often too.

@bkrich Жыл бұрын

Most public WiFi these days isolate the users from each other so they’re in their own little bubble.

@ElixirEcho Жыл бұрын

The thing with VPN is do you trust the other side's network and their ISPs? If you VPN back to you house, then all you gotta trust is your own network and ISP.

@jcgm666 2 жыл бұрын

Very good video!

@rimrihan1281 Жыл бұрын

Very useful video. God bless you.

@raight4552 Жыл бұрын

you have no idea how helpful this video is, question are there budget 802x router i need something affordable

@stellamwasa4111 Жыл бұрын

Thank you bro for the lesson coz i was looking for this lesson for days

@randomguychannel39 Жыл бұрын

What? The part 2 video was removed, can u post it again? Btw, nice cideo and channel, just4 got a new sub

@robyee3325 9 ай бұрын

Well presented. great content!

@user-wm8yz 6 ай бұрын

thanks ... I was looking for this ...just to get my hands on it and how I can use the commands ...

@theFabz 9 ай бұрын

Excellent 🔥

@hptc4400 Жыл бұрын

Excellent content... Thanks a lot... One question though, every time I enable arp spoof, all the other clients lose connection despite forwarding was enabled. Any advice would be appreciated.

@nourtechtalk Жыл бұрын

Maybe your router has anti arp spoofing? Try to connect to your mobile hotspot and see if there is a difference

@hptc4400 Жыл бұрын

@@nourtechtalk Thanks a lot for the feedback however, the router doesn't have anti arp spoofing and I also tried it on my hotspot to no avail. It's something I have been searching online however, I have not seen another reason.

@hptc4400 Жыл бұрын

I am noticing a lot of tcp retransmissions when arp spoofing is enabled. Therefore, I presume traffic is not being forwarded. Isn't bettercap supposed to manage this? Any advice?

@hptc4400 Жыл бұрын

@@SacredRoute2Hell Hi which version of bettercap are you using? Are you using the GUI or cli?

@SacredRoute2Hell Жыл бұрын

@@hptc4400 I'm using it on kali linux

@changeme13 8 ай бұрын

A good video, does redirection also work for official sites?

@dandtech 7 ай бұрын

no, as they use HTTPS - set your browser for HTTPS only.

@bjtaudio 3 ай бұрын

This does not work on my wi-fi...you cannot see anything.

@derrickobedgiu Жыл бұрын

Everything was moving on pretty well on my end till you reached the dns spoofing and you automagically had your forward arrow on the redirect location yet I can't seem to set that

@siddhubora6241 Жыл бұрын

Same problem

@thegioicaycanhtrangtri 4 ай бұрын

Great one I have ever watched

@justcurious5489 3 ай бұрын

great video, learned it all for the first time from you. but i can't get the device that's being spoofed hooked to beef control

@simplepyro7897 Жыл бұрын

Are you Arabic? Especially Egyptian? I'm new to the channel and I really like it! And If I'm correct don't worry I didn't hack anything about you I swear 😂😂

@nourtechtalk Жыл бұрын

Heheh

@simplepyro7897 Жыл бұрын

@@nourtechtalk مصري! ازيك يسطااا 😂

@simplepyro7897 Жыл бұрын

@@nourtechtalk لو مش حابب ترد عليا عشان اسباب خصوصيه وكدا انا اتفهمك جدا وبالتوفيق شرحك عجبني

@chyoceha3861 4 ай бұрын

Dear fbi, I really I don't have any bad intentions in watching this video, I just want to prank my friend🙏💀

@Sakib.edits07 4 ай бұрын

Ok fine, we won't break break in your house.

@Lyno_0-q4e 3 ай бұрын

I do

@Jay482 Жыл бұрын

What if the end user do an ipconfig /all just to see every device that’s connected to their network, will they be able to see the attacker if they were connected to the network? And block that unknown ip address through the router network settings. This can also work to prevent attackers, or do a DNS flush to prevent any redirection to websites. Or clearing the cache files from your browser.

@1wilfried Жыл бұрын

nice one! keep it up

@JePl4y 3 ай бұрын

Great tutorial but the part about Beef XSS is wrong in my opinion, I never managed to use the beef functions apart from cookies and the user agent

@NeriaSofer Жыл бұрын

to save u time Like this bad guy dident show us what he did in 1:11 he Change the interface Sudo bettercap -iface ("wlan0"Your Interface! to check ur interface do "ifconfig") mines is wlan0 like The guy in the Video Normal Tplink or any Adapter

@easylearning1207 Жыл бұрын

I tried to do the same in my laptop, I don't know why but when I wanted to visit websites to make sure that it shows me information about my actions on laptop suddenly internet stoped working

@johnreynolds4065 Жыл бұрын

how come other network traffic coming from other IPs shows up when I am just trying to target one IP?

@smow656 2 ай бұрын

can't see everything they are doing because HTTPS is encripted and you ain't decrypting that traffic.

@charlesstephenadio2159 Жыл бұрын

thankyou so much i understand

@Tomato_Thunder Жыл бұрын

WHAT THE HELL THIS IS SO COOL!!!

@novianindy887 Жыл бұрын

you cant do it with https right? 99% of websites are now Https which means this technique is not very effective.

@chinedumichael8776 2 жыл бұрын

What if I already know the password.. (ie ) I don't need to hack the wifi password. How do I acomplish that too?

@Bwcap Жыл бұрын

Definitely will try!

@Beatsonlite Жыл бұрын

bro this is great manze

@SyedUsmanShah-y8k 9 ай бұрын

Last weak my hotspot was on at this am in public place then someone hack my hotspot password and connect device with me . without my permission.but I don't know who's.he connected with my device for 25 minutes .in this case can he hacked my mobile .or not .like can they get access to my gallery or my application which is in my phone like my snap chat my insta or fb .is it possible to hack my phone or not .am worried about it kindly tell me

@elementsmusicproduction692 Жыл бұрын

What if I setup a vpn on the router instead of the end device? Then all the traffic would still be exposed to the attacker right?

@DoonDiaries Жыл бұрын

Not all the devices connected to my wifi is displaying in net.probe on

@judy9231 Жыл бұрын

same , do you solve it?

@planktonfun1 Жыл бұрын

can't wait to try it on one of starlink satellites

@somahqari9894 6 ай бұрын

thank you for this video. How could I get to know if the application is data encrypted or not? via Wireshark

@OptimizeTube Жыл бұрын

If I am worried about this and for good reason, let's assume they've already connected. Will resetting the router give me a fresh start? If am afraid that logging in to the router would be a bad idea

@SkyV77 Жыл бұрын

very informative video sir

@tonycheung7624 Жыл бұрын

Amazing Video

@AdrianTregoning Жыл бұрын

Why was your part 2 removed by KZbin? Bleak, would love to learn how to create my own VPN.

@tonilearn Жыл бұрын

another question is: would your access to that computer would leave a footprint (in this case your ip address)? Thanks

@novaexclusiva Жыл бұрын

Where did that line came from by 1:51, Im stuck there. What key did you pressed or what did you do?

@justinmartinez940 Жыл бұрын

Can you make a video on how to install kali linux?!?

@adddwas-vh6rj 12 күн бұрын

this works only with wifi or does it work when im connected with ethernet cable also?

@lordsasta2k13 Жыл бұрын

i cant install beef.xss

@rHatcher Күн бұрын

Beautiful posters where you got them

@freedomisdead9638 Жыл бұрын

Awesome!

@Brianmeneer Жыл бұрын

So im doing this on a Kali VM on my PC. The sniffing stuff works well if I do stuff on my pc, but not if I try to sniff my laptop. The internet on my laptop will just load forever and give up. In my VM settings i've got the network settings set to bridged adapter. It should work right? I can still ping my laptop from my vm...

@chevelle321 Жыл бұрын

Did you ever figure it out? I'm running into a similar issue. bettercap is connecting to my RDP gateway and not my actual gateway for my router. Any ideas on how to change it?

@tonilearn Жыл бұрын

The question about using VPN is that: would the VPN owner be able to see all of my inputs to the net? in that case, would they miss use the information they are getting from me? Thanks.. hope you could create a content based upon this question I have.. Cheers

@k3s845 6 ай бұрын

Big question for the test would this work if i use my phone as the router with hotspot and connect other 2 devices? To test like you?

@MohitKhare Жыл бұрын

This might just come in handy.❤

@Jojo-o6o6w 3 ай бұрын

wouldnt it make more sense to redirect them to the actual site they were trying to visit in the first place? That way you cold continue to monitor all the traffic and theyd not know anything was up no? what am i missin?