----VIDEO ANALYSIS---- Hello zSecurity! I'm a longtime watcher, first time commenter, and amateur pen-tester. I feel I've got some contributions to make: So I've got a few key takeaways from your video. 1. First of all, the password intercept method using wireshark only works if the login is sent over HTTP (non-encrypted plaintext) which is an obsolete protocol though still widely used. In fact, your windows (victim machine) even gave you a message at about 7:08 that a password sent over that could be compromised. 2. Deauth attacks work great, but in order to perform a deauth you need a few things. I really wish you took the time to show them in your video because repetition is key to learning. First of all you need a NIC which can go into monitor mode. This is where a phone will not be able to do this unless it is rooted. Also, you need to ensure that the network you're deauthing has a client to deauth. This is where often times you're stopped because the network doesn't disclose the clients that are on it. I don't know how that works and would like some explanation: sometimes my scripts have no problem finding clients, especially once I'm already authenticated into the captive portal, but other times the only client i can find besides myself is the gateway. All this is to ask, is there some kind of defense tactic against this deauth attack which prevents you from seeing clients? How would such a thing be bypassed in theory? Oh, also I use the WiFite script you've discussed in your other videos to perform deauths, so I should probably look up how to do this manually. I would suppose that would be my next step. 3. You only cover the more basic ways to exploit a captive portal. I'm sure these types of attacks work in MOST cases, but a more in-depth guide on how to take advantage of captive portals can be found here: kzbin.info/www/bejne/fZm4hq19d8-bjrM but do be advised the techniques shown in that video rely on you setting up a server PREVIOUSLY to performing the attack. It does fancy stuff like hijacking ad traffic ports/connections and getting your internet through those, as well as other fun techniques. 4. The most trivial way as far as I know to trick a captive portal is to MAC spoof. It should be mentioned that an unrooted Android and an IPhone simply cannot do this, and this is by design. You briefly mentioned this. It's easy, you can use a large amount of various utilities to spoof the mac, my personal favorite being the GNU macchanger which I actually wrote a script for, but it can be done with other commands like ip as well. However, I still have not figured out how to effectively MAC spoof without keeping the first half (the vendor bits) intact. Any help here would be appreciated, because if i try to spoof my MAC to something that isn't the same equipment manufacturer as my NIC, I cannot connect to anything at all. Is there some reason this is happening, or some option in macchanger to stop this? If you could, please make a video covering MAC spoofing in depth; there's a lack of them on KZbin. I loved your video, and your other videos. Please read my comments as an attempt to constructively contribute. If I am wrong, let me know where. I am learning just like everyone here.

Awesome zaid bhai. U r best instructor ever I seen on Udemy. Nice presentation of classes and direct to the point of subject. U helped me alot. God bless you. Keep it up.

dude im surprise this video only got 9k views and 189 thumbs up... you actually explain everything very well good job... great vid

A quick look at the log-in page source code, to check what is the value of the form label will minimize the guess work when going through the airport as well.

Am currently enrolled in ur Udemy class u r A great teacher. Thanks for having KZbin channel.

Very clear and well explained. I already used this technique . I spoofed the mac address and once I have reloaded the connection page, I was connected as the user I spoofed. #magical :)

I want to learn how to make a captive portal in linux, can you cover how you did yours?

Amazing video sir

Awsome this is awstruck brilliance i believe this come not but by burning the midnight lamp.

best teacher ive'd saw

Brother keep it up plz need more videos god bless you...

Nicely explained thanks bro now i can enjoy with my free hotel wifi 😉

Best teacher,please I Want to know how to solve mac address issues

can you tell us where are you from Ziad and where can we find and apply to your valuable lessons please?

That's sweet Learned much

MashaAllah zaid brother u r great .......

Would you run the deauth before scanning or while for say a couple of minutes ?

where is the video that explains the MAC address method?

Brilliant , thanks

dear sir please explain about Meltdown and Spectre Vulnerability

Really really so nice thanks you so much bro

U r a real PRO!!!

does anyone see" hidden network" on their network range ?

Awesome content! Thank you!

Hi great stuff thanks. I’m not too familiar with wireshark, is there a way to set 2 filters? As in http & post ? One other thing, would it be easier to use tshark? Not that I’ve used that either I’m just meaning in terms of filtering written data. Thanks again

Nice tutorial man

Hello Z Security, is it possible to bypass a Captive portal that only has Ports 80 HTTP and 443 HTTPS(SSL) OPEN?

NO WAY U ARE SO GREAT!!!!

Question Zaid, if you’re sniffing the packets of an unprotected network that has a captive portal, can say a cyber security manager see you’re sniffing the packets of their network?

What portable wireless card u using? Is it ok to use the built in wireless card with the kali

So basically run a command program that monitors data coming in and out of the access-point Then disconnect the target wait for target to input the password again And that’s how you’ll get the password 😑man this is gonna take awhile 😂

I am not getting wlan0 . Am getting only eth0 and lo... wen i run ifconfig on my terminal

In many of yours videos that I have watched U use different command prompt. Are those things possible with normal command prompt or we need to install kali linux for those these actions?

Sir is root@kali downloadable in windows 10?

Hello. I want to learn Ethical hacking. Zaid demo inspired me. But i don't know from where to begin. can help me the way what should learn the first and what after it. Please

Thank's

Sir can u teach me how to trace the person from the mobile number...

yeah bro keep it up

Does this work against AP Client Isolation?

What to do if i have wlan0 as well as well as wlan1 ...

Nice

please I am asking about ifconfig i tried to use it with cmd and command prompt administrator its no working

God I loathe the “blackout period” public wifis use.

On Android I use psiphon VPN works as well

I'm unable to deauth any network and getting message such as "No such BSSID available." Pls help !!

I still don't know how to get them transferred to the fake login page...

عاشت ايدك

Please how can i create a captive portal?

If WIFi is Enable with mac Filtering. Is there a way to connect ?

you forgot about sql injection technique

What if the login page of the hotel's wifi is secured with SSL / HTTPS? Then can we see their login credentials too?

please how do you crack WPA2 without wordlist and get the right password

Not working Monitor mod is not on please check

Where is white list filtering video?

use KEEP SOLID VPN!

Munashir

👍👍

How to hack captive portals that asks mobile number and OTP to get connected? please send me the answer

Every single captive portal I've ever seen uses https

You lost me at mac address.

who use today still http for login?

Zaid i desperately want your help... I just want to know which Alfa Adapter is better AWUS036NHA OR AWUS036NEH... PLEASE HELP ME OUT

Who the fuck goes to Bing!?

Just for reference lol This shyt can land you in jail if you are not careful. I'd go for a less invasive technique if possible. To many FREE wifi spots out there to go and risk going to jail over for free wifi!

Anyone know any new tricks to bypass these stupid things? I've tried adding .jpg etc at the end. Amazonws, Akami Technologies, and Google Analytics come right thru them in TCPView!! Blech!!!!

I want you to teach me how to hack Facebook or Instagram

Awesome content! Thank you!