The Dark Side of Wireless Networks: Intro to Wi-Fi Hacking - Megi Bashi - Ryan Dinnan 

even in China, i haven't seen WEP in the wild since 2012......

Amen brother. This shit was just straight embarrassing and everyone thanking them in the comments are the problem lol. Shame is the cure. Fuck someone's feelings.

😮

@@Weary.HermanIIIdamn, lil buddy. Show us where they hurt you.

Wrong.

They literally wasted your time rehashing 2010 techniques and walking people through completely obsolete invalid attack methods. They know nothing about modern wifi exploitation and it's beyond obvious.

Lol this shit is a joke. 60% of the comments are botted likes and comments.

Try for what

some methods would require that hardware is updated. The problem with wifi devices is that they are made for mass-production. Profits are worth more than security for these companies that make consumer devices (TP-Link is notorious for this). The other problem comes with most of these wifi devices being manufactured in china. the cheapest hardware will ALWAYS be used. Those SoCs are incredibly cheap and have very VERY limited RAM. So in some cases it might not even be possible to patch security holes in the devices. The other problem, well back to profits again is most companies will stop supporting old hardware because it's just not in their own business interest. Apple and Google do this with their phones, but i'm probably preaching to the choir here. The only way to keep up with security holes might be to keep buying new Wifi hardware. The Average consumer is not going to buy a new wifi router every 6 months to a year because there's some security hole. A lot of people i've talked with in conversation (they're not tech people like me they're just consumers - aka iphone users lol) have no idea how to even login to their wifi router to change their own password. So that right there is the biggest security problem. It's a problem that's unlikely to go away anytime soon. Some routers DO have automatic updates. The problem with automatic updates is that if there's any glitches in the power or the internet connection downloading the update - or any other number of random WTH moments that could happen could prevent the update from being installed (and it won't retry until the next update comes out) or it could possibly even brick the device. Embedded Linux/RTOS devices can be sensitive when you start writing bits to their FLASH storage.

@@daomingjin Hii bro, wanna talk to you since you happen to know a lot. CAN WE TALK?

@@miresoman1769 firstly, don't call me bro, we're not brothers, nor have we ever served in the military together. Learn your lesson, and the answer is "no."

I just read yo comment and skipped the video. thanks negga

Actually I know so little that I didnt know about WEP or WPS. Last time I sat at a keyboard it was attached to a Commodore 64 and everything was dialup. I have alot of catching up to do.

I didn't know that they were showing presentations with info that was 20 years out of date. There was nothing about security protocols that were always available, but manufacturers never followed to stop unauthorised connections or de-auth attacks. Nothing about how to secure networks, or even how using a Pineapple has been useless for years. Kali is not much better. If you want to just break in to a neighbours network, you are better using social networking or a crafted email to get what you want. Simply suggesting you can do it by using Kali or a pineapple is wrong. The whole video is a mess and should not even be on Bsides. The rest of the World has moved on and I don't understand how some countries are still 20years behind. It would help those people presenting to watch a decent video of how to hack or attack networks.

@@Bond2025 Firstly, it's important to note that educational videos on topics like Wi-Fi hacking and penetration testing often aim to provide foundational knowledge and techniques. They may not cover the latest security protocols or advancements, as these topics are constantly evolving. However, they can serve as a starting point for individuals interested in learning more about the subject. Regarding the mention of security protocols that were available but not widely followed by manufacturers, it is true that the implementation and adherence to security measures can vary across different devices and manufacturers. While the video might not have specifically addressed this point, it's essential for users to be aware of these vulnerabilities and take necessary precautions to secure their networks. Your suggestion of utilizing social engineering techniques or crafted emails to gain unauthorized access is indeed a valid concern. It's important for viewers to understand that hacking techniques extend beyond just technical methods and that social engineering plays a significant role in security breaches(as most of the attacks are social engineering nowadays). While some viewers may find the content insufficiently advanced, it is important to remember that these videos often serve as introductory material for those who are new to the subject. Thank you for your answer! kind regards!

This is a class for grandma to setup her home network... lmfao

wifi is RF based, yes, most wifi antennas are Omnidirectional (transmit in all directions). Beam-Forming in some MIMO routers can focus the RF power more into one area than another (better signal to noise ratio - thus higher transfer rates), then there is directional antennas. If you have a decent wifi router and a very good hig-gain directional Antenna, you can go around 1km without need for RF amplifiers.

encryption is key

With Wi-Fi, due to the low receive and transmit powers, and the frequency ranges used, is susceptible to rapid drop-off of speed and range at higher bandwidths. Also with beamforming/steering and different antenna configurations, each of which can impart polarity and directionality to the signal, the RF is often not truly omnidirectional (where the signal radiates out with equal power in all directions). Buildings' internal walls, electrical fields and noisy electricals (with components which produce RF noise in the same range as Wi-Fi) are notorious for affecting Wi-Fi signals.

​@@daomingjincan you go more far away

Not really, it's information copied from the Internet that is 20 years out of date. A lot of talking, but they didn't say much. All I took from that was - absolutely nothing!

it's not it was boring

If you're talking about being closer to WEP targets you're gonna need a fucking time machine to be closer brotha

Keep in mind that this is a tiny "conference" in the Kosovo and those two people only graduated a few months earlier. It's almost exactly the standard "Wi-Fi hacking" RU-vid tutorial content-wise but maybe that's fitting for the audience that was to be expected. Eastern Europe and the Balkans might also be one of the few areas where you could maybe actually find some few WEP protected networks still going.

Or you RF broadcast deauth/JAM his client (or all clients in the area), and then you put up a rogue AP with the same MAC address and SSID using much higher RF output power. So if you have ... a directional antenna and 5 Watts of RF power on that rogue AP, the client WILL reconnect. From there you can spoof his webadmin pannel for the wifi hotspot and more or less 0wn him. If you clone the Web UI for the Admin setup pages on his Wifi router and redirect all HTTP traffic to that, you just wait for him to put in all the wifi setup information (tell the UI to tell the user it's performed an automatic update and some credentials need to be verified lol). Then you have their wifi password, ADSL modem credentials and their webadmin pannel's password. As soon as your rogue AP detects those credntials have been entered... you turn off the rogue AP then connect to his Wifi AP and start the fun from there.

​@@daomingjinyour from were please

@@boladaleakinosi2386 i'm from 1) a country where the word "where" is not mistaken for "were" 2) a country where we use proper English word order i was born in the late 70's , I remember wifi hacking tools before Aircrack-ng was called "ng". LOL.

​@@daomingjingood old karma attacks, if I remember correctly the actual karma tool by now is long dead, though there's nothing stopping you from doing it manually

To bring you up to speed as of July 28th 2023, there have been WPA3 vulnerabilities discovered and exploited. The main vulnerability is within the wireless frame forwarding mechanism for the NPU, which allows an exploit to take place even without the use of a rogue AP. The WPA is vulnerable to exploitation by ICMP redirects.

only if you've collected enough IV packets. That actually requires clients to be connected and moving a decent amount of data. If they are just sending out an occasional Email and it's very short, it could take quite a while to collect enough IVs to perform a WEP attack. Of course, if they connect to the WEP enabled wifi and stream a movie for an hour - yea, no problem collecting enough WEP IV packets. You can probably collect packets for 5 minutes, and then crack it in 7....

Bro we're talking A LOT more than a bit outdated lmao.

and they scammed her of 43 dollar. trash tier con for the most gullible victim... fucking dream bigger jesus chrsit

I was thinking "Bsides" - this should be good, then watched part of a 20 year old presentation they must have found somewhere and decided to re-run. If the people selecting talks for Bsides think this is "current" in 2023, they do not have a clue and are probably not aware of IT.

for sure

Agreed, 20 years out of date.

veeery old

Yeaaaah i agree the presentation was very subpar… the woman couldn’t stop stuttering & kept using filler words that were unnecessary. Seemed unprepared lol

They didn't throw any politics in. They were just using Biden as an example that even high status individuals are susceptible to being hacked. But whoa, just the mention of the word "Biden" triggered you. Relax snowflake. No one is victimizing you.

in America it's illegal to use monitor mode on i think half of the wifi channels. LOL. ironically, you're not even allowed to use Encryption on HAM bands using digital modes until you get into the microwave RF region, yet.... it's perfectly legal for a DMR radio to use encryption on HAM bands. Legal is a very loose term i think....

If that literally prohibits you from watching the video, you might want to get checked for some sort of neurodivergence. Something so minor negatively affecting your life to a degree that you can't do certain things anymore would worry me.

How?

@@robyee3325Studying and practicing a lot.

It's a talk that's *") YEARS OUT OF DATE* - hardly anything current. A talk about how WEP encryption on WiFi worked in 2003? You can do much better than going through old talks and articles and reading them out again. Rogue Access Points and the useless Pineapple device are of no concern to anyone, they are just bought by people that think they can steal info. The techniques have not worked for years. Why not do a proper technical presentation on why the standard for WPA/WPA2 and WPA3 never implemented the security protocols that would have stopped attackers using de-authentication techniques? Try giving a live demo on a de-auth of WPA2 and then guessing the password - you would be there for years. Sites all use HTTPS now and you never mentioned captive portals or stripping anything to get certificate info. Using Kali is quite funny too.

no it's not

@@amyn86 can you provide some better info if this is not good?