Hack WiFi with a phone? (Kali Linux Nethunter Pro)
now this may look like just another Android phone you may think that I'm just browsing the internet here but I've actually got a Wi-Fi adapter connected to this phone and as you can see here it's running Kali Linux so as an example I can swipe up here I'll put in the default password which is 1234 and as you can see here various apps are available I'm interested in the terminal now this phone is running Linux natively in this case Kali Linux can run other flavors of Linux as well but what I can do here is run Wi-Fi tools such as wifite using this Wi-Fi adapter to attack a Wi-Fi network now only ever attack networks that you own or have permission to attack this is my own Wi-Fi router and I've given myself permission to attack it so I'm going to run wifite now put in my sudo password 1234 press enter and now wifite is running now the text is all over the place because I've zoomed in so that you can see what's happening but basically we've got 2 Wi-Fi cards I can either use WLAN0 or WLAN1 I'm going to use WLAN1 which is this Wi-Fi adapter so I'll enter 2 and press enter and what that's doing now is enabling monitor mode on this Wi-Fi adapter so that I can attack a Wi-Fi network various Wi-Fi networks are shown here again text is kind of jumbled up but I'll press contrl-C here to stop that and scrolling up the network that we want to attack is this TP Link Network that's the one right here number is 1 so I'm going to select 1 and press enter to attack that Network first attack that it's trying is Pixie Dust then it's doing a null pin attack it'll go through various attacks but you can skip them by pressing contrl-C and then C to continue so as an example here it's doing a pin attack contrl-C C to continue now it's trying to do a pmk ID attack press contrl-C then press continue and now what it's trying to do is Deauth clients from the network and capture the four-way handshake so on this phone I'll enable Wi-Fi and then I'll connect to that Network and notice as soon as I did that it captured the four-way handshake and what it's trying to do now is crack it and there you go password is kind of off the screen there but it says spiderman so it was a simple as that to crack a Wi-Fi password on this phone because the password was configured really badly The Beekeeper movie highlights a very unfortunate situation in today's world scammers are going to scam people and they have no mercy they will scam anyone could be your mother could be your grandmother could be someone else in your family they could even try and scam you this is unfortunately the world that we live in today hackers are going to hack scammers are going to scam your data is out there you may have been very careful with your data but companies are being breached all the time and data is being sold by data Brokers and what amazes me is how that's even legal how can companies illegally sell your data here's just a simple example hackers got nearly 8 million people's data from 23 and me the firm then blamed users in a very dumb move this is from the guardian website another example from the BBC people's DNA is who knows where now now you may be very careful with your data but unfortunately a lot of companies are getting breached the have I been pwned website shows that 14 billion yeah 14 billion accounts have been pwned just one example from Facebook 509 million records were compromised your data is unfortunately out there unless you do something about it I interviewed Sam Curry who showed how he could hack a Kia car with just the number plate a lot of people in the comments of my video said that's ridiculous how can the hacker car with just the number plate while he explained how the DMV is selling your data so he was able to take the license plate of a car and get the VIN number of that car because the DMV has a system where you can get that kind of information that's been sold online your personal data is unfortunately out there you can go and manually remove that data if you want or you can use a service like DeleteMe who I am using because of the recommendations of people that I respect in the industry like Rachel Tobac she's done some fantastic demonstrations with CNN where she has cloned someone's voice spoofed their telephone phone number and being able to do things and get passport details and other information by pretending to be someone that she's not I don't think this will never happen to you in 2024 alone in the US the FTC received over 1 million reports of identity theft personal example that I have is I know someone who told me the other day that scammers were able to take out a loan in his name because they found his name birth date and other information online and they were able to apply for loans be careful with your information so it's really important that you get your personal data removed from the internet now if you want to join DeleteMe and get your personal data removed from the internet use my link https://joindeleteme.com/Bombal and get to 20% off now in this example I'm running Kali NetHunter Pro on the phone if you go to kali.org and click download you can download a mobile image so NetHunter so again I'm using NetHunter Pro here NetHunter Pro is available on various devices including the PinePhone this is a PinePhone Pro but it's also supported on other phones so what I'll do now is download the NetHunter Pro software for the PinePhone Pro so that I can show you how to get it installed on the PinePhone now the PinePhone is great because it runs Linux this is only one version of Linux but one of the things I like about the phone and I mean there have many things to like I'll just power the phone off is that it has a removable battery and you can use a Micro SD card to boot off different operating systems so what I'll do is take the lid off the phone so simple as that and as you can see there big battery PinePhone64 and I can simply remove the battery notice here this is the SD card that's running Kali Linux now you could remove this if you wanted to hide what you're doing so as an example let's say you're troubling you could simply have the phone boot into its default operating system and even if you have the SD card in so what the and put this back it's not going to boot into Kali unless you specifically tell it to do that so as an example if I simply turn the phone on what it's doing now is booting off the internal flash so as you can see it's not booting into Kali Linux as you can see here it's simply booted into Manjaro Linux even though I have Kali Linux installed and available on the SD card it's not booting into that by default so if someone took your phone as an example all they would see is Manjaro Linux and a lot of people probably wouldn't know how to use it but they wouldn't be able to see Kali if you wanted it boot into Kali you would have to turn the phone off so I'm going to turn it off now and you have to press the volume down and power button at the same time to get it to boot into Kali so what I'm going to do now is press the volume down button and power the phone on I'm going to hold the volume down button notice that's red at the moment but should hopefully turn blue there you go so that's turned blue now and what it's going to do is boot into to Kali and there you go we're now booting it to Kali Linux this is once again a PinePhone it's available here Pine64. org I'm not being paid or sponsored to talk about this phone I purchased
this phone myself it's great to see that we have a Linux option for a mobile device even though I don't think this is good enough for daily use as a traditional phone but you may be able to get it to work in your case a lot of people would probably prefer Android or iOS but fantastic phone to run Linux natively on the phone as well as boot natively into Kali Linux please note this is not running Android at all this phone is running Linux natively and in this case it's running Kali NetHunter Pro natively on the phone I'll now show you how to install Kali Linux on a PinePhone in my example it's a pine64 Pro so first thing go to kali.org click download go to select the image for your phone so in my example it's PinePhone Pro so I can click download to download that next piece of software you need is etcher so just search for etcher in Google or you can go to this URL and click download etcher I'm going to download it for Windows they do have options for Mac as well as Linux but in this example I'm using a Windows computer because that's what most people would be using so as you can see I've got Etcher downloading and I've got Kali downloading I've already actually downloaded Kali NetHunter Pro so I'll cancel that download now before you boot into Kali like I've demonstrated you need to install the Tow-Boot bootloader on your device so I'm going to click on that link and that takes us to this page we need to use Tow-Boot for either the PinePhone or PinePhone Pro in my example it's the PinePhone Pro so I'll click on that link and we are given the command here but that's not what we're going to be using in my example because I'm using etcher so I'm going to go to the Tow-Boot repository and I'm going to go to Tow-Boot at the top here and go to the latest release which is 2023.07-007 at the time of this recording so I'm going to scroll down and I'm going to download the software for my specific phone so the phone that I'm using here is the pine64 PinePhone Pro so I'll download that so again you need Tow-Boot you need etcher and you need Kali NetHunter Pro so I'll open that up and here you can see the files that have been downloaded now this is a tar.xz file I'm going to right click and go to show more options and I'm going to use 7-zip to extract the file now if you don't have 7-zip simply do a Google search as an example for 7-zip and then download it it's free software so I've extracted that software here it's a tar file so I'm going to extract that again gain so show more options 7-zip extract the file and there it is the file that we want to use is spi.installer.img file so what I'm going to
do is run etcher I'm going to select that file which again is my downloads directory it's this 2023.07 tar file and it's this image file so I'm going to click open the target is going to be my SD card which I've inserted into my computer so again just need a Micro SD card so I'll put that back into my computer so here's my SD card I'll select that and then I'll flash it so we have to use Tow-boot to update the boot loader on the phone then we have to create an SD card that has Kali on it so that's now completed so the next thing I need to do is power the phone off so I'll power it down okay so the phone has powered down I'll open it up and I what I can do now is is take the battery out what I'll do is replace this SD card which is currently running Kali with the SD card from my computer so what I can do now is put the battery back in you need to hold the array button down when you boot the device up so I'll hold the array button down and then power on the device so hopefully now it will give me the option to boot into Tow-boot it's going yellow there okay and there you go go so I had to hold the array button down and then release it and now as you can see we can install Tow- boot to SPI flash so I'll press enter there and I'll start the installation as you can see the software is now [Music] installing okay so installation has successfully completed we can go back to the menu and we can power off the device okay so what I can do now is boot directly into Kali because I've updated the firmware on the phone so what I'll do is take another SD card and put that into my laptop this is the Kali software so what I'll do is show more options 7-zip extract that so I've extracted the Kali software that I've downloaded so you can see this image directory has been created and inside there is the actual image file so I'll go back to running etcher file we're going to flash once again is in my downloads directory it's this 2024.3 PinePhone image and there's the image file I'm going to select my target which is my SD card and select that and then flash it so as you can see it's now [Music] flashing so it's now [Music] verifying and there you go flash has completed so I can close this and what I can do now is remove my SD card so on the phone once again I can remove the battery take this SD card out you I could have written it directly over this card but that's got my Tow-boot on so what I've done is write Kali to a separate SD card again you don't need to use different SD cards you could have just overwritten the one I'll put the battery back and then put the cover back on the phone okay so now when I turn it on I need to hold the volume down button so keep holding the volume down button that's red but should go blue and there you go and hopefully now it boots into Kali Linux and there you go we've now booted into Kali I can put in my password or pin in this case 1234 and there you go apps are now displayed press console and I now have a console you could type all the commands manually here like installing Wi-Fi or or you could SSH into the phone which is great I mean this is Linux so you could just SSH into the phone and use your computer to configure the phone so on my phone I can go to settings I could connect to Wi-Fi but for this example what I'll do is forget that connection and what I'll simply do is plug the phone in via a network adapter and hopefully in my console I'll be able to ping google.com and as you can see there it succeeds so I'll press contrl-C to stop that IP address on the phone is 192.168.0.150 so hopefully what I can do in my Windows computer is ping that IP address so 192.168.0.150 and as you can see there pings are succeeding so what I'm going to use cuz this is a Windows computer is PuTTY and SSH to the phone after to accept the public key log in with a username kali pin number 1234 and as you can see there I have successfully SSH from my laptop to the phone so as an example if I type the command sudo wifite so that command is not found so sudo apt install wifite you don't have to use wifite it just makes Wi-Fi testing much much easier so we have to install a certain amount of software so I'm going to say yes and as you can see there the phone is busy downloading the software you could obviously type all these commands directly on the phone it's just easier in some ways to use the computer and SSH into the phone another advantage is if you've got 2 network adapters you could SSH into the phone and not be right next to the phone so I'm going to just say yes to allow nons super users to capture packets in Wireshark and as you can see various software is now being installed okay so there you go wifite has been installed so I can use the command sudo wifite to run wifite and there you go it's now starting but notice a bunch of software is missing so we're told that we should install hcxdumptool macchanger and other software here so sudo apt to install hcxdumptool and you're literally going to use sudo apt install for the other software that it wants you to install or you can go and install it directly from GitHub as they shown you here but I'm going to use this command sudo apt install hcxtools so copy and paste that go to do sudo so sudo apt install hcxtools and that's now done we got to install Mac changer so sudo apt install macchanger say yes so let's type sudo wifite again to see what it tells us is still missing so as you can see they I'll cancel that we've got to install according to this bully and hashcats so sudo apt install bully say yes now again I am using SSH into the phone so so all the software is being installed on the phone the last piece of software is hashcat so we could install that it's not actually necessary because we're not going to really use hashcat on the phone it makes more sense to use hashcat on a GPU or something else but as an example we could install hashcat using that [Music] command Okay so there you go software is now installed if I run sudo wifite it's not going to work now because I don't have a network adapter that supports monitor mode so enabling monitor mode on WLAN0 failed so what I'll do is exit my SSH session and I'll unplug this and I'll plug in my Wi-Fi adapter I'll open up the console directly on the phone and now I type sudo wifite and press enter password is going to be 1234 press enter so now what it's done is pick up that are 2 adapters WLAN0 and WLAN1 so what I'll do is select 2 and press enter and now what it's doing is enabling monitor mode on this Wi-Fi adapter and picking up various Wi-Fi networks and again I could attack my little TP Link network over here and now what it's doing is running pixie dust attack and then the various other attacks so I won't bore you going through that whole attack again you're basically going to decide which attack to use in this case I'm going to wait for the handshake and on this phone I could connect to that Network and that's now been captured and the password is cracked password at the top here is spiderman so there you go I've now shown you how to use Kali NetHunter Pro on a phone to attack a Wi-Fi network I've also shown you how to update the bootloader so Tow-Boot I've shown you how to install Kali NetHunter Pro on the phone and then boot it into a new version of Kali NetHunter Pro again this phone phone is fantastic in that it allows you to run different versions of Linux you can boot into the default version of Linux installed on the flash or you could boot into another version of Linux on the SD card as I've demonstrated now this video is getting long so I'm going to end it here hopefully you enjoyed this video and have learned how to install Kali NetHunter Pro on a PinePhone fantastic phone once again let me know in the comments if you enjoyed this video and the kinds of things that you want to see me create I'm David Bombal and I want to wish you all the very best
2024-12-03 06:00
