Hack WiFi with a phone? (Kali Linux Nethunter Pro)

Hack WiFi with a phone? (Kali Linux Nethunter Pro)

Show Video

now this may look like just another Android phone  you may think that I'm just browsing the internet   here but I've actually got a Wi-Fi adapter  connected to this phone and as you can see   here it's running Kali Linux so as an example I  can swipe up here I'll put in the default password   which is 1234 and as you can see here various apps  are available I'm interested in the terminal now   this phone is running Linux natively in this case  Kali Linux can run other flavors of Linux as well   but what I can do here is run Wi-Fi tools such  as wifite using this Wi-Fi adapter to attack a   Wi-Fi network now only ever attack networks that  you own or have permission to attack this is my   own Wi-Fi router and I've given myself permission  to attack it so I'm going to run wifite now put   in my sudo password 1234 press enter and now  wifite is running now the text is all over the   place because I've zoomed in so that you can see  what's happening but basically we've got 2 Wi-Fi   cards I can either use WLAN0 or WLAN1 I'm going  to use WLAN1 which is this Wi-Fi adapter so I'll   enter 2 and press enter and what that's doing now  is enabling monitor mode on this Wi-Fi adapter so   that I can attack a Wi-Fi network various Wi-Fi  networks are shown here again text is kind of   jumbled up but I'll press contrl-C here to stop  that and scrolling up the network that we want to   attack is this TP Link Network that's the one  right here number is 1 so I'm going to select   1 and press enter to attack that Network first  attack that it's trying is Pixie Dust then it's   doing a null pin attack it'll go through various  attacks but you can skip them by pressing contrl-C   and then C to continue so as an example here it's  doing a pin attack contrl-C C to continue now it's   trying to do a pmk ID attack press contrl-C then  press continue and now what it's trying to do is   Deauth clients from the network and capture the  four-way handshake so on this phone I'll enable   Wi-Fi and then I'll connect to that Network  and notice as soon as I did that it captured   the four-way handshake and what it's trying to do  now is crack it and there you go password is kind   of off the screen there but it says spiderman so  it was a simple as that to crack a Wi-Fi password   on this phone because the password was configured  really badly The Beekeeper movie highlights a very   unfortunate situation in today's world scammers  are going to scam people and they have no mercy   they will scam anyone could be your mother could  be your grandmother could be someone else in your   family they could even try and scam you this is  unfortunately the world that we live in today   hackers are going to hack scammers are going to  scam your data is out there you may have been   very careful with your data but companies are  being breached all the time and data is being   sold by data Brokers and what amazes me is how  that's even legal how can companies illegally sell   your data here's just a simple example hackers  got nearly 8 million people's data from 23 and   me the firm then blamed users in a very dumb move  this is from the guardian website another example   from the BBC people's DNA is who knows where now  now you may be very careful with your data but   unfortunately a lot of companies are getting  breached the have I been pwned website shows   that 14 billion yeah 14 billion accounts have  been pwned just one example from Facebook 509   million records were compromised your data is  unfortunately out there unless you do something   about it I interviewed Sam Curry who showed how  he could hack a Kia car with just the number plate   a lot of people in the comments of my video said  that's ridiculous how can the hacker car with just   the number plate while he explained how the DMV  is selling your data so he was able to take the   license plate of a car and get the VIN number  of that car because the DMV has a system where   you can get that kind of information that's been  sold online your personal data is unfortunately   out there you can go and manually remove that data  if you want or you can use a service like DeleteMe   who I am using because of the recommendations of  people that I respect in the industry like Rachel   Tobac she's done some fantastic demonstrations  with CNN where she has cloned someone's voice   spoofed their telephone phone number and being  able to do things and get passport details and   other information by pretending to be someone  that she's not I don't think this will never   happen to you in 2024 alone in the US the FTC  received over 1 million reports of identity theft   personal example that I have is I know someone who  told me the other day that scammers were able to   take out a loan in his name because they found  his name birth date and other information online   and they were able to apply for loans be careful  with your information so it's really important   that you get your personal data removed from the  internet now if you want to join DeleteMe and get   your personal data removed from the internet  use my link https://joindeleteme.com/Bombal and get to 20% off now in this example I'm running   Kali NetHunter Pro on the phone  if you go to kali.org and click   download you can download a mobile image  so NetHunter so again I'm using NetHunter Pro here NetHunter Pro is available on  various devices including the PinePhone   this is a PinePhone Pro but it's also supported  on other phones so what I'll do now is download   the NetHunter Pro software for the PinePhone Pro  so that I can show you how to get it installed on   the PinePhone now the PinePhone is great because  it runs Linux this is only one version of Linux   but one of the things I like about the phone and  I mean there have many things to like I'll just   power the phone off is that it has a removable  battery and you can use a Micro SD card to boot   off different operating systems so what I'll do  is take the lid off the phone so simple as that   and as you can see there big battery PinePhone64  and I can simply remove the battery notice here   this is the SD card that's running Kali Linux  now you could remove this if you wanted to   hide what you're doing so as an example let's  say you're troubling you could simply have the   phone boot into its default operating system  and even if you have the SD card in so what   the and put this back it's not going to boot  into Kali unless you specifically tell it to   do that so as an example if I simply turn the  phone on what it's doing now is booting off the   internal flash so as you can see it's not booting  into Kali Linux as you can see here it's simply   booted into Manjaro Linux even though I have Kali  Linux installed and available on the SD card it's   not booting into that by default so if someone  took your phone as an example all they would see   is Manjaro Linux and a lot of people probably  wouldn't know how to use it but they wouldn't   be able to see Kali if you wanted it boot into  Kali you would have to turn the phone off so   I'm going to turn it off now and you have to press  the volume down and power button at the same time   to get it to boot into Kali so what I'm going  to do now is press the volume down button and   power the phone on I'm going to hold the volume  down button notice that's red at the moment but   should hopefully turn blue there you go so that's  turned blue now and what it's going to do is boot   into to Kali and there you go we're now booting  it to Kali Linux this is once again a PinePhone it's available here Pine64. org I'm not being paid  or sponsored to talk about this phone I purchased  

this phone myself it's great to see that we have  a Linux option for a mobile device even though I   don't think this is good enough for daily use  as a traditional phone but you may be able to   get it to work in your case a lot of people would  probably prefer Android or iOS but fantastic phone   to run Linux natively on the phone as well as  boot natively into Kali Linux please note this   is not running Android at all this phone is  running Linux natively and in this case it's   running Kali NetHunter Pro natively on the phone  I'll now show you how to install Kali Linux on   a PinePhone in my example it's a pine64 Pro so  first thing go to kali.org click download go to select the image for your phone so in my example  it's PinePhone Pro so I can click download to   download that next piece of software you need  is etcher so just search for etcher in Google or   you can go to this URL and click download etcher  I'm going to download it for Windows they do have   options for Mac as well as Linux but in this  example I'm using a Windows computer because   that's what most people would be using so as  you can see I've got Etcher downloading and   I've got Kali downloading I've already actually  downloaded Kali NetHunter Pro so I'll cancel   that download now before you boot into Kali like  I've demonstrated you need to install the Tow-Boot   bootloader on your device so I'm going to click  on that link and that takes us to this page we   need to use Tow-Boot for either the PinePhone or  PinePhone Pro in my example it's the PinePhone  Pro so I'll click on that link and we are given  the command here but that's not what we're going   to be using in my example because I'm using  etcher so I'm going to go to the Tow-Boot   repository and I'm going to go to Tow-Boot at the  top here and go to the latest release which is   2023.07-007 at the time of this recording so I'm  going to scroll down and I'm going to download   the software for my specific phone so the phone  that I'm using here is the pine64 PinePhone Pro   so I'll download that so again you need Tow-Boot  you need etcher and you need Kali NetHunter Pro   so I'll open that up and here you can see the  files that have been downloaded now this is a   tar.xz file I'm going to right click and go to  show more options and I'm going to use 7-zip to   extract the file now if you don't have 7-zip  simply do a Google search as an example for   7-zip and then download it it's free software  so I've extracted that software here it's a   tar file so I'm going to extract that again gain  so show more options 7-zip extract the file and   there it is the file that we want to use is  spi.installer.img file so what I'm going to  

do is run etcher I'm going to select that file  which again is my downloads directory it's this   2023.07 tar file and it's this image file so I'm  going to click open the target is going to be my   SD card which I've inserted into my computer so  again just need a Micro SD card so I'll put that   back into my computer so here's my SD card I'll  select that and then I'll flash it so we have   to use Tow-boot to update the boot loader on the  phone then we have to create an SD card that has   Kali on it so that's now completed so the next  thing I need to do is power the phone off so   I'll power it down okay so the phone has powered  down I'll open it up and I what I can do now is   is take the battery out what I'll do is replace  this SD card which is currently running Kali with   the SD card from my computer so what I can do now  is put the battery back in you need to hold the   array button down when you boot the device up so  I'll hold the array button down and then power on   the device so hopefully now it will give me the  option to boot into Tow-boot it's going yellow there okay and there you go go so I had to hold  the array button down and then release it and   now as you can see we can install Tow- boot to  SPI flash so I'll press enter there and I'll   start the installation as you can see the  software is now [Music] installing okay so   installation has successfully completed we can  go back to the menu and we can power off the device okay so what I can do now is boot directly  into Kali because I've updated the firmware on   the phone so what I'll do is take another SD  card and put that into my laptop this is the   Kali software so what I'll do is show more  options 7-zip extract that so I've extracted   the Kali software that I've downloaded  so you can see this image directory has   been created and inside there is the actual  image file so I'll go back to running etcher   file we're going to flash once again is in my  downloads directory it's this 2024.3 PinePhone image and there's the image file I'm going to  select my target which is my SD card and select   that and then flash it so as you can see it's now  [Music] flashing so it's now [Music] verifying and   there you go flash has completed so I can close  this and what I can do now is remove my SD card so   on the phone once again I can remove the battery  take this SD card out you I could have written it   directly over this card but that's got my Tow-boot  on so what I've done is write Kali to a separate   SD card again you don't need to use different SD  cards you could have just overwritten the one I'll   put the battery back and then put the cover back  on the phone okay so now when I turn it on I need   to hold the volume down button so keep holding the  volume down button that's red but should go blue   and there you go and hopefully now it boots into  Kali Linux and there you go we've now booted into   Kali I can put in my password or pin in this case  1234 and there you go apps are now displayed press   console and I now have a console you could type  all the commands manually here like installing   Wi-Fi or or you could SSH into the phone which is  great I mean this is Linux so you could just SSH   into the phone and use your computer to configure  the phone so on my phone I can go to settings I   could connect to Wi-Fi but for this example what  I'll do is forget that connection and what I'll   simply do is plug the phone in via a network  adapter and hopefully in my console I'll be   able to ping google.com and as you can see there  it succeeds so I'll press contrl-C to stop that   IP address on the phone is 192.168.0.150 so  hopefully what I can do in my Windows computer   is ping that IP address so 192.168.0.150 and as  you can see there pings are succeeding so what   I'm going to use cuz this is a Windows computer  is PuTTY and SSH to the phone after to accept the   public key log in with a username kali pin  number 1234 and as you can see there I have   successfully SSH from my laptop to the phone so  as an example if I type the command sudo wifite   so that command is not found so sudo apt  install wifite you don't have to use wifite it just makes Wi-Fi testing much much easier so  we have to install a certain amount of software   so I'm going to say yes and as you can see there  the phone is busy downloading the software you   could obviously type all these commands directly  on the phone it's just easier in some ways to use   the computer and SSH into the phone another  advantage is if you've got 2 network adapters   you could SSH into the phone and not be right next  to the phone so I'm going to just say yes to allow   nons super users to capture packets in Wireshark  and as you can see various software is now being installed okay so there you go wifite has  been installed so I can use the command   sudo wifite to run wifite and there  you go it's now starting but notice   a bunch of software is missing so we're  told that we should install hcxdumptool macchanger and other software here  so sudo apt to install hcxdumptool and you're literally going to use sudo apt   install for the other software that it wants   you to install or you can go and install  it directly from GitHub as they shown you   here but I'm going to use this command sudo  apt install hcxtools so copy and paste that   go to do sudo so sudo apt install hcxtools  and that's now done we got to install Mac   changer so sudo apt install macchanger  say yes so let's type sudo wifite again   to see what it tells us is still missing  so as you can see they I'll cancel that   we've got to install according to this  bully and hashcats so sudo apt install bully say yes now again I  am using SSH into the phone   so so all the software is being installed on the  phone the last piece of software is hashcat so we   could install that it's not actually necessary  because we're not going to really use hashcat   on the phone it makes more sense to use hashcat  on a GPU or something else but as an example we   could install hashcat using that [Music] command  Okay so there you go software is now installed if   I run sudo wifite it's not going to work now  because I don't have a network adapter that   supports monitor mode so enabling monitor mode  on WLAN0 failed so what I'll do is exit my SSH   session and I'll unplug this and I'll plug in my  Wi-Fi adapter I'll open up the console directly   on the phone and now I type sudo wifite and press  enter password is going to be 1234 press enter so   now what it's done is pick up that are 2 adapters  WLAN0 and WLAN1 so what I'll do is select 2 and   press enter and now what it's doing is enabling  monitor mode on this Wi-Fi adapter and picking up   various Wi-Fi networks and again I could attack my  little TP Link network over here and now what it's   doing is running pixie dust attack and then the  various other attacks so I won't bore you going   through that whole attack again you're basically  going to decide which attack to use in this case   I'm going to wait for the handshake and on  this phone I could connect to that Network   and that's now been captured and the password is  cracked password at the top here is spiderman so   there you go I've now shown you how to use Kali  NetHunter Pro on a phone to attack a Wi-Fi network   I've also shown you how to update the bootloader  so Tow-Boot I've shown you how to install Kali   NetHunter Pro on the phone and then boot it into  a new version of Kali NetHunter Pro again this   phone phone is fantastic in that it allows you to  run different versions of Linux you can boot into   the default version of Linux installed on the  flash or you could boot into another version of   Linux on the SD card as I've demonstrated now this  video is getting long so I'm going to end it here   hopefully you enjoyed this video and have learned  how to install Kali NetHunter Pro on a PinePhone   fantastic phone once again let me know in the  comments if you enjoyed this video and the kinds   of things that you want to see me create I'm David  Bombal and I want to wish you all the very best

2024-12-03 06:00

Show Video

Other news