hacking every device on local networks - bettercap tutorial (Linux)
Переглядів 844,168
День томуIn this video I’m going to show what a hacker can do, using a man in the middle attack, if they are on the same network as you. This can happen if you login into a public wifi network like your library. I’m also going to show you how to avoid getting hacked on those networks.
Educational purposes only.
Part2: • Video
0:00 Intro + Security Advice
1:01 See everyone on the network
1:47 Spy on all traffic
3:40 Redirect network users to a website
5:00 Browser exploitation: Control the victim device
5:58 Protect yourself
Sources:
www.bettercap.org/
Content:
Hacking everyone on your wifi network.
Hacking home networks.
ARP spoofing attack.
DNS spoofing attack.
DNS Poisoning.
Network probe.
VPN role in protecting your network.
Better cap DNS spoofing attack.
Better cap ARP spoofing attack.
@nourtechtalk Рік тому
Lets play a game: Can you spot and map all the blurred out mac addresses in the video? Hint: The last letter is visible from the first blur. Note: I have regenerated all of them so its alright 😉
@theguywithnoname4745 Рік тому
Wait wdym bro?
@johannesjoestar Рік тому
Aren't they basically visible on the very same blurred frame, logged right above the table? "...endpoint detected as ..."?
@cynagen Рік тому
@@johannesjoestar came here to say, the MAC addresses are still exposed in the initial logs when they scanned the network but blurred out most others
@brandolinocaston Рік тому
Ok, please show me how to change MAC on your blurred Alpha wlan0 Adapter with 00:c0:ca:af:ff:0e MAC :)
@gangbang7354 Рік тому
I don't see my icon /wifi sign/ why? help me my laptop is connected wirelessly but still giving me ethernet by which i cant continuing my efforts plz
@razorwire111 Рік тому
I like how you put everything together from attack to mitigation tactics.
@sinisterz3r090 Рік тому
I can also turn off my computer! no more attacks!
@robot67799 Рік тому
I like how your video is straight to the point
@griq Рік тому
I think it’s safe to assume that every video that says “educational purposes” are mostly used for unethical purposes. Good to see how it’s done so I can better protect myself. Thank you sir
@TidanOfc Рік тому
"Good to see how it’s done so I can better protect myself. Thank you sir" this quote alone makes everything you said previously, sound kinda stupid.
@marcorodrigues8303 Рік тому
Sim Fui
@RakibHasan-hs1me 11 місяців тому
Trust me, when they mention educational purposes it means it's actually worthless. You have either own something expensive along with it or find a new work way around to use the and get the job done.
@sazzy94 5 місяців тому
he is gonna do something illegal@@TidanOfc
@hamzazaman18 4 місяці тому
well it winds up everyhting lol@@TidanOfc
@PixelOtter0813 Рік тому
In the end i thought he was pulling a nord sponsorship lmao , really useful info thanks
@visual975 2 місяці тому
great video would love to see more of these sorts, earned yourself a new sub! :)
@yhytuncer Рік тому
Great video Nour ! I like the way you explain and demonstrate these attacks
@AnantaAkash.Podder 5 місяців тому
Excellent Tutorial Man... Very well detailed and explained...
@bsetiawany Рік тому
Thank you Nour for your excellent job, more similar videos please..
@alexmarchant4277 4 місяці тому
nice did not know bettercap was in kali now. show people how to make there own OpenVPN :) Keep it up
@that_one_who_knows4311 9 місяців тому
wow! this is actually a sniffing! very well explained!
@ghaithshaqra4100 Рік тому
quick direct and focusing on the details very good bro i will keep watching your new videos 😊
@rajmodi4145 11 місяців тому
bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do
@user-gr4vx8xz1l Рік тому
I didn’t see anyone mention in the comments this but most routers now a days have the option to setup a guess network that is separate from your network. You could also just create another VLAN for the guest network as well. Also VPN traffic isn’t secure either your traffic is passing through the servers that the vpn is hosted on. Sopeople need to choose vpns with good reputations and not some of the free vpns. Or create their own vpn. Great video though just wanted to add that bit for people.
@sethadkins546 Рік тому
The use of a VPN here was to ensure traffic going across the LAN was secure, not across the internet (as you said at that point you're trusting the VPN provider). Within that context, you can consider it "secure" since it cannot be accessed by attackers.
@Allinone-sh6cj 6 місяців тому
How to make own vpn?
@dha12oks 5 місяців тому
Thanks for the video, I'm actually studying at the moment for Cyber Security, and this is a bit of an eye opener towards what I would be going against.
@frankbazuaye4747 Рік тому
Awesome .So simple and very resourceful .So glad I found your channel pal
@walidejdoevpz6600 Рік тому
pls tell me how to lunche bettercap and how to download it i got stuck in the first thing hlp me pls i need to know
@yourworstfear 10 місяців тому
got u
@SacredRoute2Hell 10 місяців тому
@@walidejdoevpz6600first on the terminal run these commands: 1.sudo su 2. apt-get upgrade 3. apt-get update 4. apt install bettercap This will install bettercap and u can run it by using, sudo bettercap. But i for myself don't know how to continue from arp spoof, i downloaded dsniff but idk what to do next
@vertexvstore155 10 місяців тому
just what i was looking for (thanks man)
@Cybersecuritystudent1998 Рік тому
thank you, I learned from you, I am new to Cybersecurity
@BrianMeyers-yl3om Рік тому
Very clear and no b.s. Thank you! subscribed!
@rajmodi4145 11 місяців тому
bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do
@kiaraki7186 9 місяців тому
@@rajmodi4145 router ka admin password hai?
@markb4168 5 місяців тому
agreed
@cde-lf7iu Рік тому
Very very very good explanation, very detailed and straight to the point we all want. Excelent. Thank you
@VioFax Рік тому
too bad the next video got removed :(
@khusham6216 Рік тому
@@VioFax can you brief it if you've watched it? I would love to know about how to create my own vpn.Thanks
@rajmodi4145 11 місяців тому
bhai muje sikhaoge kese krna he
@rajmodi4145 11 місяців тому
bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr ba do
@fargetofargeto5494 11 місяців тому
This was beautiful. ❤
@arhamsayyed9518 Рік тому
Fine! You earned yourself a subscriber.
@asubzero_ 3 місяці тому
I researched Wi Fi networks and watched several tutorials, only now I understand the video in its entirety
@user-or2om1dj2k Рік тому
great vid, surprised by the quality by such a smalll ytber
@rimrihan1281 Рік тому
Very useful video. God bless you.
@robyee3325 2 місяці тому
Well presented. great content!
@theFabz 2 місяці тому
Excellent 🔥
@stellamwasa4111 Рік тому
Thank you bro for the lesson coz i was looking for this lesson for days
@jcgm666 Рік тому
Very good video!
@dadisthatyou452 10 місяців тому
Thanks. We'll use it for educational purposes. pinky promise
@raight4552 9 місяців тому
you have no idea how helpful this video is, question are there budget 802x router i need something affordable
@prozacgodgamedev Рік тому
Correction, you're not seeing all URLS' you're seeing the domain names, with a uri/url slapped on the front of it, to see the whole url, you'd need to see inside the http packet, which you can't because they're all using SSL.
@muzzakbawks Рік тому
Came to say this! Fear mongering 🙄
@prozacgodgamedev Рік тому
@@muzzakbawks A lot of this video felt like fear mongering. It wasn't 'that' factually incorrect in the technical side of things, it was just ... not telling the whole story. It's another (in large print) "Look at all the things hackers can do to you!" (and in the small print, whispering) "...when you give them access to your computer or network" I mean, sure with DNS leakage someone might know you're on porn hub, but they won't know the particular degeneracy you're up to.
@willyv374 Рік тому
Ye all those ebay hackers, with their GitHub tools 😂😂😂 this video ist only useful for elders, who don't have a fcking clue at all
@andrestorres7343 11 місяців тому
Furthermore, even if you are spoofing the DNS requests, you will see a not secure message in the browser (not secure 🔐) as there would be a mismatch in the certificate for the domain...
@PineCoffee 10 місяців тому
Yeah this technique would work well probably in the 2000s and earlier, when most websites are still on http, not https, and browser security was crap back then. It is pretty much useless today.
@_xlyrics Рік тому
bro this is great manze
@charlesstephenadio2159 Рік тому
thankyou so much i understand
@msleague39 Рік тому
What? The part 2 video was removed, can u post it again? Btw, nice cideo and channel, just4 got a new sub
@1wilfried 10 місяців тому
nice one! keep it up
@Bwcap 11 місяців тому
Definitely will try!
@SkyV77 9 місяців тому
very informative video sir
@kayPlayz. Рік тому
Hi sir can you please launch full course of ethical hacking? I can't pay for course so i am finding it on UKposts. Your teaching is very good .
@420familyde 8 місяців тому
Where did that line came from by 1:51, Im stuck there. What key did you pressed or what did you do?
@planktonfun1 Рік тому
can't wait to try it on one of starlink satellites
@mathiasdeweerdt1400 Рік тому
I think you should mention HSTS and how it protects the user. Enabling DOH(DNS over https) does also provide extra security and the importance of keeping your browser and operating system up-to-date. Note: You are leaking your MAC addresses you tried to hide in the beginning of the video btw.
@nourtechtalk Рік тому
Hi Mathias, I talked about hsts in my second video where I demonstrated the man in the middle attack but unfortunately it got removed from youtube. DoH is a great technology but its not widely supported by dns resolvers. DNS remains the achilles heel of the internet.
@penguin--_-- Рік тому
@@nourtechtalk please re-up.
@darthwater999 Рік тому
@@nourtechtalk Many people upload their banned video on odysee, a UKposts like website with few moderation
@XiaolinDraconis Рік тому
Re-upload unpublished but leave the link in description or pinned comment.
@CoverDrive007 Рік тому
@@nourtechtalk sir do u have any blog?
@justcallmetruman 10 місяців тому
Your tutorials are very clear and easy to understand, thanks my packet sniffing gangsta! What's the difference between this and ettercap if any?
@nourtechtalk 9 місяців тому
Its easier to use
@AdrianTregoning Рік тому
Why was your part 2 removed by UKposts? Bleak, would love to learn how to create my own VPN.
@smokie365 Рік тому
Just curious how to use buttercup? I have a little raspberry pi that’s running Kali Linux. So is it just a case of running the command? Really would like to try understand how all this works
@Jay482 Рік тому
What if the end user do an ipconfig /all just to see every device that’s connected to their network, will they be able to see the attacker if they were connected to the network? And block that unknown ip address through the router network settings. This can also work to prevent attackers, or do a DNS flush to prevent any redirection to websites. Or clearing the cache files from your browser.
@zeethegamer7104 7 місяців тому
please create a video on how to install bettercap on fresh installed kali
@tonilearn Рік тому
another question is: would your access to that computer would leave a footprint (in this case your ip address)? Thanks
@hasibbinsayed1863 Рік тому
very useful video
@freedomisdead9638 Рік тому
Awesome!
@Tomato_Thunder 6 місяців тому
WHAT THE HELL THIS IS SO COOL!!!
@Flqmmable Рік тому
Hey great video! Bettercap is awesome. I do have one question though.. I see that you have your website based on the IP of your external wifi adapter (Wlan0) and can connect to wifi networks through it. How did you manage to do that?
@nourtechtalk Рік тому
I have an external wifi adapter connected to my vm vis usb
@Flqmmable Рік тому
@@nourtechtalk When I connect mine, it still says wifi networks are disabled and can only connect to network via the eth0 interface that connects to the network my host is on. Idk why that is
@somahqari9894 4 години тому
thank you for this video. How could I get to know if the application is data encrypted or not? via Wireshark
@tonycheung7624 11 місяців тому
Amazing Video
@litemint09 Рік тому
02:01 you did blurred out the mac address of your device after the net show command, but the mac addresses were seen after you type in mod.prob on, so its useless to blur out
@szdavee92 Рік тому
I think you forget to mention that if a site uses HTTPS you can't see the data just the target IP. If you using a dns spoofing attack you will se nothing because the HSTS kick in. Also u can't inject nothing to site which using HTTPS because the whole http request including the header is encrypted.
@nourtechtalk Рік тому
Very true but you can also downgrade the connection to http and enjoy the show 😁
@mathiasdeweerdt1400 Рік тому
@@nourtechtalk Any modern, respected website will not allow this. HSTS will prevent exactly this.
@ZK-du3pj Рік тому
@@nourtechtalk HSTS is impossible to downgrade down to http.
@Bluexin_ Рік тому
@@nourtechtalk tbh after enabling the https everywhere plugin I started to notice way more how many websites still don't support https. Even govt websites over here 😅 that plugin is a godsend, don't even need to rely on the website maintainers to enable hsts
@johnsailor3590 Рік тому
He did not forget it, a video saying it does not really work won’t be viral
@kestonsmith1354 Рік тому
How you think celebs private photos get hacked and leaked, it's most of the time someone with a expensive wifi adapter, aircrack-ng, hashcat and an excellent word list, bettercap and beef .
@thevault1575 Рік тому
lol no. most celebs got their photos leaked bc they did not secure their icloud. if someone cracks their icloud, they can get access to all their icloud photos.
@kestonsmith1354 Рік тому
@@thevault1575 not true, you need to their real verified email which is not public information and very hard to acquire. Once you get onto someone's network you can record anything , see which sites they are visiting, capture their passwords, etc. Once you gather the information, it can be sold to the media and other sources for a pretty penny.
@thevault1575 Рік тому
@@kestonsmith1354 Yes it is true... Back in 2014 there was an “event” called “the fappening”. What happened was celebrates photos and videos got leaked and posted onto 4chan & reddit. This was all possible bc of icloud. I agree with you that it would be hard for someone to get a celebs personal email but people are very good at social engineering! From opendatasecurity: “In 2014 there was a massive leak of intimate photographs of famous people that was called the Fappening movement or “Celeb Gate”. How did it happen? By the Apple cloud storage service: iCloud.” I would include the link to the article but I don’t think youtube allows that. Just look up the fappening. It all happened because of icloud.
@kestonsmith1354 Рік тому
@@thevault1575 For the first one, back in 2014, Facebook were very vulnerable to hacks through their login system , it was easy to break into people's accounts. The second one in 2017, how was he able to get hold of their email addresses ..unless they were already part of the a list of emails from a compromised agency server that actors are affiliated with. You can find a lot of people's information on the dark web as well. With social media, it's getting easier and easier
@anirbansinha2343 Рік тому
@@jeoi teri ma ki rockout
@mohammedaldossary773 Рік тому
MAN YOU'RE A LEGEND I APPRECIATE YOUR WORK
@noodlekopf2443 Рік тому
*proceeds to hack his own family*
@gulamtahersiddiquisiddiqui2144 5 місяців тому
hey bro did u get with is whole proccess can u explain me we can connect ourselves in instagram if u have no problen
@elementsmusicproduction692 Рік тому
What if I setup a vpn on the router instead of the end device? Then all the traffic would still be exposed to the attacker right?
@yungxxilax9194 Рік тому
does it need an wifi adapter that supports monitor mode and packet injection?
@PatriFATSO Рік тому
Do you use NAT connection? My linux on the virtual machine always get wrong ips
@mirbedirhankalabas4415 7 місяців тому
i tried to test bettercap spoof thingy in my phone but the thing is i dont have a vpn and the files are still encrypted
@0xBerto Рік тому
Hey, not sure if you caught this for your future videos. Your first probe reveals your MAC addresses that you then censored in the “show” command. 😅 anyways. Thanks !
@Allinone-sh6cj 6 місяців тому
What will happen if someone got your MAC address?
@braden3762 7 місяців тому
For me, forwarding doesn’t turn on and I can’t spoof my own phone
@naveenkumar790 8 місяців тому
Is that need a external wifi adaptor?
@riskihidayatulmustakin3887 Рік тому
thanks for education
@SA-yz5hg Рік тому
man downloading that app for the first time in linux was a pain!!
@asakurakinomoto732 Рік тому
I have a question. what command line i use if i redirect a software just like you did on a website?
@chinedumichael8776 Рік тому
What if I already know the password.. (ie ) I don't need to hack the wifi password. How do I acomplish that too?
@m4vf Рік тому
That's why when I visit Facebook, I always use an ethernet cable plugged into their mainframe, thus knowing that I'm directly connected to Facebook. The only issue is that I walk down to their HQ every time.
@b.wallet5295 Рік тому
Lol
@yashpalhare8654 Рік тому
Sir , WSL mein se windows 11 main Kali ko install kiya to sab cyber security related kam hoge kya. Reply do🙏🙏
@lphdyt Рік тому
I would be interested, how to take control over a Bluetooth connection. Like entering, the data stream between my phone and my Bluetooth box and play other music
@PNA33 Рік тому
Does the private DNS command on phones protect from these reveals and attacks ?
@ElixirEcho 11 місяців тому
The thing with VPN is do you trust the other side's network and their ISPs? If you VPN back to you house, then all you gotta trust is your own network and ISP.
@johnvardy9559 9 місяців тому
i would like to be soc analyst do you have any advice?
@hptc4400 Рік тому
Excellent content... Thanks a lot... One question though, every time I enable arp spoof, all the other clients lose connection despite forwarding was enabled. Any advice would be appreciated.
@nourtechtalk Рік тому
Maybe your router has anti arp spoofing? Try to connect to your mobile hotspot and see if there is a difference
@hptc4400 Рік тому
@@nourtechtalk Thanks a lot for the feedback however, the router doesn't have anti arp spoofing and I also tried it on my hotspot to no avail. It's something I have been searching online however, I have not seen another reason.
@hptc4400 Рік тому
I am noticing a lot of tcp retransmissions when arp spoofing is enabled. Therefore, I presume traffic is not being forwarded. Isn't bettercap supposed to manage this? Any advice?
@SacredRoute2Hell 10 місяців тому
Hey, i need help with arp spoofing, it doesn't say enabled forwarding how do you enable forwading
@hptc4400 10 місяців тому
@@SacredRoute2Hell Hi which version of bettercap are you using? Are you using the GUI or cli?
@unividuv8902 Рік тому
where can i watch 2nd part for this video? Because link in description has been removed video is not available now
@motivationinspiration01 Рік тому
Sir are you using Kali Linux on virtual machine ?
@tonilearn Рік тому
The question about using VPN is that: would the VPN owner be able to see all of my inputs to the net? in that case, would they miss use the information they are getting from me? Thanks.. hope you could create a content based upon this question I have.. Cheers
@misteranonymous1157 5 місяців тому
Do we need a wifi adapter for this to work? Cuz i dont get the same options when i type net.probe on
@anon2030 Рік тому
“SSL hijacking is found, recommend replacing the network.” This is what the network security app keeps telling me, n it’s been a few years now. The yt app just shut down by itself. It’s been doing that quite often too.
@justinmartinez940 Рік тому
Can you make a video on how to install kali linux?!?
@phonexorsi 8 місяців тому
IM NEW TO THIS BUT WAT WEBSITE WAS THAT WAS IT KALI LINUX??
@OOOOO0KKKKKKKK Рік тому
damn this channel is gold
@l3gend272 Рік тому
1:51 you hid you MAC addresses at the bottom, but isn’t it showing at the top in green????
@nourtechtalk Рік тому
Yeah I had regenerate all of them 🤣
@exe.srijan Рік тому
holy shit your 10 min video is more educational than my school
@johnreynolds4065 10 місяців тому
how come other network traffic coming from other IPs shows up when I am just trying to target one IP?
@JoesephOIU Рік тому
Just turn on mac filtering and add your devices mac addresses. that way no one else can access your wifi even if the have the password
@theskrript_ 8 місяців тому
How do you run Kali Lonux on Windows 10 with your Windows Defender turnes on? I've had some problems with setuping it on virtual machines and I had to reinstall my drive because of the hacking tools the .iso file for the Kali had on it. Any suggestions?
@sxntanyt4189 3 місяці тому
Turn your virtualization from the bios setup
@AlexiHusky Рік тому
Doesn't https prevent arp spoofing from being this legible??? I thought urls and host names are encrypted after the hand shake?
@hassanaitelcaid4656 Рік тому
is the wifi adapter necessary to that ?
@shyamsundarmeena4750 Рік тому
Which system used in Vertual box?
@asipalacios8701 Місяць тому
after laucnching better cap an typing net.probe on my terminal crashes every single time. what to do?
@OptimizeTube 11 місяців тому
If I am worried about this and for good reason, let's assume they've already connected. Will resetting the router give me a fresh start? If am afraid that logging in to the router would be a bad idea
@hello-mg6kv 8 місяців тому
How is he getting wifi sign at top right corner ??
@rajmodi4145 11 місяців тому
bhai me kisi wifi se connected hu usne speed limit kri huyi he 1mbps ki ese me ke increase kru yr btao na
@rolanddolidze6897 4 місяці тому
hey, great video. just one thing, when i launch dns.spoof on it dosn't send the other devices on the pache site but in their true website, even if it does signal me that the ip.... tryed to enter that site. how can i fix it?
@James-Pi 4 місяці тому
This worked fine for me two days ago, but started doing this today. It could just be cache, but I've cleared it, and since you have the same issue, I think it might be for everyone.
@XXdentistXX 3 місяці тому
I tried the steps with nethunter on android i cant sniff packets from the target i get only packets from local dns .. does thats mean im not on monitor mode ?
@kumarankit9243 8 місяців тому
how to install bettercap
@elmehdaoui1287 5 місяців тому
do i need a wireless adapter to do that , because the devices not showing up
@anonymousa3816 2 місяці тому
When I set the spoofing target setted the spoof on and the sniff on, my other computer on which I was testing, wasnt opening any site, and I wasnt getting the urls, instead I got the routers username and password. What is this happening?
Nour's tech talk
Переглядів 49 тис.
Суспільне Вінниця
Переглядів 547 тис.
Nour's tech talk
Переглядів 44 тис.
Robotics with Om Sir
Переглядів 15 тис.
Суспільне Вінниця
Переглядів 547 тис.