WEBVTT

00:00.450 --> 00:04.730
Hello everyone and welcome to part eight of my lean ethical hacking course.

00:04.740 --> 00:08.790
In this part we're going to look at targeted sniffing.

00:09.060 --> 00:16.680
So I'm going to open the terminal and what we need to do faced is enable a monitor mode again because

00:16.680 --> 00:24.210
if I do I come thick as you can see every time I turn off this virtual machine it resets the wireless

00:24.210 --> 00:31.670
card back to Toby land zero with mode managed so to get it back to the monitor mode.

00:31.680 --> 00:39.450
Need to do em on energy starts with a W land zero click enter it's going to do that find three processes

00:39.480 --> 00:45.450
that could cause trouble you can do em on energy check kill to kill them but they're not causing me

00:45.440 --> 00:48.420
a problem so fast I'm just going to leave them.

00:48.420 --> 00:51.200
So it's enabled again on Toby Lanzer mom.

00:51.250 --> 00:59.780
So if I do I w config to be land Zero Month click and so she can see it says monitor so for clear we've

00:59.790 --> 01:09.540
got it back into monitor mode now and we can do a a dump a row doom sorry a road dump energy and to

01:09.540 --> 01:10.760
be land zero a month.

01:11.700 --> 01:14.350
So it's going to start sniffing the packets again.

01:14.520 --> 01:18.300
Basically what we're gonna do in this video is we're gonna do it targeted so we're going to space a

01:18.540 --> 01:21.300
specifically target 1 network to start sniffing.

01:22.800 --> 01:26.180
So if a lot of it just sniff some more packets there we go.

01:26.220 --> 01:33.960
I can stop this now so it's just stop its control see and to specifically target one of these networks.

01:33.960 --> 01:41.220
Now what you need to do is you need to do a rodent hyphen energy then you need to do a hyphen hyphen

01:41.220 --> 01:47.150
channel and then and then do a space and then find the name of the channel that you want to target.

01:47.160 --> 01:53.910
So say we want to target this one here VM then obviously it's Channel Six because it says so in the

01:53.910 --> 01:54.980
C hate.

01:55.080 --> 02:02.400
So we do six then do space and then do hyphen hyphen B SSI D then we need to specify the b a society

02:02.400 --> 02:04.700
which is the MAC address of this router.

02:04.740 --> 02:06.800
So we just copy this one here.

02:06.930 --> 02:09.840
Make sure you copy copy the correct ones to the corresponding moment.

02:09.840 --> 02:16.170
I'm just gonna paste it and then we want to write it to a file so we save all the information that we

02:16.170 --> 02:23.520
capture all the packets we can save inside different document formats which then can be used to import

02:23.520 --> 02:30.210
it into why shock to another analyze the packets and get sensitive information but we're not at that

02:30.210 --> 02:30.680
stage yet.

02:30.690 --> 02:31.930
So I'm just going to do right.

02:31.930 --> 02:37.380
Test test what shall we call this test.

02:37.420 --> 02:38.440
We'll just call a test.

02:39.020 --> 02:44.710
So just call a test of the file name will just be called test and then the name if you call it suitably

02:44.740 --> 02:48.020
alarm W 0 mom.

02:48.170 --> 02:52.570
So basically this is just gonna do a rodent dumping G it's gonna go to channel six.

02:52.580 --> 03:03.410
It's gonna locate this specific MAC address here which is corresponds to the VM h e SSI D and then I'm

03:03.450 --> 03:10.410
gonna write a test file to the root directory which will save all the packets and then I'm using Toby

03:10.430 --> 03:12.940
Lindsey Graham on to do so cervical cancer.

03:13.250 --> 03:20.360
Then it starts sniffing the packets again for this ISIS idea.

03:20.900 --> 03:25.880
So for this specific router Bill there's a new like window basically down here.

03:25.910 --> 03:36.380
A new b SSI D etc. While this is shown now this and this is very useful if you have watched the previous

03:36.380 --> 03:42.630
video the B SSI D here this is still a mac address and as you can see it's the same as this MAC address

03:42.630 --> 03:45.500
will here these are all the same.

03:45.500 --> 03:49.910
So basically this is what the device or client is connected to.

03:50.120 --> 03:55.770
So or if I highlight them all these are basically clients connected to this specific network.

03:55.880 --> 03:58.370
So it's a router in my room.

03:58.370 --> 04:03.950
So obviously all the devices I've got connected to it will show up here if you sniff your neighbor's

04:03.950 --> 04:09.050
Wi-Fi for example you will see all the devices connected to that Wi-Fi all while you'll see them MAC

04:09.050 --> 04:10.270
addresses anyway.

04:10.280 --> 04:16.760
Now if you remember and I think it is Paul five or six way to talk about mac addresses and I was talking

04:16.760 --> 04:23.600
about like a secret router hack or secret network of computers and you've got to find out a MAC address

04:23.720 --> 04:26.840
for you to be able to change it to change it your wanted.

04:26.850 --> 04:31.950
I want to be able to connect to the network then this is how you would sort of find out a MAC address.

04:32.810 --> 04:39.710
So these are obviously MAC address devices that are connected and that is basically a targeted sniff

04:40.430 --> 04:43.250
if I do control seats just to stop it.

04:43.550 --> 04:48.110
So basically like I said this is just a targeted sneak attack.

04:48.110 --> 04:54.170
You can actually see devices that are connected to that Wi-Fi spot.

04:54.230 --> 05:01.500
So for example if you done this to a public Wi-Fi you it's you would probably see quite a lot of these.

05:02.610 --> 05:09.860
But the main point of this show the main focus is the MAC addresses of the clients.

05:10.520 --> 05:16.130
Basically all the information's the same again this is power so this is how close the client device

05:16.160 --> 05:18.090
is to that Wi-Fi spot.

05:21.590 --> 05:26.840
So basically that was it for this video was just showing you how to do a targeted sniff attack and how

05:26.840 --> 05:33.770
to find all the clients connected to that router in the next video I'm going to show you how to analyze

05:33.770 --> 05:41.390
these packets and then talk more about actually decrypting them because if you go to your places and

05:41.390 --> 05:49.880
go to home you can see here now this test which is what we created when we don't have a right.

05:49.880 --> 05:50.900
Then we put test.

05:50.930 --> 06:00.050
So basically this is where creates we have test or cap test or CV s and CSB sorry CSB and so on you

06:00.050 --> 06:02.540
can put this into why shock.

06:02.810 --> 06:04.730
Well in fact I will do that now.

06:04.730 --> 06:14.950
So if I go down here and type why shark click and to give it a second and it should open why shark network

06:15.060 --> 06:17.800
analyzer give it a second right.

06:17.810 --> 06:22.040
It should come up with an idea if it doesn't don't worry but even if it does just click OK it doesn't

06:22.040 --> 06:22.580
really matter.

06:23.600 --> 06:26.240
Excuse me.

06:26.590 --> 06:31.580
These are all your Wi-Fi cards basically and as you can see it's picking up signals with this one.

06:31.870 --> 06:33.450
And this is our monitor mode.

06:33.640 --> 06:42.670
You can't just go to file open and if we go to scroll down a little bit and import test one cup just

06:42.880 --> 06:47.560
click open as you can see here we've got devices.

06:47.590 --> 06:53.210
So basically one device that's connected to it is light lights.

06:53.260 --> 06:57.870
I don't I don't know how to pronounce that but that's one of the devices connected to this network and

06:57.940 --> 07:01.370
I believe it's like a spare phone I've got there's a Samsung.

07:01.930 --> 07:07.690
So you can't get information but there's not much we can do at this point because we need to find the

07:07.690 --> 07:10.130
Wi-Fi key to be able to do some damage.

07:10.180 --> 07:15.560
So this is mainly just for finding MAC addresses and stuff.

07:16.150 --> 07:21.520
Because it will we need the Wi-Fi key to be able to do some damage or be able to actually start penetration

07:21.520 --> 07:23.240
test in the network.

07:23.240 --> 07:28.480
But I thought it was useful obviously you know that you can actually pull this in while Sha can have

07:28.480 --> 07:33.930
a look at all the packets and the destination it goes to.

07:33.940 --> 07:40.840
So that was a for this video if it did help please even like comments I'll be happy to help and subscribe

07:40.840 --> 07:43.900
to the latest content and I'll see you in the next video.