1
00:00:00,120 --> 00:00:04,940
OK, so now we can move on to another attack, it's going to be fake authentication replay.

2
00:00:05,070 --> 00:00:10,170
So this is something that we can do if you're having trouble, like having a lot of data on your network

3
00:00:10,770 --> 00:00:13,410
so they can capture a lot of Evy's you can try this attack out.

4
00:00:13,950 --> 00:00:18,540
So we're going to use erodable energy to capture the package into a file once again.

5
00:00:18,630 --> 00:00:26,490
And then we're going to use er er replay Engie to perform a fake authentication attack to associate,

6
00:00:26,490 --> 00:00:31,680
you know, with the Target network or a.k.a. your router and you know, allow us to force the right

7
00:00:31,690 --> 00:00:38,070
to create more Ivey's and then we're going to increase the network activity with our bibliotheque.

8
00:00:38,520 --> 00:00:44,340
So after that we can use the aircraft engie to actually crack the key, just like the first attack first.

9
00:00:44,380 --> 00:00:49,650
And now we're going to do for this attack is we're actually going to do the fake authentication to actually

10
00:00:49,650 --> 00:00:51,260
associate with the network.

11
00:00:51,990 --> 00:00:55,860
So let's go ahead and let's run airman.

12
00:00:55,860 --> 00:01:01,590
And again, just like we did before Aradigm and Jegan, and then we're going to write into a file called

13
00:01:01,590 --> 00:01:06,750
Fake Up, and now it's going to pick up the different devices that are connected to the network, as

14
00:01:06,750 --> 00:01:07,180
you know.

15
00:01:07,350 --> 00:01:10,120
So now it's like do a fake association with it.

16
00:01:10,380 --> 00:01:14,070
So this command right here, every play engy dashed as fake.

17
00:01:14,070 --> 00:01:18,450
All this means is doing a fake authentication attack and zero just means to do it once.

18
00:01:18,630 --> 00:01:23,700
And then we have Dash A and then this is the Mac address of the network, which we already know where

19
00:01:23,700 --> 00:01:24,420
to find that.

20
00:01:24,580 --> 00:01:25,670
And that's H.

21
00:01:25,680 --> 00:01:31,080
This is the Mac address of our wireless adapter that we have connected to colonics.

22
00:01:31,080 --> 00:01:36,750
And you could find that by going over and doing an ISP and then looking at these first 12 digits right

23
00:01:36,750 --> 00:01:42,120
here and change the hyphens to Colon's, and that is the Mac address of our wireless adapter that we

24
00:01:42,120 --> 00:01:42,860
have connected.

25
00:01:43,200 --> 00:01:49,830
So what we can do is go back over here and now and then you also have to put the interface, which zero,

26
00:01:50,010 --> 00:01:53,570
and then you're going to hit enter and it is going to associate us.

27
00:01:53,970 --> 00:01:58,980
OK, so now if we check back over here, we can see that right here.

28
00:01:58,980 --> 00:02:01,170
This is the device where we did the fake authentication.

29
00:02:01,170 --> 00:02:04,140
It's like this is the Mac and just of my wireless adapter.

30
00:02:04,380 --> 00:02:07,110
And you can see that we're associated underoath right here.

31
00:02:07,110 --> 00:02:09,330
It was blank before, but now this is open.

32
00:02:09,570 --> 00:02:15,150
Just another way to see that we've actually successfully associated with this and now we're going to

33
00:02:15,150 --> 00:02:17,250
try the replay attack.

34
00:02:17,310 --> 00:02:19,530
So it's a very similar command.

35
00:02:19,780 --> 00:02:26,400
You want to change the Dash eight, it should be right here and then change the fake all to our replay

36
00:02:26,910 --> 00:02:29,220
once you take out the zero as well.

37
00:02:29,880 --> 00:02:30,870
Don't need that there.

38
00:02:31,530 --> 00:02:37,890
And then we're just going to enter and now it's just going to kind of send a bunch of packets to the

39
00:02:37,890 --> 00:02:38,310
router.

40
00:02:38,460 --> 00:02:42,540
And now we're going to see that the packets everything's, you know, kind of increasing very, very

41
00:02:42,540 --> 00:02:42,960
quickly.

42
00:02:42,960 --> 00:02:48,850
The frames are going up and the day being captured is going up a little bit faster than before.

43
00:02:48,870 --> 00:02:53,400
So what you want to do this is the way that you can kind of speed up the capture of packets on this

44
00:02:53,400 --> 00:02:57,540
network just in case, you know, you have a kind of like a slow network.

45
00:02:58,230 --> 00:03:04,260
And it's just another way to gather more Ivey's so that you can go ahead and crack the network.

46
00:03:04,470 --> 00:03:09,180
So you want to let you want to give a little bit of time and then you can try to air and command again

47
00:03:09,180 --> 00:03:09,900
and you'll be good to go.

48
00:03:10,230 --> 00:03:14,880
OK, so if you notice that the data and the data number is going up really slow, what you can do is

49
00:03:14,880 --> 00:03:20,490
actually go over and try to do another fake authentication attack just so that you can be associated

50
00:03:20,490 --> 00:03:21,140
with the network.

51
00:03:21,150 --> 00:03:24,120
And then this number should start going up very, very quickly.

52
00:03:24,210 --> 00:03:30,960
So once this gets a little bit higher for me, this is the key is about like it's 128 bits, which is

53
00:03:30,960 --> 00:03:37,020
the max for I probably want about thirty thousand in the data column, so I'll wait until then and then

54
00:03:37,020 --> 00:03:38,400
I will go ahead and try to crack it.

55
00:03:38,550 --> 00:03:43,290
OK, so now I package it is approaching thirty thousand, so I'm going to go ahead and try it again.

56
00:03:43,650 --> 00:03:53,880
So let's see, let's do air crack and G and then the fake author is going to be OK to this time.

57
00:03:53,890 --> 00:03:59,760
This is the second time I'm doing this and then we're going to, we're going to see what happens.

58
00:04:00,570 --> 00:04:03,540
Should actually be able to have twenty four thousand IVs.

59
00:04:04,110 --> 00:04:05,640
Let's see if it actually cracks.

60
00:04:05,830 --> 00:04:10,680
So after they captured thirty seven thousand IVs, I was able to decrypt it in less than a minute,

61
00:04:10,680 --> 00:04:11,710
59 seconds.

62
00:04:11,730 --> 00:04:13,650
It got the same exact passes before.

63
00:04:13,830 --> 00:04:15,690
And we know that I showed you before.

64
00:04:16,230 --> 00:04:19,700
So now you know, you know how to crack into networks.

65
00:04:19,710 --> 00:04:25,650
And now we're going to move on to doing networks, which is a little bit more a little different of

66
00:04:25,650 --> 00:04:26,220
an approach.