1
00:00:00,240 --> 00:00:04,820
Now, in this lecture, we are going to see what is IRP request as a play attack.

2
00:00:05,310 --> 00:00:12,330
So AP now accept a package that we sent to it because we have successfully associated ourselves with

3
00:00:12,330 --> 00:00:14,880
it by using fake authentication attack.

4
00:00:16,000 --> 00:00:23,910
We are now ready to inject back into the AP and make the data increase very quickly in order to decrypt

5
00:00:23,910 --> 00:00:31,700
the Lepke AARP request, they please in the first method or pacard injection in this method.

6
00:00:31,720 --> 00:00:38,230
We are going to wait for the epi packet and capture the packet and inject into the traffic.

7
00:00:38,740 --> 00:00:44,680
Once we do this, the AP will be forced to create a new packet with a new Ivey's.

8
00:00:45,190 --> 00:00:52,000
We will capture the new Pacard, inject it back into the traffic again and force the AP to create another

9
00:00:52,000 --> 00:00:53,650
packet with another I.V..

10
00:00:55,010 --> 00:01:03,860
We will be repeating this process until the amount of data is high enough to correct the WIBC Sahnoun.

11
00:01:05,040 --> 00:01:09,360
What we are going to do here is we are going to open a new window fast.

12
00:01:11,270 --> 00:01:15,620
OK, so we are going to write to come on here and dump.

13
00:01:19,980 --> 00:01:23,610
A.M. Engie, A.M. Engie.

14
00:01:24,610 --> 00:01:27,140
We as a society and the.

15
00:01:29,630 --> 00:01:31,850
Wilkey A.M. Anchee.

16
00:01:33,670 --> 00:01:40,090
Hmm, erodable bingbing society is this I don't want to write it again and again, that's why I use

17
00:01:40,100 --> 00:01:48,990
this method and generally I think three years or three Janete mistery and hyphenation.

18
00:01:49,000 --> 00:01:49,600
Right.

19
00:01:50,980 --> 00:01:52,690
OK, so IRP.

20
00:01:54,990 --> 00:01:56,160
And request.

21
00:01:57,900 --> 00:02:05,340
Best feeling Seattle now, so we are going to add hyphenation, right, combine to store all the package

22
00:02:05,340 --> 00:02:09,780
that we captured in TOFILE, which is IRP request the playtest.

23
00:02:10,110 --> 00:02:16,580
So when it run, we will see that the target network has zero data.

24
00:02:16,800 --> 00:02:23,060
It has no Clent associated with it and there is no traffic going through, which means it is not useful.

25
00:02:23,100 --> 00:02:26,130
We can't track it for t.

26
00:02:26,610 --> 00:02:35,430
OK, so to solve this problem we are going to perform a fake authentication attack as soon in the section

27
00:02:36,270 --> 00:02:42,370
so that we can start injecting packets into the network so it will accept them.

28
00:02:43,050 --> 00:02:49,020
So that led us to our next step, which is IRP request replay system.

29
00:02:49,050 --> 00:02:55,590
And in this step we will inject packet into the Target network, forcing it to create new packet with

30
00:02:55,590 --> 00:02:56,350
New Ivey's.

31
00:02:56,610 --> 00:03:01,200
So what I'm going to do here is I'm going to simply okay.

32
00:03:01,200 --> 00:03:04,030
One more time, I'm going to open one more window.

33
00:03:05,410 --> 00:03:10,200
OK, so the command that I'm going to use here is.

34
00:03:14,780 --> 00:03:20,780
The command will be seen, but the difference here is simply ERP.

35
00:03:23,170 --> 00:03:35,010
Replay, IRP, replay and engie in place, so I'm going to use B and the rest of the thing will be,

36
00:03:35,010 --> 00:03:36,730
yes, something will be seen.

37
00:03:37,140 --> 00:03:41,580
So this command is very similar to the previous command that we have used in our last lecture.

38
00:03:42,510 --> 00:03:45,890
But we are going to use IRP replay instead of.

39
00:03:46,890 --> 00:03:50,160
We will also include hyphen before biocidal.

40
00:03:50,730 --> 00:03:58,980
And with the command, we are going to read for an ERP packet, capture it and then reinject into into

41
00:03:59,190 --> 00:03:59,670
the air.

42
00:03:59,910 --> 00:04:08,040
And we can then see that we can we have captured and IRP Pagad and injected captured anada inject into

43
00:04:08,040 --> 00:04:09,180
the traffic and so on.

44
00:04:09,810 --> 00:04:14,220
The AP that create new Pacard with New Ivey's.

45
00:04:14,400 --> 00:04:16,800
We receive them, we inject them again.

46
00:04:17,070 --> 00:04:25,500
And this happened over and over again after executing this game on, as you can see that this will be

47
00:04:25,500 --> 00:04:26,010
the result.

48
00:04:26,400 --> 00:04:33,170
So at this time, the wireless adapter Landsborough is waiting for IRP request or ERP.

49
00:04:33,750 --> 00:04:39,990
Actually, once there is an ERP packet transmitted in the network, it is going to capture the packet

50
00:04:39,990 --> 00:04:41,760
and then toss retransmitted.

51
00:04:42,390 --> 00:04:48,510
And once it has done, the access point will be forced to generate a new packet with the new IP.

52
00:04:48,780 --> 00:04:55,530
And we will capture and we will keep doing this since the access point will continuously generate a

53
00:04:55,530 --> 00:04:57,450
new package with New Ivey's.

54
00:04:58,710 --> 00:05:06,740
So the amount of data reaches around Boki nine thousand or whatever, we can launch the aircraft going

55
00:05:06,810 --> 00:05:14,620
to collect, so we have to wait till the completion to around 10000, OK.

56
00:05:14,940 --> 00:05:22,860
So what I'm going to do here is I'm going to post this video here and then we will see how to see of

57
00:05:22,980 --> 00:05:24,470
completion of all the package.

58
00:05:24,750 --> 00:05:27,030
Then we will see how to use it like engy.

59
00:05:27,320 --> 00:05:27,570
Okay.

60
00:05:27,570 --> 00:05:29,940
Now the process has done so.

61
00:05:29,940 --> 00:05:37,350
What I'm going to do is I'm going to open the window again and I'm going to run the command for getting

62
00:05:37,350 --> 00:05:37,770
the key.

63
00:05:38,070 --> 00:05:43,500
So before going to use that particular command, what I'm going to show you here is I'm going to show

64
00:05:43,500 --> 00:05:45,660
you the file with all the packet details.

65
00:05:47,580 --> 00:05:54,030
OK, now inside the road, we are having this particular airport request test zero, so this is the

66
00:05:54,030 --> 00:05:54,480
file.

67
00:05:54,480 --> 00:05:58,870
We had all the related information about the about Packers' is there.

68
00:05:59,130 --> 00:06:03,540
OK, so now let's try to run that particular command, which is air crack.

69
00:06:05,630 --> 00:06:10,570
Energy and the find them, so find them, you can copy from here, OK?

70
00:06:11,640 --> 00:06:14,120
And copy from here based.

71
00:06:14,880 --> 00:06:15,840
So this is the file.

72
00:06:16,200 --> 00:06:19,110
So now let's try to run this and see it.

73
00:06:19,130 --> 00:06:20,550
We're going to help us or not.

74
00:06:22,320 --> 00:06:27,720
So now it has started working and as you can see that we have successfully.

75
00:06:28,930 --> 00:06:33,920
Having the key encryption key, we have successfully break the encryption key.

76
00:06:34,810 --> 00:06:39,280
So this is the key that we want to get inside the network to use that particular network.

77
00:06:39,310 --> 00:06:40,530
So one, two, three, four, five.

78
00:06:40,780 --> 00:06:42,520
And this is the Wazzan.

79
00:06:42,520 --> 00:06:44,140
And this is there was an office.

80
00:06:44,680 --> 00:06:47,330
So this is how you can use this aircraft.

81
00:06:47,350 --> 00:06:55,030
And this is how you can do all these steps and follow all this others to one by one to crack any network

82
00:06:55,030 --> 00:07:02,860
or any VIPR Wi-Fi password or encryption key using this method, even you are not having the large number

83
00:07:02,860 --> 00:07:03,640
of traffic.

84
00:07:03,670 --> 00:07:10,810
OK, so I have sworn to you that we are having to metal to break to into the first method is for heavy

85
00:07:10,810 --> 00:07:14,050
traffic and the second method is for no traffic at all.

86
00:07:14,310 --> 00:07:17,110
OK, so these two mantid will be very helpful.

87
00:07:17,410 --> 00:07:20,920
So from the next lecture onwards, we are going to start with WPE.

88
00:07:20,920 --> 00:07:22,450
So thank you for watching this lecture.