1
00:00:01,100 --> 00:00:07,670
Now before doing any thing I want to show you the network settings of my kyley machine.

2
00:00:07,670 --> 00:00:09,640
So I'm going to select it here.

3
00:00:09,770 --> 00:00:12,970
I'm going to go to settings network.

4
00:00:14,120 --> 00:00:18,460
And as you can see it said to you as another network.

5
00:00:19,290 --> 00:00:23,680
So now if I go to my candy machine and if config.

6
00:00:24,360 --> 00:00:25,180
We'll see.

7
00:00:25,200 --> 00:00:28,250
We have an interface called Eating zero.

8
00:00:28,380 --> 00:00:36,940
This interface is a virtual interface created by virtual box because we said this machine to you is

9
00:00:36,990 --> 00:00:38,400
an IDE network.

10
00:00:39,170 --> 00:00:46,760
You can also see that this interface has an IP address which means that it is properly connected to

11
00:00:46,790 --> 00:00:55,550
this network and it will provide the candy machine with Internet access as long as my host machine right

12
00:00:55,550 --> 00:00:58,990
here has Internet access.

13
00:00:59,060 --> 00:01:06,420
So now on my khali if I go and say if I'll just go to being dot com on my browser.

14
00:01:08,760 --> 00:01:16,200
You'll see that I can successfully go to the Web site because karlee is connected to the Internet through

15
00:01:16,290 --> 00:01:21,150
this virtual interface that is called 88 zero.

16
00:01:21,210 --> 00:01:26,970
Now before we go back to our diagram that shows what we need to create an access point.

17
00:01:27,150 --> 00:01:32,270
You can see that we need an interface that is connected to the Internet.

18
00:01:32,310 --> 00:01:40,290
We don't care what type of interface this is as log as this interface has Internet access.

19
00:01:40,290 --> 00:01:48,120
So in our example we're it going to be using e.t. ZERO to provide our fake access point with internet

20
00:01:48,150 --> 00:01:50,160
access.

21
00:01:50,160 --> 00:01:52,320
The other interface that we need.

22
00:01:52,320 --> 00:01:59,940
We said that this needs to be a wireless adapter that is able to act as an access point.

23
00:01:59,940 --> 00:02:07,140
Again if I go back to the result of my if config you can see I already have a wireless adapter connected

24
00:02:07,350 --> 00:02:10,750
to this computer it's called Lines 0.

25
00:02:10,770 --> 00:02:13,040
Keep in mind that this is in managed mode.

26
00:02:13,050 --> 00:02:15,870
It's not in monitor mode.

27
00:02:15,990 --> 00:02:21,480
It is not connected to anything so you can see it does not have an IP address.

28
00:02:21,510 --> 00:02:23,530
This is very very important.

29
00:02:23,550 --> 00:02:30,290
It needs to be first of all in managed mode and secure and not connected to any network.

30
00:02:30,480 --> 00:02:35,910
So even if we go at the network manager in here you can see we have wired connected.

31
00:02:35,910 --> 00:02:40,290
This is my eating zero and Y fi not connected.

32
00:02:41,960 --> 00:02:49,320
Once we have everything configured properly we can go ahead and start the access point both first you'll

33
00:02:49,320 --> 00:02:55,790
need to install my new tool kit because it does not come preinstalled entirely.

34
00:02:55,860 --> 00:03:00,580
We can install it use an app get just like Terminator and other tools.

35
00:03:00,630 --> 00:03:05,230
So all we have to do is just do a good update to update the sources.

36
00:03:06,150 --> 00:03:09,580
Then get install mine a toolkit.

37
00:03:11,630 --> 00:03:13,100
Now I have it installed.

38
00:03:13,100 --> 00:03:16,320
That's why it's still on me mineit is already installed.

39
00:03:16,350 --> 00:03:20,800
What if it's not installed this command will install it for you.

40
00:03:22,460 --> 00:03:25,890
Once you have everything installed you're ready to use mine.

41
00:03:25,970 --> 00:03:30,010
And before we started we should modify its settings.

42
00:03:30,110 --> 00:03:37,340
Mine I said things are stored in a text file so to edit the settings were going to open this file and

43
00:03:37,400 --> 00:03:41,660
edited using leaf 5 which is just a text editor.

44
00:03:42,020 --> 00:03:49,220
So I'm going to type leaf third followed by the location of the file that you want to modify and the

45
00:03:49,220 --> 00:03:59,540
settings file for minor is stored in e.g. C minor tool kit host AP our dot com.

46
00:04:00,110 --> 00:04:08,240
So all we're doing with this command is we're using a text editor called liefeld to open a file that

47
00:04:08,300 --> 00:04:10,510
is stored in this path.

48
00:04:10,760 --> 00:04:14,780
So when we hit enter you'll see we have the text editor.

49
00:04:14,780 --> 00:04:22,280
You open the file for us and all of these are the settings that you can modify for a minor.

50
00:04:22,280 --> 00:04:27,470
You can actually get a full list and a full description of all the settings that you can modify in this

51
00:04:27,470 --> 00:04:28,160
link.

52
00:04:28,550 --> 00:04:30,530
But we don't need this for now.

53
00:04:30,530 --> 00:04:34,460
The main thing that you need to modify is the interface.

54
00:04:35,160 --> 00:04:40,670
This is the interface that you want to use to broadcast the signal.

55
00:04:40,680 --> 00:04:43,780
So basically it is this component.

56
00:04:44,070 --> 00:04:47,160
In my example this is going to be lanzi Hero.

57
00:04:47,220 --> 00:04:51,880
This is my wireless interface so I'm keeping this the same.

58
00:04:52,320 --> 00:04:56,950
The next thing that you might want to modify is the SS idae.

59
00:04:57,060 --> 00:05:03,050
This is the network name that will appear when people look for y fi networks.

60
00:05:03,540 --> 00:05:09,180
I'm going to keep this as Internet so when people look for a note where it's they will see my fake access

61
00:05:09,180 --> 00:05:11,610
point under this name.

62
00:05:12,470 --> 00:05:14,570
So I have nothing to say right now.

63
00:05:14,570 --> 00:05:20,750
But if you modified anything make sure you saved the file from file saved and then close it.

64
00:05:22,090 --> 00:05:27,080
And the next file that we'll need to modify is the start script.

65
00:05:27,120 --> 00:05:33,270
This is the file that will actually start my tool kit for us again.

66
00:05:33,270 --> 00:05:38,500
Were going to use leave to open an edit this file so were going to type please.

67
00:05:38,530 --> 00:05:49,410
Bud followed by the location of mine as a stout script which is in user share mine natwar could run

68
00:05:49,430 --> 00:05:51,380
minor stud.

69
00:05:51,430 --> 00:05:51,890
Now.

70
00:05:51,960 --> 00:05:54,500
Simple DOD s.h..

71
00:05:56,640 --> 00:06:01,150
Now in this file there are two main things that you need to modify.

72
00:06:01,470 --> 00:06:05,090
The first one is the upstream interface.

73
00:06:05,100 --> 00:06:12,740
This is the interface that has Internet access so this is this component right here.

74
00:06:12,810 --> 00:06:15,930
As we see before this is indeed 0.

75
00:06:15,930 --> 00:06:25,830
In my case so I'm going to leave this the same the next to ion P Troy is again the interface that is

76
00:06:25,830 --> 00:06:28,130
going to broadcast this signal.

77
00:06:28,140 --> 00:06:36,810
So in my example this is my wireless adopter and it is called LAN 0 nut line 1 so I'm actually going

78
00:06:36,810 --> 00:06:39,280
to modify this to like zero.

79
00:06:39,630 --> 00:06:41,390
Then I'm going to save it control.

80
00:06:41,400 --> 00:06:43,480
S and quitted control.

81
00:06:43,520 --> 00:06:51,480
Q And that's it were ready to start the fake access point and like we said before were going to be starting

82
00:06:51,480 --> 00:06:53,600
it using this script right here.

83
00:06:53,630 --> 00:06:54,090
Start.

84
00:06:54,090 --> 00:06:54,890
Not simple.

85
00:06:54,900 --> 00:07:01,920
Thats why we modify I did so all we have to do is I'm going to copy this because that's its location.

86
00:07:01,980 --> 00:07:08,420
So in order to start it because this ends with a dot s.h. we're going to do by sh.

87
00:07:09,450 --> 00:07:13,230
Followed by the location of this crypt.

88
00:07:13,680 --> 00:07:19,980
So when we wanted to modify to use in a text editor we use a program called leaf fired followed by the

89
00:07:19,980 --> 00:07:21,900
path of the file.

90
00:07:21,990 --> 00:07:24,560
Right now we don't want to modify it.

91
00:07:24,690 --> 00:07:30,870
We want to execute the code inside the code inside it is a bash script code.

92
00:07:30,900 --> 00:07:35,180
That's why were saying I want to run this file using Bash.

93
00:07:36,540 --> 00:07:38,150
Now I'm going to hit enter.

94
00:07:39,150 --> 00:07:44,120
And as you can see it's still on me that the access point is enabled.

95
00:07:44,250 --> 00:07:49,330
I can press enter to kill the access point so to exit it.

96
00:07:50,010 --> 00:07:54,660
Now sometimes the first time that you write this script it will not work.

97
00:07:54,670 --> 00:07:56,550
It'll actually give you an error.

98
00:07:56,790 --> 00:08:01,570
So it's a good idea to actually just run the code again literally the same command.

99
00:08:01,590 --> 00:08:08,160
If it fails if it complains about a specific error just run the command again then it might work.

100
00:08:08,370 --> 00:08:14,910
If it did it for it for the second time then ask me in the Q and A section and we will respond to you

101
00:08:15,000 --> 00:08:17,610
and help you fix this issue.

102
00:08:17,610 --> 00:08:23,150
So now let's go and try to connect to this network and see if it actually works.

103
00:08:24,590 --> 00:08:27,130
So right here I have a Windows machine.

104
00:08:27,230 --> 00:08:35,010
It's another virtual machine but I have another wireless adapter connected to this machine.

105
00:08:35,090 --> 00:08:42,680
Do not test this from your host machine because the fake access point is getting its Internet access

106
00:08:42,830 --> 00:08:45,630
from the host machine through the night network.

107
00:08:45,680 --> 00:08:50,690
So if you test this network from the host machine the network will not work.

108
00:08:51,020 --> 00:08:58,160
So either tested from another virtual machine with another wireless data or if you don't have another

109
00:08:58,160 --> 00:09:05,750
wireless adapter then you can test it from your phone or from another laptop or any other computer within

110
00:09:05,750 --> 00:09:11,040
range but do not ever tested from the host machine.

111
00:09:12,370 --> 00:09:18,250
So right here I'm going to search for networks to connect to and as you can see I have a network called

112
00:09:18,310 --> 00:09:19,540
Internet.

113
00:09:19,540 --> 00:09:22,970
It does not use a password so I'm just going to connect to it.

114
00:09:29,720 --> 00:09:37,160
As you can see I'm connected now and am going to open Firefox just to check if I have Internet connection

115
00:09:37,550 --> 00:09:39,940
so I'm going to go to being calm.

116
00:09:42,370 --> 00:09:44,960
And as you can see big dot com is loading.

117
00:09:45,070 --> 00:09:48,770
So now I actually have Internet access.

118
00:09:49,180 --> 00:09:55,870
So now anything I do on this computer will have to be sent to the access point if I want to access any

119
00:09:55,870 --> 00:09:56,540
website.

120
00:09:56,540 --> 00:10:03,700
If I enter any passwords and user names everything is going to go to the access point the access point

121
00:10:03,760 --> 00:10:05,310
is the hacker machine.

122
00:10:05,350 --> 00:10:08,720
So the hacker mission is already mine in the middle.

123
00:10:08,980 --> 00:10:16,000
So now you're at the same position that you would be after running an IP spoofing attack so you can

124
00:10:16,000 --> 00:10:20,210
go ahead and use wire showed to sniff packets and analyze them.

125
00:10:20,440 --> 00:10:26,760
Or you can go and you mount in the middle of exactly as they showed you before.

126
00:10:27,990 --> 00:10:32,390
The only thing that you need to keep in mind when using wire sharrock or a man in the middle.

127
00:10:32,430 --> 00:10:39,610
Or any other tool you need to set the interface to the interface that is broadcasting the signal.

128
00:10:39,630 --> 00:10:46,640
So this is the interface that you said in the p-h Y option not in the upstream.

129
00:10:46,650 --> 00:10:52,680
So in my case right now this would be like zero not zero.

130
00:10:52,680 --> 00:10:58,890
Also if you're going to use mine in the middle left theoretically you wouldn't need to use the dash

131
00:10:58,890 --> 00:11:01,920
dash 8 AP dash dash spoof argument.

132
00:11:01,950 --> 00:11:08,070
What I noticed that the tool will not work unless you add that argument so you can add it in and you'll

133
00:11:08,070 --> 00:11:11,500
see that it'll work exactly as from before.