Hacking WiFi Passwords with Flipper Zero, Marauder, Wireshark and HashCat! 🐬🙀📶🐱‍💻🖥💽

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] this video is for educational purposes only only test your own Hardware doing otherwise is illegal don't be a skid what's going on you guys it is the attacking Sasquatch welcome back to the channel today we're going to be exploring how to actually use the flipper zero to crack Wi-Fi passwords now I've been debating whether or not to do this video for a very long time I have to at least reiterate one more time only test your own equipment this is strictly for educational purposes only don't be a skid now right up top I want to thank Delilah princess pie 3 on Twitter without her this would have been so much harder to figure out definitely pointing me in the right direction so thank you so much there also as far as shout outs I wanted to shout out Astro for making these amazing stickers uh link down below and then sticks for coming up with these laser and craved merch we actually have merch now so thank you so much links down below so without further Ado buckle up it's going to be a good one all right so how this is gonna work is we're going to use our flipper zero and we're going to use for the sake of uh experimental purposes here the actual Wi-Fi board from Flipper mine's got a cool little case from just call me Coco with the marauder logo on it I love this thing the first thing we'll need to do is actually flash this with the current Marauder firmware that allows the saving of pcap handshakes to the actual SD card on The Flipper itself now this used to be done with putting a SD card on the back of the actual Wi-Fi board itself but you no longer have to I'm showing you it's not actually on there but that's the cutout where it would go but now we don't need to anymore so let's get at that I'm gonna go ahead and hop on over to our desktop open up the Google and let's open up let's say uh Skeleton Man flasher it's gonna show up right here on the GitHub and we're gonna go to download zip and I've already got a folder we're going to save that to this folder and then we'll open that which popped up on a different screen right over here and we're going to extract all extracts and then we've got our folder right here I'm going to go ahead and open up Powershell because I like Powershell and then we're going to just go to that folder so we're just going to copy the name of the folder and then we can just CD into there and there we go that puts us in the right folder let's resize this it's a little big now I've gone over installing this many many times but for the sake of this let's go through it again installing git for Windows that's in my first skid school so I'm not going to actually go over that but we will go ahead and download the driver so we're just going to get the universal driver right there it's going to save to the same place save and then we'll just go ahead and open that again we're over here and extract all extracts alrighty there's that and then all we got to do is right click and go to install open and operation completed successfully now that we've got our drivers downloaded we're going to close that we can close this and follow the instructions that are right over here first thing we're going to do is go ahead and copy Step Zero Step Zero is not optional do not skip Step Zero for any cost I've done it before and nothing good happens paste that right over in here and it will install the prerequisite packages we're gonna close the close no we're not going to close anything we're gonna go back over here and then we're gonna plug in our USB to our flipper I'll flip over to the face cam and show you that back over here so yeah we got our Marauder we're gonna plug in our USB cable just USBC it plugs in over here super simple um we're gonna hold the boot Button which is uh this guy it's the second of the buttons I've got them covered up but it's definitely that second one right there and hold this while plugging it in to the USB port otherwise it won't flash into the dfu mode that you need it to be so do that don't skip that now that we've got the drivers installed and we're gonna hold the boot Button we're gonna plug it in and we'll notice that boom it's going to work this is not the first time I plug this in normally it'll show a little thing in the bottom that says setting up device uh I've already tried this obviously for the sake of making the video but that'll happen and then everything will work just fine with that plugged in we're gonna copy this little command paste that in here and that's going to open up the Skeleton Man flasher I've been using this thing for ages it's absolutely fantastic and for this one we're going to select option two that's the serial Marauder on the dev board or an esp3 32 S2 if you're using one of those and this is going to allow us to save the information from this directly to the SD card very important press option two press enter and it goes it's going to erase the firmware and rewrite it everything's going to go perfectly easily perfectly fine no problems here now also yeah installing git as I mentioned before if this doesn't work at all it's probably because you didn't install git go ahead watch skid School 101 and you know get yourself learned all right now that that is completed we are all done our Wi-Fi board is ready to rock and roll now that that's all set we can close this we can close I will just minimize this we're going to need you again let's see don't need to be in this folder anymore let's just pop back to the main folder here and we're going to open up Q flipper I'm going to disconnect the Wi-Fi board from the from the USB connection I'm going to plug in my flipper to it and then I'm going to go ahead and color combo I'm going to go ahead and plug the marauder Marauder board directly into the top of our flipper now one thing that happens a lot of times when you plug in the Wi-Fi board is that it Dismounts the SD card so yeah like um is it still going to show things up okay it didn't Dismount the SD card that time but we're actually going to restart it always restart it once you plug in the Wi-Fi board it makes life so much easier and you know it makes sure things don't go wrong currently I'm using the latest release of Rogue Master it's got all the apps I want on it and I was what I actually bug tested everything in already so there we go from here what we're going to do is we're going to go to Applications I'm going to scroll on down to gpio and then we're gonna open up Wi-Fi Marauder once we're in Marauder we're going to go ahead and scan all the access points now I'm going to blur this out for the sake of my own privacy but I do have a specific router set up for this demonstration today just to show you how it all works we're gonna let that run for a second then we can back out so now that we have all of our access points actually red we can go to the list and go there you can see squash net option number two that's gonna be the uh the what we're testing today so we can go to select and all we're going to do is enter in the number two whoops I lost my there we go to do save so we selected option two press back once press back again now this is a little important because this is going to go kind of quick what we want to do is we want to sniff raw that's going to get all of the information that we can possibly get out of the marauder it's going to allow us to decrypt our password so let's set that to sniff raw before we de-off because we need to get again over really quick now currently I have my phone hooked up to this wi-fi signal so it will actually d off my phone so we're gonna go ahead and hit d off and that should immediately kick my phone off of the internet and then we're gonna go down as quickly as possible to sniff and now this is going to start reading every piece of information that it can get so we'll let that scan and then if anything worked well we'll be able to get the handshakes we need to decrypt this password so after a second there we can press the back button and that'll stop that and we want to make sure that this actually captured the handshakes so what we'll do is hit the back button to get to our SD card load up the SD card it's going to be under apps data under Marauder and then pcaps and look at that we have our pcap file right over there now that we have our pcap file what do we do with our pcap file well we're going to go ahead and download Wireshark Wireshark is a fantastic program specifically for this kind of thing so we're going to get started download and we're going to download for Windows because I'm in Windows we're going to go ahead and save that there and then let that download click that opening when complete all right click yes on the black screen would you like to so I've already done this but you'll just click yes I don't have to uninstall it first um but you just install Wireshark super easy so moving on now that we have Wireshark we can go ahead and download our pcap files we'll hit download right there and we'll just save it to our desktop as so and it should show up over here momentarily cool cool cool so we've got that let's open up Wireshark and we're gonna go ahead and drag and drop this guy right on down here and it says this capture file appears to have been cut short in the middle of a packet this is actually common it happens it's not a big deal so we're gonna go ahead and press enter and then we're going to actually search for eapol and press enter and we notice we've got all of these great messages right here this shows one two three and four of my handshake parts so that's super super good so now that we have that all we are going to do from here is actually save as and we're gonna save this as uh let's call it sure key sure Dot pcapp and then we're gonna use hash cat to decrypt the password on here go ahead and close our uh Wireshark here and then let's go find Hash cat we can search hashcat for Windows sure why not dude GitHub we're gonna go right to the GitHub because that's where the good stuff lives go to the latest releases and download the 7z file don't download the source code don't download the source code please don't download the source code save in just a second this will download we can open this and I've got it open in 7-Zip click the extract button okay and there we go we'll close that and we'll open it back up all right pop this open and here is our friend hash cat boom boom boom make sure you have hashcat.exe so we're actually going to go ahead and use command for this CMD I know I never use command but this is how it works CD there we go whoops H colon navigate over into your hash cat folder and now whoops we need to take our pcap file that we just made and we actually have to convert it into a file that will work for our hash cap so we're going to navigate over to this website let me move over here cool so we're gonna actually go to this website which is a cap to Hash cat site um it's going to convert it into a file that we can use there let's go ahead and open this was Sharky boom and it's going to go ahead and convert click the button there done done hit download and we're gonna drop that into our hashcap file and let's make this a little bit more you know easy to type in we don't know those numbers Sharkey and keep the HC 22 000 extension very important need that need that pull up our terminal again let's get rid of that and we're going to type in hash cat Dash M 22 000 Sharky dot HC 22 000 oh I forgot to mention this let me show you one other thing you actually need a password list so Delilah so graciously uh gave me one of her password lists so let me go ahead and grab that actually got that file over here because we're going to be doing a dictionary style attack on this so it's really just going to run all these passwords through dictionary so we're going to go ahead and copy this copy Ctrl C let's go back into hash cat and then Ctrl V so now we have our password list so we can pull this back up and then we're gonna simply just enter in the password list name which was cracked Dot txt.gz and we're gonna go ahead and just print it press the enter button that's really hard to say for some reason and it's gonna go ahead and do its thing please be patient and just like that status correct we cracked our password that's absolutely amazing so all we have to do from here is type in hashcat uh dash dash show and it's gonna be the name of the file handy I'll move my mouse out of here handy or no Sharky sorry Sharky dot HC 22 000 and there we go all you got to do I had to press spacebar um and it shows squash net and here is my super low quality password uh again it was went through on a dictionary uh password list so you know if you had a good enough password that wasn't on a password list it would be a lot harder for hashcat to break it now I know what you may be thinking how many passwords could possibly be on the dictionary list well let's find out go ahead and open this file and here we have all of our passwords there are quite a few in here so it's gonna cover most of the more common passwords we're at still going still going still going what 456 000. this words it's growing let's get to the bottom of this at some point 456 919 separate passwords on this list so if you have a common password it's on this list more than likely but yeah that's that it's pretty crazy that you can actually use flipper zero to capture the handshakes you need to crack passwords I've never seen it at least on YouTube anybody go through the full workflow of this so it's a pretty neat thing to do I know when we're figuring this out this morning getting it all working we were all pretty psyched when it worked so yeah this is this is awesome now there's an awful lot of things that have to go right for this to work you have to be de-authing a 2.4 gigahertz Network you have to actually capture the handshakes which means you need to D auth and then hop in and record those files with the record raw as quickly as you possibly can to make sure you can capture as many of the handshakes as possible I definitely run this several times and had it not cap capture all of the handshakes and it's not going to work at that point so this isn't a hundred percent bulletproof thing to do and because of that I won't be answering questions on how to do this in the comments especially since I really don't want to encourage people to be doing this on anything it's not their own technology not their own Hardware so yeah it's pretty remarkable how easy it actually is to be able to actually decrypt passwords using the flipper zero I know there's a bunch of other ways to do it with Cali Linux and again there's a number of other tools that can do this but if you want to do it on the flipper zero this is how you do it as always I want to thank you so much for watching just remember don't be a skid stay out of trouble we'll catch you next time [Applause] thank you

Info

Channel: Talking Sasquach

Views: 292,427

Rating: undefined out of 5

Keywords: flipper zero, flipper, hacking, technology, watch dogs, deauth, unleashed, flipperzero, talkingsasquach, talking sasquach, flipper zero hacks, flipperzero hacks, flipperzero how to, flipper zero unleashed, flipperzero unleashed, flipper zero roguemaster, flipper zero rogue master, flipperzero roguemaster, flipper zero talkingsasquach, flipperzero talkingsasquach, flipper zero talking sasquach, flipperzero talking sasquach, talkingsasquatch, talking sasquatch, flipper0, hashcat, wireshark

Id: subLBPJ3IxU

Channel Id: undefined

Length: 16min 32sec (992 seconds)

Published: Sun Apr 30 2023