HackRF Death Ray

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
and now park across the street 50 yards away Coleman simply points his device at Kelly's house 10% 30% and in less than 1 minute I'm trying to force her phone on my network and I I got her okay guys here we are with the flipper zero and the Wi-Fi Dev board which we are going to start modifying momentarily and we are going to use it with this antenna out here which I nickname the death ray let's go out and take a look at the death ray and uh yeah it's snowing a little bit out here sunny and snowing so here we go this is a 24 DB High Gain very directional antenna it's parabolic as you can see it's got that curve to it it's got a focal point in the center and and uh yeah wherever this thing's pointed uh that signal is going it's concentrating the signal 24 DB is a lot of gain and uh we're not only going to connect this to the flippers uh esp32 radio we're also going to put an amplifier on it so it's going to be really powerful that's why I'm calling it The Death Ray and uh here you go pretty cool antenna so actually I've used this before I had it on the roof of my my house and I was able to connect to a Wi-Fi access point in a gas station that was 5 km away um I did use the amplifier on that one too was pretty cool getting free Wi-Fi from a gas station was 5 km away so this is uh basically what you're going to be able to do with the flipper you probably if you had this up on your roof on a rotu you could you could pretty much point it in different directions and pinpoint your target okay guys so we're going to start doing some experiments the antenna is actually at 25 ft so I'm going to be using a spectrum analyzer and also the hack RF to generate a test signal so we can get some readings of what our gain is um should be interesting stick around guys okay guys so we're going to start here with our uh instrumentation we're going to be using a hack RF on the left there to generate a test signal and on the right is our Spectrum analyzer and uh Spectrum analyzer we will turn it on here there it goes and uh I'll just show you I already programmed it but uh the frequency I centered at 2440 that's 2.44 start at 2.4 span 80 that's the Wi-Fi band um from one end to the other the 2.4 gig Wi-Fi band and uh you can see our scale there goes about minus 50 what it's showing there is just Wi-Fi traffic that is presently um in the air around me so yeah so let's go over now both of these uh have a Broadband antenna on it I'm going to go over the hack RF and what we're going to do is going to create a test signal and we're going to use Jammer to do that it's actually quite helpful so the center again we want to be on 2440 we will put that in there and uh the width we're going to do one 1 megahertz we need to enable range and uh as for modulation we'll do random random FSK okay and then look at that there we are nice big peak okay now I'm going to turn it off so we go stop okay I stopped it start it again and there's our big signal so amplitude we're going to just change the scale here so you can get an idea how strong that signal is look at that it's right up there minus 20 so that that's because they're right next to each other so what I'm going to actually do is I'm going to put the hacker F outside right by that antenna it's going to be 25 ft and I'm going to actually use the same antennas I'm not going to use the high gain antenna just yet and we're going to measure um the same signal okay stand by guys okay I'm ready to go outside I got my coat on so we're going to take the hack RF which you can see is running I'm going to take it outside we're GNA place it right here for now there she is okay and what we're going to do after that we're going to connect it to that cable to that antenna so we're going to head back in let's take a look at the Spectrum analyzer and yeah you see how much weaker it is can barely see it compared to everything else it just kind of Blends in so it just goes to show you about the antenna okay let's hook it up to that big antenna and uh we'll see what we get stand by okay so I have now connected to that LMR 400 that big thick cable there's an SMA connector on the in there and that is running around to the hack RF and I am going to start it there it goes it's transmitting so let's go inside and see what field strength we have the thing pointed right at us oh yeah I can see it definitely uh definitely stronger than it was yeah that is minus 50 so it's pretty strong let me try hold on a sec looks about the same let's try a different antenna here we're going to see it but it's definitely not uh yeah it's coming at us okay we're going to try the amplifier next okay so now I'm going to show you the amplifier here this is the amplifier and I have the antenna mounted right to the amplifier as you see now this amplifier runs on 5 volts so I have connected on a USB cable and I'm going to plug that into that battery and it's going to give our amplifier the power it needs and that will also make it portable so let's first try this we will turn on the transmitter and you can can see kind of something there but the amplifier is not plugged in and uh let's try that W there we go with the amplifier on holy crap look at that minus 13 of course I'm right next to it oh keeps going that's - 10 that's cooking hot that is really hot so um just see when we unplug the amplifier what happens yeah it drops down hardly anything so okay let's go connect this out to the antenna let's plug that back in the battery wow look at [Music] that cool okay let's try that out stand by just out of curiosity before we actually take this outside remember it was hitting uh minus 10 what I've done is I've just taken the amplifier out but I put the hacker up in its antenna exactly where the amplifier in its antenna was so the spacing is exactly the same between those two antennas and uh we're going to start the hacker RI and then we're going to look at it and you see it's heading about minus 20 and before was heading Min - 10 so that shows the amplifier gives us about 10 DB gain and that is three times more than three times uh every 3db is uh double the gain so that amplifier is tripling whatever this was putting out okay stand by guys okay I'm back outside and we got uh the hacker ref generating our signal we've got our 10db amplifier battery pack and that's connected to the LMR 400 and now I'm going to go in my house I'm going to go to the far end of my house and I'm going to see how strong this signal is stand by okay guys I just want to show you I'm at the far end of my house and there it is there right in the center it is the strongest signal it's oh it's more powerful than the Wi-Fi in my house which is pretty cool and just to give you idea at that I'm like way way down there really cool so we'll make our way back to the kitchen you'll see it getting stronger and stronger but yeah it's it's definitely lighting up my house yeah okay now we're going to do some experiments with flipper okay so while we have the Spectrum analyzer running on the Wi-Fi band I have shut off the uh hack RF test signal outside so what you're seeing there is just normal Wi-Fi traffic in my neighbor neighborhood and uh what we're going to do I'm just going to demonstrate here first um we're going to go in Marauder and we are we're going to do the Rick Roll attack what I like about Rick Roll is it actually scans up and down the band so it's utilizing the entire um and you'll see here watch this when I start it going look at that isn't that crazy it's using the entire band channel one through probably 13 not sure in North America we only go up to channel 11 but uh yeah there we go we'll stop Rick Roll and we start Rick Roll so we are going to there is uh it's very hard to see but I will point it out this is the built-in antenna and it looks like a squiggly line there is actually a spot right there for a coaxial connector um these ones don't come with it because it's using the built-in antenna now right there is a very small resistor that can be put into two different positions one to switch the signal to the coaxial connector which we don't have and the other is to send it to the built-in antenna so what I'm actually going to do is right here I'm going to cut the track and I'm going to solder on uh a table similar to one of these but a female and that will allow us to connect that end onto the flipper and to the amplifier and to the big antenna so there you go guys we're going to start that right now and it's going to be interesting to see what we can do with the death ray look at that so crazy let's put it right up against the antenna here whoa it's going crazy okay stand by guys okay I'm trying to keep things scientific here one last thing uh before we modify the flipper we need to test uh the Rick Roll at a range the same range so we are going to start the Rick Roll and there it is taking place now I'm going to place it outside right next to the antenna we go out here and I'm G to place it right on top of here okay there we go we're Rick Rolling red lights on and it's basically exactly the same distance from the big antenna so we go back in the house and we'll see what the normal antenna yeah we can see some Rick Rolling there so we're going to see okay it's about 50 to 60 so when we're done with the booster we're going to see uh in the big antenna what we get okay stand by guys okay guys so what I've done is I've started to scratch away right here uh the coating on top of the track to expose the copper blow I will be then making a cut right about here through that copper track disconnecting the internal antenna and then I will be using one of these it's an SMA female connector on that end and uh I've stripped the end uh as you can kind of see put it up against something uh darker there's the shield Twisted to the side and there is the center wire and the end is stripped I will be soldering the end wire uh to where I cut that track on this side here so it's connected to the radio and the shield I will just solder that to the top of the case because the case is actually a ground and very easy to solder to that metal so it'll be just basically like that the way it's going to be wired on now the nice thing about what I'm doing is if you wanted to restore it back to the way it was you can remove the coax cable wire and then put a blob basader here across where you cut it and you would be restoring this back to exactly the way it is now and okay so let's let's start let's start soldering stand by guys okay well there's the finished product and I'll give you a little rundown here what I did I used a very sharp box cutter knife and I made I scored it right there cutting through that track I then had that track scratched so there was exposed copper was able to tack a little bit of solder on there and uh tack down the center wire and The Shield wires are just Twisted together and soldered to the top of the case which is ground and what I'm going to do I'm just going to put a zip Tire right there through that hole to tie it down and uh there you go I got myself a external antenna connector now something else to point out about the esp32 and this is very exciting it can also be a Bluetooth radio uh right now it's flashed to be a Wi-Fi radio it cannot do both at the same time but it can be one or the other in Bluetooth mode if the flipper had the proper firmware to communicate with it as a Bluetooth radio I'm pretty sure that probably exists somewhere out there um you could then use this uh same setup here for your BL uh spam attack and use a high gain antenna and point it at somebody um so yeah very uh very cool okay guys so now I'm just going to zip tie that down and we are going to start doing some testing with the amplifier and uh the death ray antenna okay stand by okay so there we are we just the uh background Wi-Fi going on and here we are with the flipper zero with the modified uh Wi-Fi Dev board with the connector on it we are now going to take that outside and we're going to Rick Roll and we're going to see how much better uh a signal we're getting on the Spectrum analyzer and then we are going to add the power booster as well okay guys we're going to head outside now and do this okay so I got the flipper connected directly to the death ray antenna and we're going to now start the transmitter and the red light is on let's go inside and see what kind of an improvement we have oh yeah definitely got an improvement over what we had before let's add the amplifier now let's bring this up here let's put the booster on it now okay we are now Rick rolling through the amplifier let's go in and check it out oh yeah that's a lot more powerful look at that it's really dancing definitely stronger with the booster cool let's uh put it like that let's go for a walk while we at that still picking it up walking through the house here all the weight on my front door and it's still rck [Laughter] rolling great that's what I want to see look at that we are Rick Rolling let's try and change the polarity seems to be good all around excellent that's only a 10 DB amplifier they claim it's about a watt but on that wi-fi system but um there are 20 WT amplifiers there are there's even more powerful than that so I'll show you guys a website where you can buy really powerful ones if you really want to go nuts but this is still pretty good and you can beam this side any any uh any Target you want with that directional antenna so there you go guys hope you like that Rick Rolland look at this wi-fi jacking three ways to protect yourself and I'm showing you three ways how to do it let's uh uh let's actually go over and look at uh we're getting Rick Rolled here yep we're getting Rick Rolled never going to let you down never going to run around and desert you how funny 30% and in less than one minute I'm trying to force her phone on my network and I I got her now to prove that Coleman's got control of Kelly's phone she's going to try going to a website but she's not going to get there wow what the heck is that looks like uh that is a phone sex website you didn't want to go to that website Coleman forced you onto it yes I did not want to do that okay guys so here's how it's done I I found this esp32 schematic and uh what it's showing here is a closeup clearly of the built-in antenna here is that resistor I was talking about it's actually a jumper it is a zero Ohm resistor so it's acting as a jumper in this case a switch if it's placed in R14 it's connecting the radio to the coaxial connector if that connector is on the board which we don't have SS was designed to use R15 which took it straight to the antenna so what I did is I cut it right here and I scraped off the coating here exposing more of the copper and I soldered my cental wire for my coax right here and my ground The Shield right to the case the metal case now what's nice about this is you can remove it and you can put a where I cut it you can just solder across and you've restored the same function functionality going over here I did find uh let me show you this one first this is an 8 watt amplifier now in that news article that I just showed you in the full article the guy I noticed in his car he had a 25 watt amplifier uh yeah that's a lot of power to be focusing on a particular Target no wonder we got her phone so these amplifiers are not very expensive as you see there's one there 80 $81 um they have some other ones here there is this one doesn't say the power over there it does four Watts this one's 5 watts and another four water on this site here they have some uh much more expensive these guys as you can see but that's a 4 watt amplifier it does both bands 2.4 5.8 okay so there you go guys hope you enjoyed that anyone closer to his signal than the one the city is blasting out will only see the fake Wicked free Wi-Fi option and if your device connected to the real system in the past it could even automatically join this Rogue Wi-Fi network so you just called it the same thing yeah or is there any slight difference no hey guys welcome back to the channel and today I'm going to show you a new antenna which is omnidirectional and I'm calling it The Death sphere and this antenna is actually probably more practical for just general use if you don't really know what you're after you want it going in all directions this is this is what you're going to want to do so here we go guys first of all let me show you the death sphere and I'll show you some footage I shot yesterday of me actually setting this up but there it is there that is a 6t Wi-Fi antenna it is 16 DB and it is omnidirectional so it is sending its signal out in all directions in the form of a sphere if you were actually able to see the signal it would look like a big ball coming off that antenna that's why I'm nicknaming it the depth sphere and uh just another section of some fiberglass to get it up there fiberglass pull and then there is a metal stand the cable coming out of it I use some LMR 400 it is the best cable you can get for microwave and especially up in the 2.4 gig band very low loss that cable comes up to here where I convert it from an end connector to an SMA and I believe this is rg174 coming in this type of cable uh okay for short runs and uh there is a 10 DB amplif fire powered by that battery and that runs up to the flipper zero there is the ESP 32 which I modified in my previous video called the death ray and uh so I am running uh Unleashed on this flipper because it works best with evil portal and this is the first demonstration I'm going to do just so you guys I will do another video exclusively on evil portal and how to set this up because there's a lot of people asking questions cuz I had trouble setting this up too so I went out and uh did a lot of research on this the best way to do it there is uh a special flash it's kind of the esp32 is set up exclusively right now to do this it's not able to do anything else with this flash on there it was the only way I could actually get it to work but uh let's go down here select AP name I already have in there Amazon free WiFi which we will save and then we're going to select the portal page and I only have Amazon in there right now and the index one is a test so we will select that and we will go up here and we will start the portal and this is the response you're going to get and that green light should come on means the transmitter is running it is sending out its Beacon right now and the web server The Flipper is actually acting as a web server in a DHCP which is pretty cool uh what that is is well you'll see in a minute so we're going to go over here and we're going to look at Wi-Fi networks and you will see there's one huge big one there called Wi-Fi Amazon free WiFi look at how strong that signal is compared to everything else uh around me and uh they are actually using 40 MHz wide uh channel for you know that's why it's so big um that is already preset in the configuration I don't know if that's changeable I would actually like to change it to 20 but anyways 40 is fine we got a lot of power and uh yeah look at that we're taking up half the Wi-Fi band there and uh if we go here we can actually see it shows the power of on on the signal strength and uh oh there it is down at the bottom there and we are 41 look at that 41 compared to everybody else wow pretty good really strong well we're kind of walking on everybody so anyways uh let me show you guys here if I do that I can connect connecting hold on I think we got to do this and go there into connections and Wifi oh we got a we got a problem okay guys back to the flipper I noticed this before I get a couple of illegal Wi-Fi characters being sent after the Wi-Fi access point name um the way to correct that is just go here and go back see that I'm pushing it and nothing's happening so there's two illegal characters that are hidden there this is a bug in the script but if I do that and then I save it we should be all good and we go back and start the portal yeah so there she goes we should get her back let's go uh yeah there it is see now it says Amazon free Wi-Fi and it doesn't have those question marks at the end uh that will allow us to connect to that access point and uh now we need to sign in sign in there we go okay now wow does that not look like Amazon to you that is all coming from The Flipper zero and uh yeah it's totally bogus and uh that would probably fool just about anybody I mean I I would be fooled by that too that that does look like an Amazon login so what I'm going to do is I'm going to go here and I'm just going to put in my name and the password I am going to choose is 2469 my favorite password and then we're going to say go and okay I think it sent it and of course there won't be any response from the portal but the credentials just got sent Peter 2469 there you go guys Isn't that cool and I will be doing a video follow-up video after this one on evil portal and how you can set up an evil portal too and there's all kinds of different portals that you can use these web pages um pretty cool here we go over here on a Windows computer Amazon and we'll go connect and this is pretty cool what it does on Windows look at that there we go same thing and it's it it's all automatic uh on a Windows computer you just connect to oops let's see hold on here we go okay test and then I'm going to put in 45 6 78 as my password and I'm going to send that and I'm going to go hey what's going on it's not working and there we go and before people start going oh how come you got so many tabs open because I've had people say that before about my computer well here you go guys look at that sign in asosan Airlines these are all the different portals there's Amazon American Airlines that's Apple AT&T these are all uh ones you can put on there Facebook pretty good Jet Blue Microsoft yeah so let's go let's go back here and let's look at our signals again let's look at the graph oh this thing oh there it goes yeah look at that Amazon free Wi-Fi that' be funny if somebody in my neighborhood going to try stick it to it uh yeah but if they did I wouldn't do anything anyways uh here we go so now we're going to do some RF experiments now that you've seen this and I will do some more on this later on actually how to set this up in a different video but there is the death sphere and there is the death ray if you want to do a targeted attack directional that's the type of antenna you'd want to use and uh I'm going to hook that up we'll probably do some more Earth experiments on that one too now that I changed the polarization cuz a lot of people were upset that I had it polarized wrong and why I turned it 90° was it was for the picture actually because the flipper was sitting on it and uh yeah anyways we'll get back to that hopefully it won't rain it's not the greatest weather right now but uh there you go guys okay stand by we're going to do some RF experiments now with Spectrum analyzer and uh see uh oh and I got two amplifiers um show you that I got another amplifier here that we're going to hook up these amps are designed for Wi-Fi they are bidirectional and what that means is when you are transmitting they turn on and transmit when you're not transmitting they receive they go the other way I tried connecting two of them together for Wi-Fi it did not work probably because of the the timing and when you're trying to transmit them both switching back and forth it just didn't work but they do work if you're sending just a carrier in one way in One Direction um I'm going to be doing that with the hack RF just to do some tests and we will see how much power we can get out there and uh with the death sphere okay guys standing by okay guys you see a Wi-Fi antenna this big before this thing is 6 ft 6 ft in length and uh we're going to put that up in a moment and I'm going to wire it up with some of this heavy duty this is LMR 400 with end connectors and uh that's the stuff you want to use for microwave frequencies is very low loss so yeah we're going to go over here and get the death ray I'm going to take the death ray off that St and and we're going to mount it right on that momentarily stand by guys okay the death ray is down and the death sphere there it is there antenna big stick way up there and I made a stand for it and we got the cable coming down here and that is going to go to that SMA to go in to see flipper which is right there okay guys standing by the death sphere okay guys I'm just getting prepared here we're getting the uh hack RF Porta pack ready and there's my Spectrum analyzer and you can see a lot of spikes at the left which is around channel one and that sure enough correlates with uh what we're seeing on the graph here and the biggest one there is the Amazon free Wi-Fi which we are going to shut down now and we will stop the portal the green light will turn blue and we will momentarily see that disappearing there still is quite a bit of activity you can see it whoa look at that that was weird right at the moment uh the Amazon shut down there was like a big burst there that was cool to see anyways uh looks like channel one this is it here is the most active or most powerful in my neighborhood so we'll start with that one uh Channel 11 over here is uh kind of weird usually Channel 6 is the most popular in the middle but uh we're going to uh start putting some carriers up and uh see what power levels we can get on the Spectrum analyzer which with this experiment I will be keeping these two devices in this exact spot and uh the antenna outside the death sphere will not move either it will be there too and it's probably about 25 ft away okay guys stand by okay guys what you're seeing here is just normal internet uh radio traffic that is being received right here on this table and there is a spectrum analyzer just normal activity and as we can see here channel one to the left is the most strongest signal uh that we're able to receive in Channel 11 to the right is uh all the second strongest so let's go over the hack RF and see what we can do with uh oh hello we have a visitor here what's your name he's come to watch the show hey so cute look at that I don't chew on my wires okay he's done that before he really has anyways there's the depth sphere and we are connecting through 10db amplifier and the hackrf on centered around Channel 1 2410 sweeping 20 mahz um random FSK gain 47 and see that a z I just discovered that that is an amplifier and it gives me another if I change that to a one it gives me another 5db so we'll try that later but right now we are going to turn turn that on we are transmitting and uh you can see on the Spectrum analyzer all that uh random noise the left and that will that's going to cause a problem on channel one you should probably see something momentarily here soon as this uh iPad app refreshes we'll probably see uh that channel to the left drop out and we will also play with that second amplifier to the right oh yep something's happening here we lost one of them oh yeah there's uh things happening appears there we're definitely causing a lot of upset and there we go now channel one totally gone it actually probably happened quicker than that but this there's a refresh rate oh he's trying to come back look at that we're fighting with him let's try more power okay let's start the experim exp here with the amplifier uh different amplifier setups we're going to start here uh first of all channel one I'm going to use uh one MHz of bandwidth and I'm going to do an FM tone it's going to give us a nice uh narrow Spike and uh you'll see what I mean in a second here and this is the same setup with just a single amplifier and we go over the Spectrum analyzer and you can see a pretty narrow um we are actually fighting with a lot of signals there so we are hitting about that's just right there we are hitting about 50 so yeah about 50ish okay let's put on a a second amplifier okay I'm back and I've got two amplifiers going so that's 20 DB uh okay so back here everything looks normal as can be and we're transmitting a very narrow 1 mahz of bandwidth um we're going to see how much stronger we are and uh yeah that made a big difference oh my God it's going up to 30 now look at that we are really really strong and wow yeah we wiped him out a little bit more power but we wiped that guy out pretty cool like channel 3 he trying to come back but channel one yeah we're definitely we we wiped him totally out so let's take a look at that uh yeah we are just about heading 30 there and keep in mind guys this is an omnidirectional antenna so it's sending power out in all directions the death ray was concentrated power there's the death ray down there that was concentrated power in One Direction so uh yeah that's pretty impressive that that antenna is putting out that kind of powerus 30 and uh yeah totally wiped him out so let's let's turn up the the 5db booster on the hacker let's try that next so let's see what are we getting there we yeah we're just getting up to about 30 okay so hack RF we're going to stop and we are going to go down here and we're going to turn that to a one and then we're going to start it again and let's see we should get even higher than 30 yeah definitely heading 30 more there you go guys and yeah he's still gone um let's change uh let's actually start sweeping why don't we go right in the middle of the abandon sweep see what we can do okay so we're going to start to and we're going to go here and we're going to put in 20 20 440 done and then there we're going to put in 20 22 done okay that's right in the center of the band we're going to sweep full power there we are full power we'll come back here see channel one he came back we are sweeping here should knock out uh whatever is in the center there our little friend is back anyways should be getting exciting pretty soon here soon as this iPad does a ref fresh but yeah we are causing a lot of noise there actually you know what I'm using an FM tone I should change that to random FSK it'll have a better effect yeah that's why we're frequency modulating we don't want to do that we want random FSK that'll have a better effect hey yeah look at that yeah there we go so that's what you want to use guys uh random FS definitely and one thing I noticed too when I'm doing this with a lot of bandwidth this thing starts to get really hot cuz this one's actually driving the antenna this one is more of an Exciter he's driving one's driving the other so yeah this guy will start to get really hot very quickly um I was actually putting an ice pack on top of it to keep it cool cuz we don't want it to go thermal uh can actually burn it up so we're driving a lot through that thing yeah look at that cool okay guys uh let's see what else we can do okay guys one other thing I wanted to cover in this video was a lot of people complained about my previous video that this was polarized wrong and uh actually it probably was but it probably didn't make much difference because of my range I was only going about 100 ft the reason why I had it flipped was well it was for the picture I had flippers sitting on there this didn't exactly uh look good it was in the way so I rotated it um but I actually had somebody say they couldn't watch my video because I had it polarized wrong I was like okay so what I've done is I've polarized it correctly and I put it back on the stand and we've got the uh death sphere and the death ray now both mounted on the same stand and I'm going to shoot that signal into my house and I'm going to do the exact same test and uh we're going to try to do this before it rains cuz it's not looking good right now the weather but uh there's your amplifier and it's the exact same setup I had before 2440 1 MHz and you can see some rain is already starting to fall so we got to do this quickly but I'm going to start the transmitter let's go inside and uh we need to turn on the Spectrum analyzer here should be starting up there we go there it is there so we're heading about 30 whoa look at that I'm right in in the beam right now of it so it's right out there and that is uh wow it's going all the way up to 17 that is uh yeah it definitely looks more powerful because it's polarized correctly but we're going to go down to my the front of my house here and this is where I actually did the previous test so I'll just put it down on the table there little bit hard to see I'll put some lights on maybe not and [Music] uh I remember hitting 50 in the previous video which yeah it's going Beyond 50 oh it's definitely more more powerful okay well yeah of course it's polarized correctly so it's using the whole reflector and uh I'm in the previous video it was hitting 50 so wow it's about 15 DB more so you know what we're going to do just for fun before it rains we're going to put the second booster on there and we are going to um turn that uh internal booster on okay stand by guys okay guys we now have uh hacker ref is running and I have the booster turned on on the hacker ref see the A1 and that is connected to the first amplifier and that is cascaded to the second amplifier and then that is going to the antenna right there okay let's go inside and see what we're getting now it's probably going to be really hot let's take a look at the Spectrum analyzer yeah look at that um amplitude has changed the scale a bit so we can see how far this is going look at that it's hitting five so let's take it down to the front of the house to the exact same spot here we can see yeah it is going up to about 20ish there this about 100 ft away so yeah very strong signal and uh let's go back let's take a look yeah I kind of expected that anyways guys I hope you like this video please do give me some thumbs up it always helps and uh there you go okay we've been warned repeatedly that using free public Wi-Fi can put our personal information at risk but facing a choice of using up our data or connecting with free Wi-Fi most of us take the gamble today I'm going to show you how to flash a easy very easy way to flash The Flipper zero Wi-Fi module uh with Marauder uh this is because uh there's a lot of confusing information out there it can be you can be pulling all the hair out of your head trying to figure I would how to flash one of these so I'm going to show you the easy way to do it and how to just go straight to one particular GitHub site where you can download a zip file put it on your computer and open it and just click on the batch file and it'll run and'll program this thing and it also gives you the feedback on your computer screen of exactly what's going on so you know the thing's actually doing something it's not uh hang hanging or you know waiting to do something that you don't know so we're going to go over to this uh GitHub it's uh Uber Geo Z flipper and uh he's done a pretty nice job here putting together uh some helpful links now there is a uh a web-based um one that he's got here but I don't really recommend using this I've tried it um it's it doesn't give a lot of feedback because it's running off of a server so you're kind of confused is it doing anything or not it maybe I just didn't really want to wait around and you know see so what I do recommend is you go down here and you download the zip file from here and I'm going to do that right now and we'll see it's downloading right there okay it's downloaded so we're going to open that zip file and uh we're going to go over here and there is the zip file the file's open and uh we're going to click on the flash bat and before we do that we're going to come over to the flipper board we're going to hold the boot down we're we're going to hold the reset down then we're going to let go of the reset and then we're going to let go of the boot and it is connected to my computer as you can see and we are going to click on the batch file there and uh it is going to ask us which one we want to do and we're going to pick number one because we are flashing so I'm going to press one and return and it is going to start and there it goes from were erased now when I used the web- based one it took um it took 17 seconds just to erase it and here it took like not even one second so but what I really like is the feedback we're getting there we know uh that it's actually doing something there and uh that's it you can close the window so we we've now flashed Marauder and uh okay so we're going to close that and I just want to show you one little thing here it's very interesting is there's the esp32 chip and there is the antenna built-in antenna and some of them come with this connector on the side but you won't get that connector you'll see that I do not have that connector it's blank and that is why the reason why is because because see there's a resistor 15 and resistor 14 those actually are act like a switch if it's placed in 15 it's connecting to the external antenna or the uh built-in antenna and R14 would go to the connector which would be an external antenna so I wanted to point that out because those resistors are really hard to see and a lot of people uh don't realize um what's going on here but we're going to connect an external antenna up to the sky later on a really big one and an amplifier to extend the range of this attack so here we go guys I'm now going to plug this into my flipper and we're going to do some dexs stand by okay guys so there we go I got the flipper zero Wi-Fi module flashed with Marauder and it is currently attached to my flipper zero my flipper zero is Tethered to my computer and I've got Q flipper open to give you a bigger shot up here of the action and over here on this tablet I'm showing presently the Wi-Fi networks on the 2.4 gig band and we're about to take all those out and those are my neighborhood uh access points so what we're going to actually do with flipper is we're going to go into Apps and we are going to go to gpios and then we're going to go down to Wi-Fi Marauder going to get this API mismatch doesn't matter and uh we are going to scan APS now I've if you do that it's going to scan your neighborhood it takes a little while it takes about a minute I've already done it so I'm just going to skip that and I'm going to go over here and there is the list and you can go through them all um the first number is the number we're most interested in metro police number one that looks like a good one to take out so uh we're going to go back here we're going to select the AP now here to select number one that Metro Police AP we're going to put one we are going to save that and then we're going to go back to the list and now we're going to do an attack now we could just de off the Metro Police but we're going to have a bit more fun I like the Rick Roll so we're going to start Rick Rolling and this is a beacon uh spamming attack and we're going to see oh my god look what we've done it just goes up and down the band and it just jams the entire band and if you take a really close look at these access point names it's actually the lyrics to Rick uh Rick Ashley's song never going to hurt you never going to deserve you whatever whatever but yeah so anybody that's actually trying to find an access point right now is is just going to get a whole load of Rick Ashley lyrics so there you go guys uh I hope you found that kind of exciting yeah so standby let's see what else we can do okay so now we're going to have some fun with the deth attack with our freshly flashed Marauder Wi-Fi dead board what I've got going on right here for experimenting with is an old lynx's GL router which is providing us our access point and I also want to demonstrate that we're really close like it's right next to us but we're still going to take it out uh okay so the access point is actually acting as Marriott Hotel when I did uh experimenting with uh Wi-Fi password stealing it was set up to do Marriott Motel 6 Hilton and holiday in you can actually see them all there we are connected to the Marriott access point on it and this computer back here is also connected as you can see to Marriott and uh so is my other computer here they're all using Marriott so we're going to get flipper here and we're going to do Wi-Fi Marauder we're going to go in there skip that API errors not a problem and we're going to scan APS and um basically it is scanning right now all the available APS an area and uh we'll just let it do its thing and it will shortly have a database and as you see the razis is the signal strength there's the channel number there is uh either the Mac or the name of the access point a lot of Macs come up because there's a lot of hidden access points those are typically uh devices internet of thing devices that are talking to each other they use Wi-Fi too Wi-Fi is used for a lot of things then people realize anyways I think we're done we are going to go here we're going to go into the the list and we are going to find Marriott where is Marriott where is it it's way down here somewhere link oh there it is okay 3 4 is Marriott so we go back here and we're going to select it by typing in 34 which is that one and there and then we're going to save that says we've selected uh 34 see and we go back here and now we're going to just do a Deo attack so here we go guys we are deing Marriott at the moment moment and we'll see what happens let's go over here and oh incorrect password oh it's trying the motel 612 and they're both incorrect because it's actually their virtual access points of one another oh this computer just dropped off oh it's trying to connect to Marriott and it's having a problem and go back here and look at that incorrect password and this computer here oh yep see the globe it has lost its connection and uh no internet oh it's having trouble it's trying can't it cannot connect so there we go guys the do attack is effective and um it's really interesting uh you know as close as these devices are to the axis point which is like right there flipper is actually because it's not actually jamming it it's actually interfering with um the messages being sent back and forth and obviously the password look at that it's it's uh and this attack is actually um created to grab the password the encrypted password handshakes that these devices are now trying to connect back to that access point over and over again like this one here is actually just oh there he's going to try I'm going to say connect and it says incorrect password look at that so let's let's stop the attack and we'll just do that we've stopped the attack and let's see what happens connecting will it be able to reconnect on its own this oh this one connected it's back Connected okay this computer is still trying connecting let's go here uh let's try it now connect there we go it's able to connect now I wonder why this one's still having trouble here oh there we go finally connected and we're back we're back we have the Wi-Fi symbol so there you go so what I'm going to do over here is I'm going to actually start playing this video here oh this is not a touchcreen get so used to the touch screens this is an old computer so it's going to start going okay there we go and we're going to start the de ATT attack again and we're just going to see how long that takes that video there's always some buffering on videos but the de ATT attack is happening shouldn't be too long y we got the incorrect password again oh this one is having trouble connecting again so it shouldn't be too long I can see down on the bottom it's already lost its Wi-Fi I don't see the symbol so that video is not going to last too long that's just buffer right now YouTube actually has quite a bit of buffer on it so it's already downloaded it so yeah we have lost the connection there and uh this one here too let's try let's try just doing another video here oh connect to the internet okay so yep okay so let's stop the deth attack and let's see what happens here oh there we go yeah we can connect now and of course this one there it's connected now it's interesting the tablet needs you to initiate it again it won't reconnect on its own for some reason these other computers are all uh this one takes a little bit of time it is connecting there it goes finally connected so there you go guys I hope you found that interesting and uh yeah there you go the Beloved deac and that's just doing it at low power uh very close by it's actually the esp32 with the built-in antenna is 1 mwatt that is its eirp um we're going to play with that we're going to wire an external antenna and we're going to try some higher power attacks um it's actually hard to gauge well I could measure the signal strength but um be great if we could just go some big open field and see how far um but I've heard that with overwater power and a good antenna you can actually go a kilometer so yeah okay hope you enjoyed this guys take care thank you so uh going back here one of the greatest things about the latest extreme update that I've observed in my previous video I was doing the evil portal attack and um I could not get it to work in extreme so what I had to do is put on leash Dawn here and then go Flash the esp32 manually with four different files and that got it to work but it only did the evil portal like my board here my Wii dead board could only do evil portal well guess what I flashed it back to Marauder The Marauder firmware is on the es32 and now with the new extreme firmware the latest version if I go apps and then I go up I have a wifi folder this is something new and evil portal and Wi-Fi Marauder are right there and guess what they both work so here we'll go in and we'll just do a little demo of the evil portal portal and uh select HTML we're going to do extreme you can put in your own Evo portals you can download all kinds of different ones and uh the Wi-Fi name they already got Wi-Fi Google Wi-Fi in there so we'll just start the portal and there you go blue light is on which means the beacon is up and web server is up and it is it is ready for action so if we go over here we should see it popping up over here um Google free Wi-Fi there we are so we are going to select that how do I do that oh yeah there it is at the bottom cut connect actually I believe I need to do this with this one [Music] um we go here [Music] connections okay Wi-Fi is on there it is there connecting sign into Network yes we need to sign into the network and there is the extreme page that comes up that could be any type of portal and as you will see I will put in my name and my password is always 2469 and we'll go and then uh look at that pick flipper captured it user in pass Peter and pass is 2469 so that is evil portal it's all about you know acting as a bit of a Honeypot and getting people to give you their credentials so don't do it guys it's not a good thing but makes I'm trying to make people aware here that hey this stuff does happen and anybody can do it and now with the new extreme firmware anybody can do it now I had a question about how to how to Deo multiple access points I'm going to show you how to do that go in here and we do a scan and let's just let it scan and uh you know what I'll do let's get Q flipper going here then you can see it up nice and big so okay it's scanned it'll go on and on CU I there's so many access points in my neighborhood but you go down here and you go to list and uh okay see to the left there's numbers 0 1 2 3 4 okay those are the numbers representing on our flipper um the access point this is how you select them okay so what we're going to do just for this demo I'm going to select one two and three and uh so what we'll do is we go back and we go in here to select and then you just go in here and you go one okay to select number one and then we go save and then we go back do the back arrow and now you got to go and you got to remove that and then you because you have to select each one manually and then save and then do the back arrow on the flipper go back here remove that go here three and then save it and now go back back and then go in your AP list and you will see number one you see it says selected under it number two says it's selected number three says it's selected okay so those three are selected go back and now attack dooth okay dooth is started and it's going to attack those three that have been selected so that's how you do that guys uh pretty simple that's how you select multiple access points and it is now deing all three of those so yeah okay guys and uh stick around I got some more news coming up and I'll show you that news article about the kid at school that got caught doing the B spam and what was really funny was they had some tech expert they got that supposed to know everything and he knew nothing about it um you know he didn't even know what what the attack was he it's what he actually said was more like what he just looked up online he said oh you can use a flipper to read the microchip in a cat and whatever else but you know it's like yeah they should have talked to me not that guy anyways okay guys stick around More's coming wsnb 4 investigates has a warning about an item on your child's Christmas list it's called a flipper zero and at least one area school has already had a problem with it Debs before investigator Courtney Allen looked into what they are and how some kids are using them for trouble you know they they had a child that brought a gun one time it's why his son and many students bring a cell phone but recently a student brought a device to school that can interfere with that connection that's pretty scary it's called a flipper zero Wilson County Schools confirms a student brought one to school last month and used it to shut off some cell phones in the classroom little thing that does a lot multi-tool device Nashville Tech professional Kyle Greenup says flipper zeros can interact with anything that uses a wireless frequency you could read a pets microchip with this you could read your tire pressure monitoring system with this and that's not all Greenup says flipper zero recently got popular on Tik Tok for pranks like shutting off fast food displays Amazon banned the device back in April since it can be used as a card skimming device green upset says the device is limited and can only interfere with devices within about 50 yards Wilson County School says the student was disciplined adding that their network was never breached oh no we had some high winds this morning and uh came down and found uh the death ray knocked over hopefully it's not the death of the death ray let's go take a look see what happened here let's take a look it's fiberglass it should be okay yeah it's okay let's put her back up I think the worst damage was the birdie let's bring it back up wow this thing is heavy w we have a little bit of damage here oh my fiberglass pole snapped look at that so it's a bit crooked now anyways let's take a front oh shoot look at that bang that in a bit too nothing that I can't fix but uh yeah that's what happens I should have put some weights on the bottom there whoa check that guy out it's okay plane yep that's an [Music] A380 anyways yeah a little bit of fixing we can fix it back up no harm done the death sphere is a little bit busted up unfor fortunately just the Fass pole I'll just cut that piece off and should be all good okay guys in case you guys are wondering what that big plane was well there she is right there the only A380 that flies out of Toronto and that is Emirates and uh so she came out uh out of the airport here and went this is the bank when she's turning that's right where I am right around there and then out over the lake and they stay in Canadian airspace this is American airspace and there they go they do a basically a 180 and uh cuz they flew out of the airport going in the other direction and that's due to Runway conditions and wind why they do that and uh yeah there she goes and uh on her way to Dubai be pretty cool to ride on that plane in first class from what I heard apparently there's even like bedrooms and showers and everything okay guys hope you like that there she is flying away oh you're back you're back for more you want some bread okay hold on hold on come here come here want some bread I got some bread here for you here you go oh crazy hey take it there you go I swear if I open that window all the way up he'd come right inside here they are crazy little things McMahon and McKinnon 14 nothing Bears then the defense which hadn't put up a sack in 12 quarters finally did [Applause] [Music] well if you're wondering what's happened so am I
Info
Channel: Peter Fairlie
Views: 45,950
Rating: undefined out of 5
Keywords:
Id: 3Kr_3OZHy_g
Channel Id: undefined
Length: 78min 32sec (4712 seconds)
Published: Wed Apr 17 2024
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.