Got my wifi adapter and broke into neighbor's wifi network
Guess what!
The password was his name + his birth year :/
sammy1990

Too weak 😎
(My manifesto does not allow me to use that network anyway)

Ok amazing cool

Send him an email

@Linux for what?
Mentioning the weakness of his pass?

@bigus-dickus is it part of pentesting?

@R1100
Yeah, leave a letter xD

@CoffeeNcode it's just difficult to refuse a challenge

@Linux don't have his mail address 😞

@CoffeeNcode it's scary!
What if anyone sees me when I'm sticking the letter behind his door?

@CoffeeNcode well yes!
You got me!
Plus there is no way he can understand that I was sniffing.

@bigus-dickus so you would know if anyone else is using your traffic?
Clever !

@CoffeeNcode come on !
I'm not trying to prove anything
Found weakness, performed attack
That's all

@CoffeeNcode why not? 😁

@CoffeeNcode if I write that letter to him is it over? 😁

@bigus-dickus can I implement this system on my own router?

@CoffeeNcode as I said I disconnected immediatly.
I must think about braking into the apartment's security cameras first then.
Or simply wearing a hoodie 😁

@bigus-dickus i can still fake my mac and I can see your mac as I'm sniffing.
What next?

@bigus-dickus you mean each defined mac can only connect to a specific port?

I'll reformulate for future people seeing this thread:

- a Kali program did the hosts discovery
- a Kali program found the key probably through deauth attack and catching the handshake vector or even by brute forcing considering how weak the key is

Necessary skills required: opening a terminal and copy/pasting like 5 commands.

Edit: and of course buying a 2.4GHz adapter that supports packet injection

@deodexed u got it 😁
So u think I'm a script kiddie?

@R1100 what I think is irrelevant I just informed people so they don't get the wrong idea you can do as you please as far as I'm concerned.

@deodexed Or using your own netwotk card. Did you mean monitoring, not injecting?

@deodexed well , as most of the guys here are expert it's okey i guess.
Plus, hacking wifi is nothing very special these days.

@Mitiko monitoring is widely supported by onboard hardware but packet injection (used for deauth if needed) often requires external hardware.

@bigus-dickus very common in free hotspots

You used rockyou right?,it's old small and sexy.

@canonbolt nope
aircrack-ng
airmon-ng
aireplay-ng
airodump-ng

@R1100 default list of aircrack ng is nearly similar with rockyou.

@canonbolt is it available for kali?
I'll give it a try

@R1100 rockyou is wordlist that you can use with aircrackng while cracking key and you can download it from internet and also its smaller.

@canonbolt oh! Now I remmember!
Yes! I used rock you 😁😁😁

@R1100 I think that we should make one discord server or group with people who likes cyber sec.

@canonbolt that is one GREAT idea!
Sec rant maybe 😁

Lesson: never get to know your neighbours

@electrineer why?

@R1100 so that they don't know your personal info

Change their SSID to SammySexyPants or whatever you find appropriate. If you can guess the admin password too, that is.

@electrineer well when someone knows your wifi pass , he can sniff trough yout network and listen to your unencrypted traffic such as web sites with http instead of https.
There is no PRIVACY !

Posting about successfully following common YouTube videos
while asking how to sniff a car remote in other rants.
With this attitude I think you :
1. are in the wrong community
2. have no respect for property of others
3. are on the wrong path anyway and should watch your Karma :)

@marcom maybe or maybe not :D
But honestly,
I just have a curiousity to know how things work and how they can be bypassed.
Just seeking adventure.

@marcom plus the community is right I guess,
I have some other posrs about programming too 💻

And my manisfesto doesn't allow me not to use such network 😂

@R1100 I think wifi is supposed to be more secure than that. There is a specific handshake that occurs when you connect. Your data is not encrypted with the logon password.

I didn't read all the comments here, but yeah.. ethical hacking is okay, and breaking into your own networks (hostapd, second AP, whatever) for research purposes is okay as well - I'd encourage it even. But breaking into shit from others without their permission is illegal. The fact that you can, doesn't mean that you should. And as the Kali motto says.. the quieter you are, the more you are able to hear. Don't brag about illegal shit because it could get you in trouble.

@Condor u ate 100%
I'll go hack my own ap for 1001th time

@R1100 in that case, why not learn something else next? But I'd like to stress that you should only learn penetration testing for the purpose of redteaming, bug hunting or getting hired to pentest a company network under their permission. Breaking into shit from others without their permission is illegal. Even bug hunting is risky business already even though it's legal. So you don't want to risk more than even ethical hacking already does. I'm only saying, breaking into someone else's network isn't worth going to jail for.

@Condor u r right.
I'll go less risky

@Condor but we can do that for educational purposes only.

@AhmadIshaq Hacking a local setup for educational purposes? Most certainly. And once you become a professional pentester or a bug hunter, you can do it at companies (with their approval!), show them where their weaknesses are and gain big money. That's essentially what a whitehat hacker is. A security professional. And when you go in teams for professional tech companies that need permanent scrutiny, it's called blueteaming (defensive) and redteaming (offensive). Sometimes there's also a purple team that takes care of the communication and sits on both sides. Essentially you're then using your skills to break into stuff but letting the company know as well so that they can improve it. That is a very valuable skill.

Oh and one more thing.. even when you're hacking a remote setup, you'll want to do your recon and try to replicate it locally first. The better you can replicate it, the more precise you can make your hacking strategy within that local, safe environment. In that local environment you can poke around as much as you want, in the remote you can't - or just enough to show the vulnerability if they have a bug hunter program running. Otherwise.. well I won't say that you can't break into it because obviously if you've got an exploit you can, but I do not endorse it because it's illegal, so you shouldn't. And I don't want to get into trouble either, I've frankly had enough of that already in the past. Jail isn't a fun place to be in.

@Condor I'm a network Pentester and I understand risks though I'm not that professional in my field and still learning but that's really nice of you to guide like this.

@AhmadIshaq Oh, nice! I've quit the pentesting field a few years ago (kinda lost interest into it) but yeah there's been a thing or two that I've picked up over time from my hacker buddies (whitehat and blackhat alike, I don't discriminate).. most important one that I've ever heard that applies to greenhorns and greybeards alike, is that curiosity - the desire to look and poke around in systems - is extremely important. And that is not a learned skill. Here it's something that I got at age 9 - the first times that I opened up small electronics devices and around that time "hacked" my first Windows XP machine too, out of sheer luck.. and, well, curiosity. I switched the PSU off, thing booted into safe mode and oooohhhhh.. I'm admin now :3

To this day I still have that drive. Warranties? Fuck them. Every time when I buy a new ${whatever}, first day of purchase I'll open it up and see how it works.. most appliances are quite simple in their working behavior actually! And once you know how things work, you can overchooch them, break them, make them behave differently, whatever you want really! :)

@Condor yeah that's the point curiosity is everything. Same is the case with me i have been using computer since I have opened eyes 😂.

The first think I did was I bypassed my windows pass and hacked my sisters fb I'd (though she was mad at me) and it was really fun and now I'm totally into it and hacking electronic devices fascinates me too.

By the way why did you loose interest in pentesting?

@AhmadIshaq Mainly because it takes so much time to stay up-to-date with the latest vulnerabilities, as well as me having had to invest a significant effort in order to sort out a few hundred chaps (and some lassies) that were the real deal, from the vast majority that are just.. well, fools that want to huk their boy-/girlfriend's Phasebuk or something like that. I'm sure you've seen them as well.. they're cancer. I got kinda sick of that. So from security I got into system administration, something which recently I started to lose interest in as well. Nowadays I'm more into electronics.. I'm pretty sure that that'll be temporary as well. From there on, who knows which other technological spider will bite me next?

@Condor you are right brother I'm sick of those cancers too and whenever someone asks me to huk someone's Facebook I'm like I'm dumb I don't know anything you better fuck off.
By the way brother you are going absolutely right a Pentester along with sys admin better know how to secure the system. That's a pretty much good combo. I'm interested in the pretty much same subjects as you are. Pentester, sys admin and electronics 😅.
I just try to learn as much as I could do.

@AhmadIshaq That's great to hear! I'd love to learn more about your projects as well. Limme sub to your rants real quick :3

@Condor as I'm a uni student so it's difficult for me to carry along this stuff all I have to do is sacrifice my sleep and that's not a problem for me 😅 though Im working on a project and have written some hacking tools like keyloggers, wifi cracking tools, hacking scripts etc (some old mini projects) but haven't posted on git my bad laziness 😅. Will update soon. These days my focus is on writing exploits of my own.
By the way I run a cyber sec company.

@AhmadIshaq Wow, looks like I've underestimated you then! My apologies for that. This is very interesting indeed! I particularly like your mindset of developing your own tools in favor of the existing ones. I really think that more people should be like that. Considering that they're probably your private collection right now, I mean.. publication will likely mean that Kali, Parrot, BlackArch, Pentoo and the likes will add it to their distribution because of that "look how many pentesting tools we have!" dick measurement fest.. personal peeve of mine.. which could introduce some valuable exposure. I don't like the guy one bit, but that's how that guy named Somdev Sangwan aka the Phyton Lord got his (IMO undeserved) fame, and it seems to be working quite well for him. Otherwise, I'd say hang on to them! Having a private collection of your own allows for personal workflows which are valuable in their own right.

@Condor thanks for appreciating brother. Yeah you are absolutely right at least my viruses are not blocked by the firewall and antivirus. This is what helps me in most of my hacks. I'll probably be keeping them. Though I was a black hat and a bit now too but now I'm using my skills to help companies and organizations to be secure.
My first consultancy was to my own uni as their whole network was compromised by me. 😂

@AhmadIshaq Yeah, I just took a look at your website and I gotta say, quite an impressive portfolio! Web servers, network, mobile applications, assessment, resolution, hardening, … pretty much the whole 9 yards? I keep on getting impressed time and time again. Honestly I only know my 101 in servers, networks, resolution and hardening but not applications.. I'm not an Android dev or even a dev to begin with... So yeah. As for those viruses.. especially those, hold on to them. Once the virus scanners get a hold of them, they'll likely become useless. How do you get a virus to bypass a firewall though? From my experience, firewalls are pretty static in their operation. Perhaps you mean an IDS?

@Condor thanks brother. Yeah I was pretty much talking about IDS not firewall my bad 😅.
As I said I'm too not that much professional in my field though I'm trying hard but you are pretty much good with your interests and field and I really liked that. As our interest syncs 😂.
Secondly interests and dedication is what matters. Good luck brother

@AhmadIshaq Thanks, and same to you :) best of luck with your career!

@AhmadIshaq wow!
You are my dream man !
I try very hard to keep update with zero days but still don't havemy own private exploits .
Just tell me something I follow to reach the state you are in.

@R1100 thanks for that man. Dream man 😂
There was a time when I know how to use exploits and I was tired of using exploits of others. So I thought why shouldn't I have exploits of my own. So first I choose the proper languages for exploits like perl,bash and python. And then I went for the proper resources which were focused on exploitation and then all it takes is effort, practice and dedication.
I not that much pro though I try to solve a problem or hack something the way I like and I'm still learning.

@AhmadIshaq cool !
Thank god I know python and bash already but should work on perl .
I'll try double harder as you say 👑

@R1100 yeah as most of the exploits are on perl because it deals with server and networks in a pretty awesome way.
And what I bet is that in no time you will be writing exploits of your own.

@AhmadIshaq thanks ! I'll go perl from NOW ✌

@R1100 good luck then 👍🏻

@AhmadIshaq

#Perl v5.18.2

print "Hello World!\n";

@R1100 😂😂 doing well 👍🏻