This is my favourite mobile wifi rig. It actively hacks wifis whilst spoofing wifi aps of cafes, resturants, etc... To capture logins of idiots who use public wifi.
Runs off 3 mobile power packs with a total of 150,000mah and the longest deployment I put it into was 3 days at the bottom of a rubbish bin in the CBD. It even features a fall over wifi adapter and uploads its finds to a chinese cloud server meaning if found I still benefit from the data it collected and no warants for seizure can be iasued to China ;)
It can be remote controlled and automatically attempts attacks on clients when they connect. It attacks APs around it to randomize where it pumps out a user's internet session.
In its standard mode it will spoof two public wifis in the area, connect to someones ap for internet traffic for the MITM attack, and actively attack 1 ap, all at the same time.
>>573477245 General intelligence, I target email accounts mostly. Lots of great account details, passwords, evidence of illegal activity, fettishes, dark dark shit etc in there, ill dox as far as to know if the target can pay a randsom or is a piece of shit and should be made an example of.
Its very rare I go after free internet. Its so readily available thanks to cafes etc...
I have a similar version of this that I will place in a street pit outside the premises, and then another every few houses up the street until I get to a house with a successfully hacked AP if I want to target a specific person over a long term deployment.
>>573477906 I have shared a hell of a lot in /b/ just u didnt know that anon was this anon. This thread is just for this kit only. Happy to share / chat about kits and ideas here. Dumps will be in another thread unrelated to this ;)
>>573477940 Its pretty bulky yes, and heavy. But fits well into a backpack. Ive played with less cables, squid leads rather than a powered hub, etc... But you dont want brown outs on ur pi, and running that many adapters needs a powered hub anyway. Tl;dr; shes shes bulky and heavy, but its for a purpose, maily power.
>>573478425 Its all basic stuff, pi for the brain running kali, a powered hub, google best wifi adapters for wifi hacking and buy a bunch of them. Use high quality cables (it makes a difference) and buy as many external power packs u think u need for a deployment, however dont buy shit ones and dispose of them before they get old... People tend to notice you backpack catching fire...
As for scripts, its just making all those little tasks (wifi hacking, fake aps, sniffing, sslsplit, bla bla) working at once, just build on it one by one
>>573479046 all you need is a bog standard rfid reader. then either sell the strip data on a carder forum or write it to old key cards(or go the extra mile and buy blank cards) write the track data to them using a card writer (easiely made with a cassette player read write head)( or niggered from a hotel) and use in a credit only capacity unless you can get their pin(shoulder surfing) ;) some men want to see the noodles burn
>>573478740 Ah I see, yes I have considered a enslosure, however in this design it lays out "vertically" nicely in a narrow compartment, that way if im asked for whatever reason to open my bag no one sees it (usually security is happy with just a quick peek in the main compartment)
They are lithium ions haha, I have to be careful about heat, ill put a frozen freezer brick in a neighbouring compartment in summer haha
>>573477096 if you want a more reliable compact rig anker sells amazing batteries that i prefer. also two wifi pineapple mark 5(hak5 sells them) can do all of this and more with less complication and more discretion and with a high gain yagi antenna you can get hundreds of access points in range(obfuscation my hacker friend)
>>573479046 Dont bother with currency hacks if your in a developed country. Ur police are too good. Its so easy to make up cc numbers, but the ccv not so, near impossible. Buying and selling paypals is stupid, buyers are 12yos, they get caught and rat u out and ur done. Older and they are finding their own.
Only exception to the "avoid currency" rule is BTC.
>>573479786 Great question ;) 1) disable WPS on all your devices!!! And if you do test hacking into it using a reaver attack. Some devices still accept wps despite it being disabled in the admin panel.
1a) always change the default admin password for ypur router. When I hijack a wifi ap, the first thing I do is change the admin password. This way even if you figure out your hacked the only way you can regain control is to factory reset which also deletes my activity logs which is really nice ;)
2) use a vpn when outside on a public wifi. No expceptions! That way if im sniffing ur ass I wont be able to see what ur actually doing, ill see packets but its all encrypted. Stay away from ssl based vpns (like sstp) because I can do sslsplit attacks on that.
3) never use IE. its like.microsoft Wants you to get pawnd. Chrome and FF are just as good / bad as each other.
Lastly, if you wouldnt yell ur secrets out loud in public, dont do the wifi equivalent.
>>573481012 basic networking, the device connects to the ap(hacked or non) then deauths all connected clients the normal setup has they reconnect to the same ap but instead they connect to the device which is routing its traffic into its own ap disguised as the authentic ap and while this happens he sniffs the traffic for cookies passwords usernames etc, then if he wants a little bit more of a payoff he performs a pr atack(password reuse ) to find other accounts from the user which he might not have collected gains private info on the person launches a blackmail campaign, or sells their private data
>>573480041 Ah it was just broken and I have not fitted another to it ;)
Btw /b/ros, I ALWAYS wipe down the enslosures and cables with metho properly before placing one in a ling term deployment. Ocasionally police do find them and you dont want dna or prints. Never handle the pi circut board, try to buy it with the enclosure already on. After cleanin a pi and case I put it all into a zip lock bag for transportation and then when I deploy it I take the zip bag with me.
and just as a followup to >>573480145 i'm not op but my rig paid for itself in just 6 days of operation. total tools cost me about 500$(keep in mind i live in a relatively big city) i'm saving up to start a legit business in the future. >>573482059 never thought about that contingency plan i'm gonna use that :D thanks op.
>>573481340 also if you want another trick look into card skimmers easy to make (20$ parts from radio shack at its easiest) schematics are really easy to find . tho keep in mind i found that newer machines have a small emp device built into the card acceptance slot that jams skimmers i found an easy way to beat them tho..
just include a foil shield on the back connected to a ground (virtual preferred(since there isn't much metal on the screen of an atm)) card capture rate is still decreased but it works
riskiest part of these is picking them up to collect the data if you want to spend alot tho you can include low voltage wireless systems and collect them from a distance
>>573483534 preach it bro, so many people say" i wanna do the cool stuff" but when you hand them a book on circuit design or basic networking they say" fuck that i want like in the movies" but it all boils down to knowing the easy stuff(the stuff they skimmed through) better than the good guys XD
>>573483891 i mainly do card work my last big score was because the company hired to do networking for them left a default admin password on a couple of their clients systems so i funneled a lot of cards to my bro in russia he's selling them off and dumping my share in a safe location. i know its risky but all i do for a living is fold sandwitches. at least for now but i have big plans.
that is the reason i never get caught i don't sell the cards he does he gets a bigger share for the higher risk but 7 cents per card adds up quick.
I'm coming at this from the other side. Trying to explain just how easy it is for someone like yourself to do this shit.
People don't get how much money can be made through their information. My network is locked down and I always check logs/change passwords and people just assume i'm paranoid but because its so easy to click on CP or other dark shit without knowing I take no chances.
I've just been reading this thread and would like to say what a stand up guy you are. A lot of people who make this type of thread are the arrogant sort who enjoy flaming and criticising the newbies who are willing to learn.
Anyway, I am going to London next week on a business trip and will be spending a lot of time hanging around in hotels.
I already have a laptop prepped with Kali but haven't had a chance to play with it yet.
What sort of things can I be expected to achieve and do with it?
>>573484643 Ok, how are you going to transfer that monet without records? If youre using a foreign bank account how are you going to get it? What identity will it be under? How will u make that identity?
You would naturally transfer to a country without extradition rights, but that country will still call them, and whilst they wont give the money back do you really think they will leave it there for you? Haha You choose these countries because they are corrupt but if they find out the money is stolen they will steal it from you! Also Money is way too easy to trace.
Not worth it mate. And the money from what I do isn't so little
>>573484643 the problem with that is getting the money into a usable form yes a fake account will hold the cash but the government watches shit like that to see where the money comes from and where it goes i know a way of safely "cleaning the money" as it were,
this requires a number of compromised accounts all over the world (easy if you are serious about it)
what you do is shuffle the cash 5 dollars here 10 there into and then out of the accounts you have controll of after enough different hops into enough different banking systems it becomes adequately hidden so that no one can track it (make sure it ends in a safe country like china or switzerland ) then all you need to do is set up a shell company or investing group(easy papers to file) and "invest" this money into well anything that would benefit you (use you're imagination ;D)
>>573477096 Coming from someone with limited knowledge in this. 1 - Why is WPA bad? I thought WEP was the one with the shit encryption. 2 - How is it possible to bypass SSL / TSL stuff...i thought it was end to end encryption so you wouldnt be able to see the packet details. 3 - Why are SSL VPNs bad? 4 - Where can I learn how to do this?
Why would I bother with all this technical stuff? >set up faked-identity-paypal (set up fake e-mail / connect to paypal only via VPN) >goto random chatroom >pretend to be 12yo >attract a pedo >social engineering for contact data >reveal plot, threaten to expose him >??? >Profit
>>573485354 I have 5 of this "class", abt 20 repeater nodes (which I place in street pits - raspberry pi based), and I have another which connects voice copper pair converting calls into mp3s (it even as a dsl filter built in to prevent breaking their internet! - Arduino).
I own a telstra uniform and have big magnet stickers I attach to my car to make it look legit when fucking around in pits. Even the safety markers and everything. All helps with the game.
I also use gps loggers (arduino based) that I tack under cars, good for cheater jobs. They sync data over wifi when I drive past the car. Don't use a 4g hook up! Easy to trace to u if found..
All the usual wifi stuff, but get a room facing a lot of "things", buildings and the like, bring a directional antenna and see what you can pickup from your window.
Also get a bluetooth dongle, and do some bluetooth hacking. Heaps of executives in hotels with their trusty old blackberries which they don't update because they don't know how and bluetooth is always on because they love talking into hands free.also because they are so Non IT I've had success with calling my device "handset" and just soliciting a connection - the idiots accept it!!!! And they know to use 0000 or 1234 so just keep trying if it doesn't work.
Also older technology hotels that had wifi early on probably run everything on that same network, you'll be surprised what u can access if you play around with packet sniffing.
>>573486594 Cash in a paypal account is fine. Tell me how do you spend this cash in safety?
You can't link it to a bank account, can't buy shit on sites. Sure you can get a P.O box and have it sent there but if the cops are watching your paypal they'll watch everything else.
Scammers who don't get caught don't use paypal. They may steal paypal accounts and sell info, grab the cash and turn it into bitcoin etc but you'd need to set up one account per person scammed and that means a bigger online footprint and more chance of getting caught.
>>573486761 easier then that you can build a handheld system using a disposable flashlight atached to a magnet coil (think basic emp) that triggers the coin or bill acceptor free anything that comes from a vending machine( i built mine small enough to hide in a pack of smokes) just push a button and the machine registers a bill (slot machines included)
I love 4chan for this very reason. You can learn how to do all kinds of legit criminal shit. In my years here I've read threads on how to steal cars, pick locks, hack fucking everything, launder money, dispose of a body, manufacture drugs and weaponry, and make amazing food with weird methods.
Anyway, thanks for the awesome thread OP. I will now make sure to NEVER use wifi when I cannot 100% identify the source - which I kinda did anyway but now I'll do all the time.
>>573486761 Hahahaha omg vending machines are the best. And one of my first hacks ever as a kid using salt water lol.
Most now days have Ethernet hookups, wifi (unnamed ssid) or 4g. Don't touch the 4g ones myself but u can have a bit of fun with the wifi ones. There was a utility doing the rounds not long ago for the coke ones which would let you change the prices of shit and change the inventory settings.
While I'm thinking of it, I had heaps of fun uploading new images (porn of course) to the Westfield advert displays, they use a usb at the bottom of the device
With different sites (eg gmail, facebook, live mail, etc) using double verification such as text authorizations, intrusion notification, and multiple, random security questions, can you bypass those security checks simply by using packet sniffing and obtaining passwords?
Does it usually help to employ such countermeasures?
There is generally two networks, a public and a medical. The public wifi is good because people stuck in hospitals will do everything from banking to work logins. The medical network is generally authenticated using ID numbers easy to get off charts and correlate with email addresses. Obviously medical records being the money.
>>573487056 but anon, it's simple buy bitcoins. And nope, there is no such thing as online footprint if you use nothing but encrypted or anonymous connections. You are simply one connection, in a vast ocean of connections that has nothing to do with this connection from the other VPN.
I don't use any social network, I never used my name online and actually google my name bring up nothing of relevance as well.
Plus, I'm not american and my country has shit tier online-surveillance, let alone laws for online crimes. We are not part of the NATO pact, so not even interpol could give a shit.
>>573488136 Hey :) if you already know all that then u can probably do enough to get started! Bash scripts are 90% if you're not making your own tools. Most of what you will do in this space is "workflow " which is basically "do this until this then past that result to this, crunch that output to this then log result".
Otherwise the language doesn't really matter much, I've seen some mind blowing shit written in fucking Php!? I mean Php!? Really? Lol but python, perl and "C types"
>>573479675 Wrong, RFID chips contain a proof of work, any data you "hack" has a paired key that is used for every transaction. You may be able to copy a card but you have to use it before the other person makes a transaction and thus changing the key
>>573488645 While it may be simple to look up the answers to security questions for public figures (seriously, Sarah Palin got hacked because she used where she met her husband and the answer was on wikipedia... what a fucking cunt... anyway) in obvious locations, people such as myself - because I've seen too much shit on the internet in general besides 4chan not to - don't leave those answers lying around in plain sight. I tend to use obscure nonsense that could be cracked with a dictionary, but not if you're playing a guessing game.
>>573488912 i dont like old people way i see it is less there are the better also small tip about hospitals the laundry room is almost always on the ground floor. the door is NEVER locked and the staff rotates so frequently finding a uniform is simple . you know just saying in case you plan on something big
>>573488912 ICUs are pretty scary right now in general. The medical device networks I doubt get attacked often (not exactly valuable, and obviously can kill someone), but I've sniffed around hospitals and it is amazing what you'll see on nmap. Also the devices are normally named their model numbers - oh and somtimes the ethernet ports are labelled to their corresponding IP address.
>>573488976 omegle, stickam, chat-roulette, and a couple of older ones that I will not provide since they feature my regional language. for cam-chats you should prepare several loops with little girls that type on their keyboard. Dunno why these retards still fall for it, given that most origin from publicly distributed sources like youtube, google, etc.
>>573489123 well i dont know if you have checked what is on those chips but it contains the strip data in plain text all you have to do is read the rfid once and you have enough data to mint a new card not cnp ofc but then again that is another hairball entirely
this is how i make most of my money i think i know what i'm doing
>>573489250 Yeah, but, you're really an exception rather than the rule. Security questions are normally fucking terribly bad. I have a feeling that loophole is going to be closed up pretty soon though, as more people are aware of it.
A bit mistake people make is using their main email as a login for things like banking. Don't use your public email as a login for anything - use another one.
>>573489453 nothing is impenetrable. It may take some time, but every information can be tracked to its origin eventually. You can hide as much as possible, but when you just deal with pedos in their mid 40's that have a career and family to lose, you don't have to give a fuck about security too much. And unless they send some crooks with skills in my direction, every legal attempt to get me would run into a brick-wall and the case -along with the revealed pedo- would be dropped out of the window eventually.
Hi OP, newbie here.. I got my kali dualbooted with my ubuntu... Can you tell me what to check out, what videos to watch, cause all i see on youtube, google etc. is "wireshark" and "airmong" And another question what should i buy first in the budget of 100$
>>573489729 I use up to five email accounts every six months and rotate my information on the more sensitive sites at the same rate. Passwords get changed around twice a year.
>>573489840 My passwords usually are random junk strings. I try to use easy to remember things like dates and the initials of people I know and don't know. Mnemonic devices are such a great memory tool.
For example r2d5j08 is something you can use and is memorable for being Robert Downey Jr's initials and the day the first Iron Man movie was released.
I thought almost noone is still doing wifi hacking. It was quite funny in the time of WEP encryption.
I also did some wardriving many years ago. Had a lot of stuff. I built a PC into my car, it had one of the best WLAN cards in it and also used an external antenna. The antenna was mounted outside of the car, together with a GPS receiver for position tracking.
This stuff is still somewhere in the house, but unfortunately I did not have time to use it in the last few years.
Best thing to do is start with wifi, hack wpa using wps attacks. No particular one video or guide is ever right for what you specifically want to do usually, when I'm looking into something new I usually watch a bunch of shit on the subject from different angles, I also always hack my own gear before going out into the world. You get many tries on your own gear but maybe only one out there...
Get used to all the tools in kali, learn to sniff, scan and most importantly what the results mean and how u can use them. It's a lot like learning multiplication at school but once u have slaved away learning the timetables someone gives u a calculator to use.
Once you understand the theory well enough you can use the tools properly and more efficiently.
>>573482897 Since OP used the term "rubbish", I would say he's a Britfag. I can see that he has some passion about what he does, however a thief is a thief. If I ever caught someone doing this to me, I would cut their fucking nuts off and stuff them down their throat.
>>573491275 thief is a strong word, there are people in this world who have been handed all they have i'm not op but i feel i am taking back what life has refused me, i had a tough childhood and i made the mistake of thinking life would be fair if i was a fair man but then i realized an animal wont hesitate to eat you just because you didn't try to eat it.
so now i'm going to chew up the world and spit it out no matter who i hurt on my path.
>>573490859 I reckon u could hack your first wps router in a day, but you would be skipping a lot of theory along the way.
Unlike a degree in uni, IT be it white or black is a lifetime of never ending learning. I still don't know shit that I'm sure so many others know. It's all about what interests u and how quickly u pick it up.
Everything in my pic isn't complicated on its own, it's joining all the theories together that is the part That takes time.
>>573492392 How so? You've made him pay, you've profited, and you can be fairly, although not completely sure that he will stay away from it from now on.you could even throw in a warning about watching him and going to the cops next time.
I like it a lot, but some stupid fucks I know do the exact same with a BlackBerry phone, which is more compact, has a longer battery life as it activates the wifi router to upload to the diversion instead of the pi you have. Also once activated it forces bluetooth as a stealth capability if available. And its obviously ip obscured becuase a cell operator does not have the host ip adress records of a normal isp. Best part is I am going to slit their throats for thinking I am so stupid. Active range 30 meters
This may be a really stupid and annoying question for you OP but, how did you start into hacking and shit? I learned how to remote install keylogger, RATs and other similiar shit but still don't really know what exactly would be the true hacking (or how do you call it, dunno)...
sometimes I lurk hackforums just for fun but almost everyone just want to make cash..
>>573492689 astable by design magnetics like this work best pulsed with definite high and low sags(non sinusoidal) the 555 is to alter the frequency of pulses the pot being bound out to itself to function as a variable resistor in the feedback but it can be modified if you want to use it for something else
>>573493036 True hacking is writing a keylogger that gets activated from an anonymous post in here and gets spoofed as a news site rss using lua. Also if you feel brave then install windows 2k on a video card, cache its memory to a small partition and run an entire hardware system as your hypervisor. Fucking newfags
Even with a reasonable lengthed password it provides no benefits, only disadvantages. You take a memorable random phrase 2-4 words long, you salt it with a memorable personal date/numbers, you throw in two symbols and boom. Something that is effective and easy to remember.
Why the hell are you advocating pickling someones brain with something that LastPass does?
I guess a good example could be CPR and defibs, once it was viewed as a skill of a doctor, but now anyone can do these things with their current skills and tools.
I'd say you're a "true hacker" when u understand what the tools your using are actually doing for you and you can see "beyond the tool".
All thread we have just been talking abt illegal hacking for profit. But I've also done heaps of work for business and corporations haha even police actually. My first white hacking jobs was finding APs with exploits and offering to fix them. Latest gigs have been redesigning networks for security. You don't have to be the bad guy if you don't want to, but the pay is better if you play in the dark haha
Not OP, but when I was younger there was some great resources since there wasn't much to financially gain (I'm pretty old).
Check out conferences: Def Con is good, I go to that annually in Vegas.
There is no one method of hacking, it's more a mindset. A lot of what is being described here as hacking, is actually more 'cracking' - the distinguishing characteristic being that it isn't just for education - it's for financial gain.
Most people are 'gray-hat' ..existing somewhere in between. A lot of early hacking was more vouyerism.
>>573493671 >>573493878 so, the question is, where should I start learning? I know that there are e-books but I'm not really sure about them... I just want to learn the basic of hacking, nothing more (maybe?)
Something like "yeah, this chick looks great, know her facebook and email, now it's time to hack to her computer".. "hack".. i know that it is possible with RATs but don't know if I should try to use DarkComet or something else...
>>573494214 You know though it's weird, ur employers always suspect that blacking is where you get your skills. And it can have interesting results, I have been approached before by employers to perform offensive work for them. If this ever happens to anyone it's up to you if you take the job, but just remember you loose your anonymity by doing so. Personally it's too high risk having a civilian knowing what your doing. They might crack if there is ever pressure.
>>573494536 Start with the os, and then what interests you. Then work backwards until your at a early enough point where you understand what's going on. Always start on your own gear, don't hack something public until u are pro. You don't wanna mess up.
If i live in an apartment with lots of other wifi with WPA protection, how do i get their password? I wanna login to this Gigabit wifi network in my apartment just to play around with the person's internet speed
>>573494869 >used to know a real hacker, pretty major guy >could never fit into the world >started selling research chemicals on silkroad >got wind that feds were closing in on him in a real way >od'd on heroin on purpose
Fetishes are embarrassing only to the person who has it. Just a foot fetish can be enough to score a grand or two, depends on who they are, how personally embarrassed they are by them selves and what they stand to loose (reputation, family, etc).
I threw Fetishes in there earlier only because I remember a vic who was into beastiality. Generally I leave ppl alone in this area too, it's not something u should be punished for unless it's messed up...
Define "messed-up". Are you trying to judge people for things you disagree with? You can't expect to get away with being a fucking white knight because you don't agree with something that someone else does or likes. You're a disgusting faggot. Kill yourself.
>>573495920 wasnt that big a crime as far as card breaches go it is minor took less then a day and all becaus someone left a default pass. if i was willing to assume more risk i would make more. but instead i gave the big chunk to the friend taking all the risk
i count it as a success and the account will only grow
>>573496767 the one with the balls on it is a yagi it is a highly directional as in point it in a direction it could get an ap from a mile away in the rain(slight exaggeration but still) the other is your bog standard dipole antenna
also fun note most big institutions use yagi antennas like this one and with a basic ratchet set you can get one for free ;D
>>573497437 humans are just animals seeking to fulfill primal urges it may be sad but it is the real world claiming it is wrong is ignoring the fact it is still common it always has been and always will be
humans are walking bags of meat that can form thoughts there is no difference from harming a person or crushing a bug, you dont stop to worry about the lesser beings you harm, why are humans exempt?
btw you ever find yourself in a position where a freelance profiler would be handy, give me a shout. i been watching Scorpion and i want to get in on some of that hacker nerd genius troubleshooter dream team action lol.
>>573482059 "Your majesty, if i please the court you can clearly see that i'm the good guy here, i snitched on all those pedos, those sick sick pedos, the closest thing our worl will ever see to genuine supervilliany, and i stood up to them, for the kids, i'm a hgero i tell you."
>>573497728 True, I can't argue the stepping on a nt vs a human point. But we are far more intelligent than other animals, we have true reasons behind why assault is wrong and the impact it has on our race. That intelligence doesn't allow us to claim the ignorance our animal breathren can.
I really do give "wrong" a massively wide birth though. But every person has to have morals they live by. I've chosen mine and I feel they would be not necessarily agreed to but understood by most people.
>>573494694 I had the same, someone ows my employer a couple mill, they asked me to fuck them over. I said straight I dont even fuck over my hot woman's phone. Some people will make you eat their shit, but if you can be their dog, they will make you feel like you are worth something
Please support this website by donating Bitcoins to 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5 If a post contains copyrighted or illegal content, please click on that post's [Report] button and fill out a post removal request
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site. This means that 4Archive shows an archive of their content. If you need information for a Poster - contact them.