Dark

Stealing Data Over Open WiFi

The Modern Rogue
Views 577 146
98% 5 657 114

The data goes... through, the pineapple? *zooms in super-tight on face* *then zooms in super-tight on an actual pineapple* [whispers through squinted eyes] ...through the pineapple.
-----------------------------------------------------------------
Interview with Shannon ($10+ patrons):
patreon.com/posts/24521169
Unedited footage for this video ($5+ patrons):
patreon.com/posts/24821506
-----------------------------------------------------------------
Additional Information
The WiFi Pineapple is sold on Hak5's store
shop.hak5.org/products/wifi-pineapple
www.wifipineapple.com/
How a Wi-Fi Pineapple Can Steal Your Data (And How to Protect Yourself From It)
motherboard.vice.com/en_us/article/pa39xv/pineapple-wifi-how-to-mitm-hack
Websites Visited
kingofmouths.com
spacejam.com
bitchen.com
dustbrothers.com
-----------------------------------------------------------------
Thanks as always to Shannon for making the trip out to record these episodes, you can find more from her at
ruvid.net/u-hak5
ruvid.net/u-shannonmorse
ruvid.net/u-tekthing
twitter.com/snubs
instagram.com/snubs
-----------------------------------------------------------------
Scam Nation: ruvid.net/u-scamschool
Patreon: patreon.com/modernrogue
Discord (patron reward): discord.gg/modernrogue
MR Articles: themodernrogue.com
Outtakes & BTS: ruvid.net/u-scamstuff
Subreddit: modernrogue.reddit.com
Merch: shop.themodernrogue.com
Twitter: twitter.com/modernrogueshow
Instagram: instagram.com/modernrogueshow
Facebook: facebook.com/modernrogues
-----------------------------------------------------------------
Music used in this episode:
"Spacesuits" by Kupla
chillhop.bandcamp.com/album/chillhop-essentials-winter-2017
"Grandiose Soul" by Masked Man
chillhop.bandcamp.com/album/chillhop-essentials-fall-2018
"Vino" by Cap Kendricks
chillhop.bandcamp.com/track/vino
"All Us" by Nokiaa x nofeels
chillhop.bandcamp.com/track/all-us
Most of the music from the show: bit.ly/mrspotify
-----------------------------------------------------------------
This episode was made with the help of:
Brian Brushwood - host -- twitter.com/shwood
Jason Murphy - host -- instagram.com/captainmurphy
Brandt Hughes - camera operator / editor -- twitter.com/gatowag - instagram.com/gatowag
Bryce Castillo - camera operator / live audio engineer -- twitter.com/brycas
Shannon Morse - guest -- twitter.com/snubs

Entertainment

Published on

 

Feb 8, 2019

Share:

Link:

Download:

Loading link...

Add to:

My playlist
Watch later
Comments 80
The Modern Rogue
It’s that time of year again: Mystery Box Jackpot season! Here's how it works: Our job is to make you feel like you absolutely won the jackpot when you open your Mystery Box. Each and every Mystery Box Jackpot always has more value in it than what you paid for it. 100% of the time. And if you’re not happy? 100% satisfaction guarantee! Wanna snag one before they’re all gone? www.scamstuff.com/products/mystery-box-99 We’re giving away a Mystery Box Jackpot ($99 value) to TWO winners of our weekly free giveaway at gimme.scamstuff.com (no purchase necessary, giveaway ends 2/14/2019) Congrats to the winners of last week’s Cutaway Handcuffs giveaway: Laurent Holin, David Guy, and Kristina Zavala (we will contact you via email within the next two weeks)
Eric Reyner
Eric Reyner 25 days ago
@the modern rogue...can the wifi pineapple be connected to a macbook pro
tammy wilson
tammy wilson 4 months ago
That's crazy every time I need to check if the inernet is working I go to the space jam website. For real freaked me out.
joe dean
joe dean 7 months ago
The Modern Rogue I could not take my eyes off her boobs the whole video I love you
93 Films and Media
People are stalking me. I just want to get their cell phone's IP address from my cell phone. Is there an app for that?
Cthulhu Fhtagn
But does incognito work?
Breeham Seday
Breeham Seday 10 days ago
Mate j use socks proxies and OpenVPN vps
Breeham Seday
Breeham Seday 10 days ago
Make sure the socks proxy isn’t a mitm in itself, just make your own proxy server at that point or j use ssh
Dalton Dsouza
Dalton Dsouza 16 days ago
This is useless in todays world, The sites which you probably want to get the data from will be Https for sure and you cannot decrypt that data...
Laurie Limas
Laurie Limas 21 day ago
Wtf
ak samy
ak samy Month ago
I like you
Niko Priest
Niko Priest Month ago
OH MY GOOODDD, SHUT UP AND LET HER TALK AND STOP TRYING TO ASSUME YOU KNOW THE ANSWERS ...the cut off game is too strong with these guys
Niko Priest
Niko Priest Month ago
@The Modern Rogue Okay, you're right. My Bad. I'm Sorry Guys... Just seems like you guys get a little too excited at times. Just something to note for future videos with guests. That's all, be safe.
The Modern Rogue
Hey. Heyyyyyy. C'mon man. Dude? Duuuuude. Be cool, man. You're better than this.
balbinder bains
balbinder bains Month ago
known networks are normally geo sinked so u have to be in the right area
Jeremy Schantz
Jeremy Schantz Month ago
I love when two of my favorite RUvid channels do a cross over episode. It's like when the Harlem Globe Trotters guest star on Scooby Doo
X Faceless
X Faceless Month ago
What laptop does she use??
xd timetoaster Gaming
When schools back in I wanna be that guy who just yells out "ok someones watching porn"
jibril richardson
dude this is Awesome
Ethan Ladwig
Ethan Ladwig Month ago
What is a pineapple? its a fruit
DiscordMarauder
DiscordMarauder 2 months ago
Pineapple is also a symbol for couples who swing
Ojou
Ojou 2 months ago
So i googled 'hotspot honeypot man in the middle' I did not find any raunchy sites.
cyberjack-CJ
cyberjack-CJ 2 months ago
its basicly same as running a "evil twin" and driftnet and ettercap.. you could do that anyway from a laptop and save yourself the money
Maxwell Erickson
Maxwell Erickson 2 months ago
could i use it to connect to people and use their wifi if i dont have wifi? to get free wifi.
lucas 0051
lucas 0051 2 months ago
Coment 1000
M. ALI
M. ALI 2 months ago
Hi anyone here who's interested in hacking, ethical hacking, game hacking, web hacking, just about anything should koin my newely created discord server, my hacker username is TheWeekendHaXOr >:), this is new chat BUT is limited to only 20 people because after 20 people serious hacking will take place, and having more than 20 people will go out of hand. I am a peneretation tester and make a living off of it, this is my hobby, you could learn a lot, and why not? It'll be fun come on! The server will consist of the following discussions: 1.general 2.Hack The Box 3.Sql Injection 4.Hacking software development @t hacking @t hacking Heres the link: @t
Uncle Sam
Uncle Sam 2 months ago
How to track all the diferent "Pings" in the air? Like what she said in 3:30 .
ElectroMine
ElectroMine 2 months ago
“The FBI Wants To Know Your Location”
ChillyFilly Gaming
ChillyFilly Gaming 2 months ago
esp wifi duck gud.
e.ander
e.ander 2 months ago
I would love to set one of these up somewhere and name it "please don't use" and just see if people stay true to the name
Darwin Greenvoss
Darwin Greenvoss 2 months ago
just use an esp8266
Bob Blueton
Bob Blueton 2 months ago
Coke much?
sailingsolar
sailingsolar 2 months ago
This video is like being in a first grade classroom with how immature these two dudes are acting. Why they can't act with a bit more maturity is beyond me. Not judging actually just saying, more power to them. I guess I'm way to old for this channel.
Jomchai H
Jomchai H 2 months ago
MITMF + SSLStrip, now that's evil. And no VPN doesn't obfuscate your traffic from pineapple.
genaro roman jr
genaro roman jr 2 months ago
Stingray/wi fi
Naveen Kumar
Naveen Kumar 2 months ago
Okay, I just wasted my time looking at non-encrypted website hacks. How is this pen testing?
Kevin Matthews
Kevin Matthews 2 months ago
These hacker types are cute, but dangerous.
jmitsch44827
jmitsch44827 2 months ago
A little to much lame comedic action, for me.
Hammerhead Corvette
Hammerhead Corvette 2 months ago
PIAVPN here to save the day
jlink06
jlink06 2 months ago
24:32 lol I died
jlink06
jlink06 2 months ago
Haha
sutharrsan sutha
sutharrsan sutha 2 months ago
can we transfer payload through another devices with wifi pineapple
Luke Pocock
Luke Pocock 2 months ago
these guys need to let their guests actually explain things. too many closed questions, speaking for their guests and guessing. it makes for confusing content. clarification and moderating are great but definitely overdoing it.
Papa Yosif
Papa Yosif 2 months ago
i remember when i did something like this a mitm attack but without the pineapple just for fun to see what my friends were doin on my network and i saw 1 of them looking at 9gag which itself is encrypted but some of their api isnt so it still said 9gag fun times not that anybody cares but still
Daniel Llewellyn
Daniel Llewellyn 2 months ago
Am I missing something or was the last test done on LTE with VPN where the MTM would have never worked? Once WifI is off that attack could not work..... I feel like somehow I missed something otherwise that point made no sense.
Nobody Knows
Nobody Knows 3 months ago
Ya'll are noobs
Joe Tomasone
Joe Tomasone 3 months ago
There are so many inaccuracies about how Wi-Fi works in the first 4.5 minutes that I had to stop watching.
Paul Nikonowicz
Paul Nikonowicz 2 months ago
yea. it gets worse too. They basically just did some basic packet sniffing.
allmagicgy
allmagicgy 3 months ago
Nerdy smart and hot damn she is a complete package.
Dy Ir
Dy Ir 3 months ago
The first time he asked you is when he was using the VPN you said it was working but it still show Dust Brothers and the other website King whatever and then the second time you said it didn't protect him. either way both times it didn't protect him how come you said it did. Especially when he's still connected through u
Hacked
Hacked 3 months ago
K
Matt Mason
Matt Mason 3 months ago
I see she's a woman of culture as well! (Skyward Sword shirt)
Ray Losoya
Ray Losoya 3 months ago
script kiddies...
abed nazarinia
abed nazarinia 3 months ago
nah this cant be done cuaz if scamper have that can see what ever send or receive whats u gonna do when someone else do wifi pineapple ?
Televisionary
Televisionary 3 months ago
0:47 rip keyboard cat
Isaiah .Turner
Isaiah .Turner 3 months ago
Dancing over the line of good and evil lol
dgw
dgw 3 months ago
A tracking pixel and a social integration script are both "cookies" according to this guest… And that's when I lost confidence in her technical knowledge.
144pBandiKam Unregistered
She likes Brian
Ozak Lyan
Ozak Lyan 3 months ago
this tutorial just stole my time
CyZee Is back
CyZee Is back 3 months ago
soooooo nobody's gonna talk 'bout how sexy she is ?!?!?
Gregg Ian Bayocboc
Gregg Ian Bayocboc 3 months ago
If your connected to a VPN, in-between attackers won't see your traffic but your handing everything to you VPN provider. So choose the most trusted VPN. Imagine VPN like using a hose to transfer your juice. anyone watching the hose wont know whats inside the hose, but each end of the hose still expose. so choose the most secured VPN server.
Jake
Jake 3 months ago
Aww thats kind of sad, millions of blind phones all calling out for their trusted friends, no matter how far apart they are. Like a lone aperture science sentry turret stuck in a tube asking "Hello? Are you still there?"
Rort -
Rort - 3 months ago
Just scan for devices already on the network and then you can copy their Mac address and make it yours and connect to the wifi without the verification and you sneak in. Be careful tho it could cause ip collision
Zach H
Zach H 3 months ago
So what your saying is if I want to keep neighbors off my wifi I should name it Starbucks
Dukemaggeddon _YT
Dukemaggeddon _YT 3 months ago
She......is...............SEXY!!!!😳😳😳😳😳😳
3V0
3V0 3 months ago
in highschool, i learned to do attacks on routers to get their passwords back when the technology was much easier to break into. a friend of mine didnt believe i hacked into his router until i changed his password and disconnected all the devices he had on the router at the time. lesson to be learned? no one believes you hack shit until its done.
Gabriel Palacios
Gabriel Palacios 3 months ago
@3V0 Fair enough.
3V0
3V0 3 months ago
@Gabriel Palacios my dude. did you miss that i said this was years ago and that i havent done it in a long time and that security has upped their game? if i didnt im sorry, but im not disagreeing with you here
Gabriel Palacios
Gabriel Palacios 3 months ago
@3V0 Older technology doesn't require advanced methods. Things don't get simpler with time.
3V0
3V0 3 months ago
@Gabriel Palacios while im familiar with that tech, mine was a little more advanced. By the time i learned that, it was patched
Gabriel Palacios
Gabriel Palacios 3 months ago
So you either 1.Logged in with default creds or 2. Went and got aircrack or a similar program to brute forced it because Wifi Security was garbage then. The trick now is just packet injection to deautheticate and grab those packets during the "handshake" and keep repeating till you have an encrypted password and then just decrypt it.
shadowbanned -
shadowbanned - 3 months ago
Goofy feminized, pseudo intellectual, leftist TRASH.... SO CREEPY.... Smells SO awful.... JUST BAD PEOPLE.. SICK EVEN.. MUST BE NAT. SOC. DEMOCRATS
Cmdr Riotz
Cmdr Riotz 3 months ago
What are they talking about in the beginning?
Dave
Dave 3 months ago
Why no TLS MITM Module? Surely this is of limited use without that capability?
Dave
Dave 3 months ago
@Volodumur Kalunyak Good question, I mean it's not like putting an invisible bridge in a network that can capture every packet, including key exchanges, is a secret.
Volodumur Kalunyak
Volodumur Kalunyak 3 months ago
@Dave why no commertial "spy on employee's" product do not use that?
Dave
Dave 3 months ago
@Volodumur Kalunyak No, it works, you just have to think creatively to make it work, which for obvious reasons I'm not writing up fully here. Think invisible bridge.
Volodumur Kalunyak
Volodumur Kalunyak 3 months ago
@Dave why all and every one corporate TLS MITH does full encryption-decryption and NOT use you'r technicke? Because it just DON'T work.
Volodumur Kalunyak
Volodumur Kalunyak 3 months ago
@Dave no. Fingerprints from TLS session initialisation are responsible for further encryption key. Not tampering with that - no way to find key. Tampering - LE signed certificate required, that's require buing domain (LE has to verify who they sign cert to).
Jack Kemp
Jack Kemp 3 months ago
Stealing data over a pineapple.
Alex Robidoux
Alex Robidoux 3 months ago
She hawt, I'd love to geek out w her...
seanpk49
seanpk49 3 months ago
This is the hacking equivalent of a child's coloring book
bitTorrenter
bitTorrenter 3 months ago
These guys are way too excited. Who's this for? The viewer? Doesn't feel like it.
The Modern Rogue
The Modern Rogue 3 months ago
We’re just excited. What are you, our big brother who can handle seeing our joy or something?
chairmen
chairmen 4 months ago
I feel like these guys are pretending to understand
Urban Fox
Urban Fox 4 months ago
Pink boy needs to lay off the coffee.
Aultrie
Aultrie 4 months ago
what if the device is connect with an ethernet ?
Gabriel Palacios
Gabriel Palacios 3 months ago
Then there is no traffic to monitor. This is basically having the device connect to it wirelessly and monitoring the traffic. Any devices connected through ethernet won't be affected because they are connecting to the correct router physically, this device just tries to trick the user to connecting to the wrong device wirelessly.
Nate Kang
Nate Kang 4 months ago
Internet terms are just too explicit... Ping Spoof Middle man Penetration testing
August XIII
August XIII 4 months ago
I5 mz.
opgamer21 opgamer21
opgamer21 opgamer21 4 months ago
hi
judaspreistvlct
judaspreistvlct 5 months ago
Maybe its a sign to stop showing the noobs and script kiddies!!! Maybe create a tutorial for people with a reading comprehension greater than third grade and an attention span greater than a gnat! Apparently, these imbeciles were not even able to understand your video! Hahahahahahaha!!!! LOL!
Gabriel Palacios
Gabriel Palacios 3 months ago
These tools are there to make pentesting simpler, the actual firmware and software behind such a device as this is not that hard to understand, you can do a lot of it yourself. If you understand the shit behind something like this then there is no reason you cant use this device to make your job easier.
Austin Boettger
Austin Boettger 5 months ago
penetration testing
keith glaysher
keith glaysher 5 months ago
Having my wifi hacked for so long now as I didn't understand what was going on & how devious the hacks are I find it difficult to raise a smile over something that brings the entire industry into disrepute, on-line safety? Kid's safety on-line? Online banking? yeah, have a good laugh about these issues then pause & think about what you are doing to PEOPLE end of.
Gabriel Palacios
Gabriel Palacios 3 months ago
@judaspreistvlct Wrong, WPA is not at all secure, a simple wifi adapter for packet injection, a couple of commands, a little bit of patience, bam your in, then you can just packet sniff, toss in a couple more commands and pivot onto easily accessible devices, and then everything is compromised, whether your a script kiddie or not. Programs and modules make it easier than ever for people who don't know shit to make a world of hurt. The most dangerous people are the ones who don't know what it is they are doing. To them it may just be they are throwing a bot they downloaded online onto people's computers after following a tutorial on getting onto a network, to them it may just be typing a command and bring a server to its knees after repeating the bot network process. Script kiddies are dangerous too and should be educated when necessary.
judaspreistvlct
judaspreistvlct 5 months ago
As long as you are not sharing your whole life story on Facebook and you are using wpa encryption on wifi and using tls1.2 or 1.3 on banking transactions, it's going to be completely out of reach of script kitties! The script kiddies are the dangerous ones. They would be the most likely to do something very stupid by draining someones bank account and depositing into their own. Yeah, that stupid. So, you have not much to worry about.
xDUVALxCounty
xDUVALxCounty 5 months ago
Smart girls are so sexy to me..
Bram
Bram 5 months ago
Loving the Pineapple, Cringing a bit bcuz of the them not realizing wtf it is and can do.
i-use-arch-btw
i-use-arch-btw 5 months ago
Just buy a raspberry pi and a mon mode wifi adapter, it’s way cheaper.
i-use-arch-btw
i-use-arch-btw 4 months ago
azainho makahue if you want to learn then learn linux and python 3 first, after that learn a bit of networking and make a lab.
Armando Aza
Armando Aza 4 months ago
Help me out bro, I have no idea about any of this but I need help :(
Mr.Chrome
Mr.Chrome 5 months ago
why dont you use kali lunix
JungleDumplings
JungleDumplings 5 months ago
or use wifi pumpkin with a raspberry pi zero. keep it discrete
w3w3w3
w3w3w3 6 months ago
HTTPS ruins everything haha. Can also get data in the wireless signals using Wireshark etc... Cool hack, but this MTM attack is only really useful for using phishing website/login portal etc as she said, or when you go to facebook/bank etc it redirects to your own version and you get username/password that way. HTTPS gives you fuck all info and most websites are HTTPS these days so you have to try a little harder. I have some homemade hacking tools I made with tutorials on my channel for anyone that cares.
Brian Dunn
Brian Dunn 6 months ago
gogo wifi.... I've called them out on twitter, they are venomous and refuse to fix their crap infrastructure....
torry tran
torry tran 6 months ago
where is that password and username? picking up traffics or links is a piece of cake
Next videos
USB Drive That Steals Files
16:16
Using Credit Card Skimmers
14:42