I Made a Wifi Cracking Van
Summary
TLDRThe video script discusses the importance of Wi-Fi security and the risks associated with weak passwords. It highlights how easily default or predictable passwords can be cracked using tools like the cenator password stealer. The video also explores the evolution of Wi-Fi security from WEP to WPA 2 and WPA 3, explaining their vulnerabilities and the methods hackers use to exploit them. It concludes with practical advice on creating strong passwords and setting up separate networks for different types of devices to enhance overall network security.
Takeaways
- π Many people still use default or easily guessable Wi-Fi passwords, posing a significant security risk.
- π A dedicated password-cracking device, like the cenator, can crack simple passwords in seconds, potentially allowing unauthorized access to network resources and illegal activities traced back to the network owner.
- π Wi-Fi security has evolved from WEP to WPA 2 and now WPA 3, with each generation improving upon the security flaws of its predecessor.
- π WPA 2 introduced a four-part handshake process to secure connections, making it more difficult for attackers to intercept and crack passwords.
- π‘ Hackers can exploit weaknesses in WPA 3 by targeting devices that don't support it, forcing the router to fall back to WPA 2.
- π Modern hardware, such as GPUs with thousands of cores, can significantly speed up the password-cracking process.
- π Despite the availability of strong password options, people often choose predictable passwords that can be cracked using dictionary attacks.
- π Isolating less secure devices on a separate network or guest SSID can help maintain overall network security.
- π Routers often have the option to limit networks to WPA 3 only, enhancing security but potentially excluding older devices.
- π§ Network segmentation, such as creating separate networks for IoT devices and guests, can greatly improve home network security without additional hardware costs.
- π Education on network security and using tools like VLANs can further secure home networks beyond just strong Wi-Fi passwords.
Q & A
What is the major security issue with using default Wi-Fi passwords or personal information?
-Using default passwords or personal information such as phone numbers as Wi-Fi passwords is a significant security problem because they are easily guessable or crackable, potentially giving unauthorized access to the network and allowing for illegal activities that can be traced back to the network owner.
How quickly can a determined hacker crack a Wi-Fi password using advanced tools?
-With the right tools, such as a password cracking machine referred to as a 'cenator,' a hacker can crack a Wi-Fi password in seconds, granting them access to shared resources, data usage, and potentially enabling illegal activities.
What was the first generation of Wi-Fi password protection and why was it inadequate?
-The first generation of Wi-Fi password protection was WEP (Wired Equivalent Privacy). It was inadequate because it could be cracked in under a minute using a straightforward attack method that involved intercepting packets and comparing them to find the common password.
What is the WPA 2 handshake process and how does it improve security over WEP?
-The WPA 2 (Wi-Fi Protected Access) handshake process involves four steps: the device requests a connection, the router sends a challenge key, the device mixes the challenge key with the password and returns it, and finally, the router sends a session key for the device to use while connected. This process improves security by eliminating the constant transmission of the password, making it much harder for an observer to crack the password.
How do modern password cracking methods bypass the WPA 2 security protocol?
-Modern password cracking methods can bypass WPA 2 by stealing the complete handshake packet, which contains the challenge key and the result of mixing it with the password. This information can then be taken to a safe location and brute-forced with powerful hardware, allowing hackers to crack the password without detection.
What is the significance of having multiple cores in a processor for password cracking?
-Multiple cores in a processor allow for parallel processing, which means each core can attempt to crack a different password simultaneously. This drastically speeds up the process, with a single RTX 490 being able to attempt over 2 million WPA2 passwords per second.
What are the key features of the Kamino Grand RM server mentioned in the script?
-The Kamino Grand RM server features 16,000 CUDA cores, six of which are used in the setup. It has proper server-grade power supplies, a custom PCB for high power connectors, impressive water cooling with a large manifold andζ£ηε¨, and custom water blocks for the CPU and GPUs. It also has 32 GB of RAM and a 256 GB SSD.
What is the main vulnerability of WPA 3 encryption that persists?
-The main vulnerability of WPA 3 is that if a network contains any devices that do not support WPA 3 or were made before it, the router will fall back to WPA2 for that device, potentially weakening the overall network security.
How can a hacker exploit common human behavior to crack passwords more efficiently?
-Hackers can exploit the predictability of human behavior by using dictionary attacks or lists of common words and phrases, which drastically reduce the number of passwords they need to attempt. People often choose passwords that are easy to remember or based on popular culture, making them susceptible to such attacks.
What is a recommended strategy for securing a home network with multiple types of devices?
-A recommended strategy is to create separate networks for different types of devices. For example, having a main network for personal devices, a separate network for IoT devices with stricter access rules, and a limited guest network for visitors. This can significantly improve network security without requiring additional hardware.
How can using a password generator and QR codes improve Wi-Fi security?
-Using a password generator to create a long string of truly random characters and then sharing Wi-Fi credentials via QR codes can enhance security. This method is both secure and user-friendly in most scenarios, though it may not be practical for devices without a camera or for those who do not want to allow such devices on the network.
Outlines
π Wi-Fi Security and Password Cracking
This paragraph discusses the importance of Wi-Fi security and the risks associated with weak passwords. It highlights how many people still use default or easily guessable passwords, which can lead to severe security problems. The speaker introduces a tool called the cenator, password steel Metron AKA 'this van', which can crack such passwords in seconds, potentially giving unauthorized access to shared network resources and enabling illegal activities that could be traced back to the network owner. The video also touches on the historical lack of Wi-Fi security and the evolution from WEP to WPA 2 and now WPA 3 encryption standards.
π» Server Hardware and Wi-Fi 6E Security
The speaker examines a new server with improved power supplies and a custom PCB for high power connectors. They discuss the server's impressive water cooling system, the custom water blocks for the CPU and GPUs, and the server's specifications, including 32 GB of RAM and a large radiator for heat dissipation. The paragraph also mentions the server's Wi-Fi capabilities, including Wi-Fi 6E and WPA3 for enhanced security. However, it points out a potential vulnerability in WPA 3 where routers may revert to WPA 2 for devices that do not support the newer standard.
π Strategies for Strong Wi-Fi Passwords
This section explores the challenges of creating strong Wi-Fi passwords and the predictability of human behavior when it comes to password selection. It explains how dictionary attacks and lists of common phrases can be used by hackers to crack passwords quickly. The speaker suggests using a password generator for truly random character strings and recommends isolating less secure devices on a separate network or guest SSID. The paragraph also discusses the benefits of VLANs and the potential for having multiple networks for different types of devices to enhance overall network security.
Mindmap
Keywords
π‘Wi-Fi password security
π‘Default password
π‘Password cracking
π‘WEP (Wired Equivalent Privacy)
π‘WPA 2 (Wi-Fi Protected Access 2)
π‘WPA 3 (Wi-Fi Protected Access 3)
π‘Dictionary attack
π‘Brute force attack
π‘Cenator password steel Metron (the van)
π‘Kamino RTX 490
π‘Network segmentation
π‘Squarespace
Highlights
The Wi-Fi password can be displayed on a monitor for easy access.
Many people still use default or easily guessable passwords, leading to significant security risks.
Password cracking can be done swiftly with the right tools, such as the cenator password steel Metron.
Using phone numbers or loved ones' details in passwords is a common but insecure practice.
WEP, the first generation of Wi-Fi password protection, was cracked in under a minute with the right method.
WPA 2 replaced WEP and improved security with a four-part handshake process.
Despite improvements, WPA 2 is still vulnerable to certain hacking techniques.
Hackers can use a collection of exact replicas of the lock (password) to try multiple combinations without detection.
Modern encryption cracking benefits from the parallel processing capabilities of GPUs.
The Kamino RTX 490 has 16,000 CUDA cores, making it highly effective for password cracking.
The new Kamino RTX 490 features custom PCB for high power connectors and improved server-grade components.
WPA 3 introduces the dragonfly handshake method for enhanced security.
Networks with devices not supporting WPA 3 may revert to WPA 2, creating a vulnerability.
Predictable password choices can be significantly reduced using dictionary attacks or lists of common phrases.
Using a password generator with random characters can create secure passwords, but they may be hard to share.
Creating separate networks for different types of devices can greatly improve overall network security.
Using QR codes to share Wi-Fi credentials can be both secure and user-friendly.
Routers can be configured to limit networks to WPA 3 only, enhancing security while maintaining backward compatibility.
Squarespace is an all-in-one platform that simplifies website creation and business growth.
For a detailed guide on improving home network security, separating IoT devices from the main network is recommended.
Transcripts
hey get over here on the count of three
your Wi-Fi password is going to appear
on this monitor ready one two got
him pretty neat trick huh and sure maybe
I didn't get it for all of you but a
shocking number of people are still
either using the default password that
came with their device or their phone
number or a loved one's phone number
which you may already know is a huge
security problem how easy is it to crack
these passwords well with the cenator
password steel Metron AKA this van I can
do it in seconds which would give me
access to any shared resources on your
network would allow me to use up your
data limit and would even allow me to
engage in illegal activities that would
ultimately be traced back to you I'm
going to show you how we built it and
I'm going to give you guys the tools to
stop people like me and today's video is
brought to you by apost LT keycaps yes
they're real and yes you can get them
right now check them out at the link
down below where you can get free us
shipping Wi-Fi security historically has
been a bit lacking in
fact I'm working on
it and if you're thinking that was a
dramatic reenactment surely it's not
that bad you're right because it's worse
than you think whether we get chased off
or not doesn't even matter we can grab
everything we need from a target's
Network in the 30 seconds that it takes
them to spot us outside their house and
walk out to confront us so if they're
using any kind of phone number password
I should be able to break through
it this
easily
and it's done that was
it
yep why let me shock you to learn how
easy it was to crack that Network's
password it might also shock you to know
that for the majority of Wi-Fi's life
it's kind of been this way we was the
first generation of Wi-Fi password
protection to find widespread adoption
and at first it was good enough
especially compared to the alternative
of your data just raw dogging it through
the air unencrypted but it took
technology only a few years to advance
to the point where WEP could be cracked
in under a minute
the attack method was pretty
straightforward every packet of data
contained the password in some manner so
if enough packets could be intercepted
they could all be compared to find out
what they had in common this was the
reason for the switch to WPA 2 or Wi-Fi
protected access which ditched the
constant sending of the password
simplifying the process down to a
four-part handshake first the device
tells the router it wants to connect
then the router sends back a challenge
key the device then mixes the challenge
key with the password and returns it to
the router finally the router sends back
a session key and that gets used for the
remainder of the time the device is
connected for an observer then this is
kind of like having a picture of the
lock and knowing that a standard looking
key opens the lock but having no idea
what the exact shape of that key needs
to be now they could attempt to brute
force it but it would take forever and
they would risk detection because they
would need to be in range of the lock at
all times this ended up being pretty
effective for a while but wait a minute
what if instead of just knowing what the
lock looks like the hacker possessed a
collection of exact replicas of the lock
allowing them to try a key after key
after key without detection well that is
exactly what we did by stealing the
complete handshake packet we've obtained
the challenge key and the result of
mixing it with the password well at that
point we can take that information to a
safe location brute force it with the
power of our cenator and then return to
do our Shady business making things even
simpler for Nells encryption cracking
plays real nice with multiple cores with
each core of a processor hypothetically
being able to try a different key in
unison and this might not mean that much
for CPUs that have only a handful of
cores or at most what 128
192 well when it comes to gpus we are
talking thousands of cores so while we
obviously could put Hardware with this
kind of password cracking capability
into a mobile hacking station like this
we don't even need to all right let's
finally properly meet the kamino grand
RM now just so you remember the RTX 490
has
16,000 Cuda cores in it and this has six
of those I haven't seen one of these for
about 2 years every time commo sends
over a system they are so nice actually
before I'm even in I can see something
that is a huge improvement over the last
one previously they were using sfx L
power supplies three of them which is
not the best if you want to have a
server this time we have proper server
grade power supplies and there are four
of them so I am kind of curious if it
will just keep on running if you take
one of them out maybe even two of them
out I have never seen a 490 like this
this is strange so we have our power
connectors right here which are uh not
connected to anything at all cuz Kino
have put Power connectors on the back of
these gpus I have seen some pcbs with
the pads for these power connectors but
never anything actually installed like
this it looks like Caminos made their
own custom PCB for 12vt high power
connectors right here you can see that
we have a couple extra and if they
wanted they could have heaps Absol
abolute gobs and gobs of gpus in this
thing I take it this computer's
extraordinarily loud yes
very that's loud these run much
quieter yeah and they also can't run any
AI workload worth a damn compared to
this thing they're quiet in the past
Kino have had their servers set up so
that you can kind of just put it in like
your office and it would be fine we'd
have like noct to a fans set up here
that blow across the power supplies and
the radiator at the same time this right
here is clearly a lot more server grade
with these absolutely chunk tastic cut
your finger off fans right here what
hasn't changed though is how impressive
their water cooling is in here we have a
great big water cooling manifold that's
Distributing in parallel water to our
CPU and all of our gpus and then is
taking all of that heat and dumping it
into this great big radiator with those
massive fand it looks like all of the
water blocks are completely custom for
Camino we've got these beautiful GPU
ones that are just nice and small just
look at how beautiful this vrm heat sink
is over here it's just machined out of
copper everything in here is just
absolutely beautiful 32 GB I think the
last one that we had all of them were 64
so not too much RAM 256 is still a lot
though so Tanner have you done
everything that you need to do with this
for the video yeah have you tested the
power supply red
dundy no should we we can do
that all right let's see if these power
supplies are redundant this is a very
simple test the computer is
on the computer is still on good job
guys one thing that isn't very server
likee with this is the io we have heaps
of USB ports right here normally on a
server board you only get like two we
also have 2 10 gig and Intel ax200 Wi-Fi
which will get you Wi-Fi 6E and wpa3 for
that good good high security Wi-Fi ah
yes while hackers and crackers were
working to defeat it WPA was doing some
leveling up of its own and it's a pretty
safe bet that any Wi-Fi 6 device will be
using WPA 3 encryption what's changed
well the new dragonfly handshake method
aims to make it much more difficult to
observe the handshake process and crack
the password offline but along with a
few smaller vulnerabilities does have
one major flaw that still persists if
your network contains any devices that
were made before WPA 3 or one of the few
devices made after that that just
doesn't support it like say for example
an HP printer your router will fall back
to WPA2 for that device unless it is
explicitly told not to that is our entry
point okay wow thanks lius yeah no
problem see you later
buddy let's hope things go a little
better with victim number two about a
week ago I gave them an HP printer and
as long as they didn't get far enough in
the setup process to realize HP requires
them to have a subscription just to use
the ink in the box they're going to have
that on their network doesn't that come
with like a trial or something yeah but
I kept that for myself what I'm going to
pay for my own printer subscription I'm
a hacker
are you done yeah I'm done okay got the
handshake data let's let's go let's
go okay this is not going so well and
that's because even with our stolen lock
the cracking difficulty of one Wi-Fi
password compared to the next can be
dramatically different a traditional
lock in key might have only five or six
values that differ and five or six
possible Heights for the teeth WPA
passwords by contrast can use any of the
printable asky characters and be up to
63 characters long that means that the
total number of different passwords that
could exist
is very high or at least it would be if
people weren't so gosh darn predictable
when you are expected to share a
password with others you are much less
likely to select one that looks like
this and you are much more likely to
select one that looks like this so with
a dictionary attack or a list of words
is used instead of random strings of
characters hackers can drastically
reduce the number of passwords that they
need to attempt down from 20 quadr
gentian apparently yes that is a real
number to only hundreds of millions
which might still sound like a lot until
you consider that a single RTX 490 can
attempt over 2 million WPA2 passwords
per second let's tackle a pretty typical
12 character password then with a number
and a special
character
and yeah armed with only a dictionary of
a million common words combined with a
mask of any non-letter asy character I
can take down your super secure but
still easy to say password in just
seconds all right then lonus if full
sentence passphrases don't work what do
I do now well you might try creating a
password with a string of random upper
and lowercase letters with numbers and
punctuation which is is actually great
in theory but unfortunately once again
people are predictable and they tend to
do things like use pneumonic phrases for
easier memorization according to
researchers at Carnegie melon these
phrases often tend to be based on
popular media like Shakespeare or more
commonly apparently the Oscar Meer
weener jingle making them susceptible to
dictionary attacks all the same you
could use a password generator to create
a long string of truly random characters
and then only share your Wi-Fi
credentials through QR codes this has
the benefits of being both secure and
easy to use in most scenarios but it can
be a huge pain as soon as you need to
connect a device that doesn't happen to
have a camera or at least it would be a
huge pain if you allowed those devices
on your network at all as it turns out
you don't really have to if you just
make a new network for obnoxious devices
that compromise your security if all
they need is internet access a really
great and fairly Noob friendly way to
deal with this is to put them on your
router's guest
SSID if they need more though then you
might have to learn about vlans network
security doesn't end at Wi-Fi security
and Wi-Fi security doesn't end at a
strong password many routers do include
an option to limit networks to WPA 3
only and while this does break backwards
compatibility with older or less secure
devices having a second WPA 2 network
using a different password and with much
stricter network access rules is a great
option if you're willing to put in the
time to learn about it in fact at that
point why stop at two networks you could
have one for your main devices one for
your iot devices and then a limited
guest Network for your visitors it's a
great way to really improve your network
security usually without having to
purchase any additional Hardware just
like this is a great way to segue to our
sponsor
Squarespace are you looking to create a
website but lack the technical expertise
Squarespace is here to help they're
all-in-one platform simplifies the
process of getting your website up and
running quickly with Squarespace you can
grow your business online through their
marketing features which include SEO
support email campaigns and social tools
they offer a wide selection of
award-winning mobile optimized templates
and their Commerce platform provides
everything you need for merchandising to
check out you can also access analytic
insights to optimize your website
performance and identify areas that need
Improvement if you require assistance
Squarespace has help guides and a 24/7
support team so visit squarespace.com
LTT to receive 10% off your first
purchase if you guys enjoyed this video
and you want a more detailed guide on
how to improve your home network
security check out the time that I
separated my main network from my iot
devices
5.0 / 5 (0 votes)