Flipper Zero WiFi Hacking (Rogue AP) #shorts

Do you connect to "Free Wifi" networks? Will this make you more cautious and careful?

davidbombal

Do not connect to networks named "Free WiFi" . Noted.

YuckFouxFFFF

Having studied, and continue to study, some of this stuff, your videos are seriously helping to support the knowledge! Thank you!

leecollins

3 or 4 years ago, when I started learning IT and IT security, I used to wonder how David Bombal didn't have millions of subs. Now he does. You have to stay the course!

gvmyjyb

Are we going to ignore the site not trusted icon next to Google? This is an SSL interception, I.e. the flipping acting like a proxy. I'm interested in seeing if the flipper zero would pass authentication parameters to the actual website. I need to put my hands on one :)

mohamadelhout

We used a Flipper Zero at my office which is badge access and cypher locks. It’s scary how easy it was to capture door codes and badge data to spoof credentials. Flipper is a great tool for not only electronic pen-testing, it is also great for physical attacks too!

christucker

Name of my new RPG - "Rogue WiFi: The Evil Portal"

therealdonchelios

Awesome to see an example instead of just a warning, thanks again for sharing!

jerrymascorro

Love your videos David, currently doing cert IV cyber security at Tafe Queensland, and your knowledge is helping me learn and see the dangers out there now days. Appreciate your channel mate 🤙

GriMMiXbeats

There is an exclamation point sign in address bar - which means connection is not secured (which google even doesn't support anymore). And apparently some knockoff browser is used - any respectable modern browser will prevent/discourage/notify of using not secured connection.

z

I remember i used to connect to open wifis a lot in my childhood .... Thanks for showing this David ❤

abgrafix

Would this not be stopped for most websites by the browser since it will default to connecting over TLS, thus causing cert errors. Especially if HSTS is cached.

Tibrius

Great info and thanks for representing us! I was involved in networking forensics with an executive that traveled to Europe and used a “free WiFi” at a train station . Within minutes the rogue AP skimmed his office 365 credentials, hacked his account and shortly after negotiated a wire transfer settlement with a customer. This experience mandated and enforced 2 factor for all of the accounts on their system.

chriswendi

HSTS (Preloading), DoH and regular TLS has mostly solved this issue.

juliasdotzone

Holy crap! I know about the flipper, but no clue it could do this!

RRR

Thanks. This just confirmed it. I have being seen dodgy looking free or _wifi networks available in public places for a couple of decades now. I have always been suspicious.

critchee

Used to do this on my HTC One, man I was jacking Facebook accounts and having a right laugh changing pics and watching reactions 😂😂😂

PsYcHoRaTurk

Facebook noticed I was watching flipper zero videos and sent me an ad for one that costs 412$

cattameme

Hacker naming schemes be like: Evil Portal, The Cat Bomb, Rainbow Attack

djay

What about connecting to it but NEVER do;
Login
Banking
Conversation

Just for browsing 😊

syedibrahimkhalil