How easy is it to capture data on public free Wi-Fi? - Gary explains

Hello, my name is Gary Simmons from Android Authority. If you've seen my videos on VPN or encryption, you'll have noticed that I've said several times that we need to be careful when using open

public

Wi-Fi hotspots. Now the reason. This is because the information that is sent from your smartphone or from your laptop to the hotspot is actually transmitted in all directions for anyone to collect and analyze, so obviously that raises a lot of questions. of different problems, but the question is how

easy

is it to collect

data

, collect network packets on an open

public

Wi-Fi system?

Well, let me explain, so when you connect to an open public Wi-Fi, the connection between your device and the Wi-Fi router is clear. It's not encrypted and that's because people want you to connect to it to use it while you're at their mall or their coffee shop, for example, and therefore the

data

that is sent is completely open and, as I said ago Wait, they're sent in every direction, they're not just sent directly in the router's line of sight, and if you have the right equipment, anyone can pick up all those data packets floating in the air.

Now normally, a Wi-Fi adapter, whether it's one built into your laptop built into your phone or one that you use over USB is in what they call managed mode and that basically means you only want to talk to one point. Wi-Fi access, you want to send and receive data and you're not really interested. Whatever else is going on, however, the Wi-Fi standard allows these chipsets to be placed in several other modes and one of them is called monitor mode. Now, in monitor mode, the Wi-Fi chips can pick up and receive packets as they go. anywhere in the air, whether they're going towards the guy at the next table, whether they're going towards a guy doing the shopping plus a little bit, you can receive them all because Wi-Fi signals are ubiquitous , they go absolutely everywhere when shipped now not all Wi-Fi chipsets can do this.

It's cheaper to just create a Wi-Fi chipset that just stays in managed mode because the firmware and hardware logic is much simpler and that's actually the kind of 99% news cases where people just you want to connect to an access point and send and receive traffic home. If you get the right equipment, you can put it in miter mode now, for example. I have a dongle here that I bought. on Amazon you can get it for under $20, it's through tp-link and it actually has the right drivers where you can set it to monitor mode. Now to do this, you will need something called Kali Linux as a special Linux. distribution, but you don't have to install it on a laptop and then install over Windows or something, you can run it as a virtual machine and if you run it as a virtual machine you can plug in the USB adapter and I can actually associate it with the distribution of Linux and it's like you're running a separate meter with a virtual machine.

I've done some testing using my laptop and using my virtual machine for color dips and everything that I'm going to tell you now. This is actually what I did myself and step by step I demonstrated that this works now instead of giving you all the actual commands here during the video which you will have a hard time following. Visit the Android Source Communications website. and look at the article that goes to this video because there I have listed all the commands you need and they are

easy

to cut and paste, read and study to see what I am doing, but basically First of all, you start Kali Linux and then you connect your adapter USB, you make sure it can be seen and then you switch the adapter to monitor mode and use some tools from the aircrack suite to do that and then once you've found the Wi-Fi network you want to listen to and then basically tell Air Crack Suite that uses this Wi-Fi adapter to

capture

all packets circulating in the air and they will be

capture

d on your hard drive. and then once they're in your heart, you can use tools like driftnet and Wireshark to look at all that data and see what's there, very quickly you'll be able to get some URLs and you'll be able to see what websites people have been visiting. and you'll also be able to grab any images that have been floating around in the air to see what people have been seeing now to test this.

I put my own Wi-Fi hotspot here at my house, it was wide open so maybe for a while. Within a few days my neighbors were able to get some

free

internet access, but I'm sure everyone got mad anyway and I basically use a laptop connected to that Wi-Fi hotspot and use my hand with the phone to boot an access point. and then I used my laptop running Kali Linux along with this Wi-Fi adapter and I captured everything that was coming out and you can find that you can get a lot of information, in particular, for example, I went to a particular football website for those in North America and all the images of the players that I was downloading and watching now I took them from the Wi-Fi dongle and I actually saved them on my hard drive and I wasn't even connected to the same Wi-Fi router, that's the beauty of the monitor mode, you can grab things out of the air as they whiz by now, obviously if this were the case absolutely everything would be a disaster every email.

You read every time you go somewhere to an instant messaging service, everything would be open. Now, fortunately, there is something called HTTPS. You've probably seen it when you type a URL and when you go to a website that uses HTTPS, you'll see that. little padlock sign now the s and the padlock sign show that this is secure, it is on an encrypted connection, so even if packets fly

free

ly in the air between your device and the Wi-Fi hotspot once those packages have been taken out of the air if you take a look inside them, everything is incredibly good because it's encrypted, you can't see what's in this, all the images are encrypted or the URLs and cryptocurrencies, all your emails are encrypted, etc., and that's great now, the number of websites using HTTPS now has increased a lot and that's thanks to the project we're probably going to encrypt the project and also the free availability of Orbit, relatively free availability of SSL certificates, now What that means is that when you connect to a website on Google, for example, to search and everything you do on Google, including Gmail, all over HTTP, so anything you read on Google, is Whatever your Google search, it can't be seen when you're on a free public Wi-Fi hotspot; however, many sites only use HTTPS when you are logging in so at least your passwords are protected and when you are doing the type of verification with what you have purchased, if it is a commercial site, that comes too, but in the middle, when you are browsing all the different Products are freely available because they are clear, however that is changing on Google, they have a report card available that gives you a list of all the sites that use HTTPS end to end, so that things are really improving in the web browser. in front and of course you have that little icon that tells you if you are securely connected;

However, things are not that simple when it comes to Android apps, whenever you use an Android app and it is fetching data, it may start advertising data. You could be sending some personal profile data about yourself, you could be using a network service, whether it's a social network, whether it's instant messaging or multiplayer gaming, whatever you're doing, you don't know if that connection is an encrypted connection. and that's because there is a little sign with a lock on it, there is no little green sign telling you that everything is fine, you just have to trust that the apps are not all apps by any measure use encryption during the networking part of its design, now unfortunately there is no easy way to tell. what apps work and what apps you don't have to sit down with a Wi-Fi adapter like I have and start monitoring this traffic and see what's available and obviously it's time because you know some people have written reports on this. and they are there to be fine, however it is really a problem, we cannot quickly find out if an app uses encryption or not now, if we take an app like WhatsApp, they have declared it public clean, it even says so in the app that everything what are you doing. on which tap it is encrypted, so even if I use it on a public Wi-Fi hotspot, it will be encrypted, it doesn't matter if someone grabs all those packets out of the air, you can't see what's inside them, however, Others an app like Google's Get Allo Messenger has clearly indicated that it does not use encryption only when you are in incognito mode.

I haven't tested it to see how bad the situation really is, but it's interesting that even popular apps from big companies don't necessarily use encryption, so be careful when using an app on your phone and make sure you know 100% that is using encryption, otherwise it could be stolen when connected to a Wi-Fi hotspot now. Grabbing things out of the air is one thing that can happen on a Wi-Fi hotspot, but it's not the only thing that can happen on a Wi-Fi hotspot. Another problem may be that people may deliberately set up fake hotspots. to entice you to connect with them and then they have control over your traffic.

For example, maybe you go to a particular coffee shop and it doesn't have Wi-Fi and one day you realize that you do. Brilliant. The store has Wi-Fi. I'm so happy that I want them to have Wi-Fi for a long time and they really don't. There's a guy two tables down with his laptop and a Wi-Fi adapter like the one I have. Then you set up your own hotspot, all the tools for that are available on Linux distributions like Kali Linux that I mentioned earlier and then what happened is that everything you send to the internet goes to your laptop first, where you can store it and also can manipulate it and, worst of all, can direct, then you think you are going to amazon.com and, in fact, what appears is a website that looks very similar if it is a clone of amazon.com, but in reality it is a fake website. which you deliberately put in just to capture your login passwords, then you go and log in.

It says the login failed and then it will probably redirect you to the actual website where you log in and says oh, I must have typed the password wrong, but actually you Now I've given it your username and password, so it's It's dangerous to use an untrusted Wi-Fi hotspot and that's the problem when you go to a mall, there can be like 10 20 30 40 different Wi-Fi networks listed and someone will open it up for you. some of them are not and they all look legit because they are all names of stores around you, you think I will click on the Starbucks network.

I'll click on any network and in fact there might be a guy sitting on the bench behind you who set up that Wi-Fi network so be careful and there's a third thing that can happen when you click on a Wi-Fi network public and that is called art spoofing now on all network cards in the world. It has something called a MAC address, even this thing has a MAC address and that's the media access control address and it's unique, they're set at the factory when you walk out the door and every person in the world is different, it's a PC, it's a laptop, it's an adapter like this, whether it's your smartphone, they all have these unique addresses adapted to them and what happens is that when you have an IP address which is the Internet address, what happens is that another PC or other device, hey, who owns it? this address and it uses the address resolution protocol to say who owns it and then it says Yes and the MAC address is sent back in a normal security environment which is absolutely perfect, that's how it works, but in reality when you are a Open public Wi-Fi, you can fake it so someone comes and says "hey, who owes your address" and you say "yeah, but no, you don't own it at all, but you lie, you get your PC to lie about the fact ". that you own the address and that means that now the traffic that was going to go somewhere probably the router now gets to you and once it gets to you again it can do a lot of different things like phishing attacks, man-in-the-middle attacks that actually can configure. set it so that all data is reset about you and then redirect it to some family members, they go somewhere simple like a news website, you just redirect them if they go somewhere you are interested in their past or like PayPal eBay.

Amazon, whatever it is, you can send them to a fake site and try to perform a phishing attack on them to try to capture their username and password, so three things can happen: You can capture the packet out of the air using monitor mode on the With a Wi-Fi adapter, you can set up a fake Wi-Fi hotspot to lure people and capture their information, and spoofARP allows people on open Wi-Fi networks to redirect traffic and you don't really know or even realize it. about what's going on and then with web browsers we have to be careful, we're using HTTPS, you've got that log there in the lock, sign the little green box that says everything's fine, but in Android apps it's a lot harder to tell whether the app uses SSL or not, so be careful unless it's something like WhatsApp or other apps have publicly stated that they are using encryption.

Be careful while using those apps for a minute. What is my name Gary Simms from Android or Thority? I hope you enjoyed this video. If you did, give it a thumbs up if you want the tutorial, but how to do these things, the exact command you type. Kali Linux To replicate what I've been doing, go to the Android Chrome website and look for the articles written that contain all the things listed there, don't forget to subscribe to the YouTube channel and royalties, don't forget to download our Android. or the 'ti app because it will give you access to all our latest news right on your mobile phone and don't forget to go to Andrew Authority Communications every day because we are your source for everything Android.