Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,170 --> 00:00:06,390
Now the first step into running this attack is to clone the log in page that the people usually use
2
00:00:06,630 --> 00:00:08,640
to log in to their network.
3
00:00:09,150 --> 00:00:14,670
Now again I'm keeping this as generic as possible so you can use this method to clone any web page you
4
00:00:14,670 --> 00:00:16,770
want to really.
5
00:00:16,790 --> 00:00:24,080
Now I'm going to go to my Callimachi right here and I'm going to go ahead and connect to the network
6
00:00:24,080 --> 00:00:25,480
that I want to target.
7
00:00:25,910 --> 00:00:31,520
So I'm going to go here on the top and I'm going to click on Wi-Fi.
8
00:00:32,180 --> 00:00:38,420
I'm going to select network and I'm going to select my target network right here which is called Royal
9
00:00:38,420 --> 00:00:39,210
Wi-Fi.
10
00:00:39,470 --> 00:00:40,340
I'm going to connect
11
00:00:44,220 --> 00:00:48,710
and as you can see right here I'm connected to my target network.
12
00:00:49,170 --> 00:00:54,860
Now usually the target network should automatically show you a log in screen if you're on an ad on a
13
00:00:55,110 --> 00:00:58,590
smartphone or on Windows or even on x.
14
00:00:58,680 --> 00:01:03,030
But for some reason actually it doesn't always show it to you automatically.
15
00:01:03,030 --> 00:01:09,820
So you'll have to manually go to the web browser and then just browse for any web page.
16
00:01:10,230 --> 00:01:15,780
So I'm just going to go to Google for example.
17
00:01:15,960 --> 00:01:21,730
And as you can see I get automatically redirected to the captive portal log in page.
18
00:01:21,960 --> 00:01:24,490
And first of all it's asking me to choose the language.
19
00:01:24,510 --> 00:01:31,930
So I'm just going to click on English then it's giving me two options I can sign up and pay money or
20
00:01:31,930 --> 00:01:34,980
I can just log in if I have a username and password.
21
00:01:35,170 --> 00:01:36,650
So I'm going to log in.
22
00:01:37,560 --> 00:01:43,400
And as you can see right here it's asking me for a username and password.
23
00:01:43,690 --> 00:01:48,520
And then once I put the username and the password I can click on logon and then if the username and
24
00:01:48,520 --> 00:01:54,150
password are correct it's going to let me into the network and then I'll be able to use the Internet.
25
00:01:54,160 --> 00:01:56,610
So this is the page that we want to clone.
26
00:01:56,620 --> 00:01:59,740
This is the page that we want to display to our target.
27
00:01:59,860 --> 00:02:07,840
Once they can next to our fake access point so to close this web page we can actually just use a built
28
00:02:07,840 --> 00:02:10,310
in functionality in Firefox.
29
00:02:10,390 --> 00:02:18,070
So all we have to do is just click on the button on the keyboard that will display the menu bar here
30
00:02:18,070 --> 00:02:19,880
on the top.
31
00:02:19,960 --> 00:02:25,450
We're going to go to File Save page as.
32
00:02:25,680 --> 00:02:31,020
And then I'm just going to select the location where I want to save this particular web page.
33
00:02:31,140 --> 00:02:35,960
So I'm going to go to downloads and I'm going to create a new directory for it.
34
00:02:38,630 --> 00:02:42,800
And I'm just going to call it royal log in page.
35
00:02:42,890 --> 00:02:46,820
I'm going to create and it's automatically going to call.
36
00:02:46,820 --> 00:02:52,110
This will come online and I've configured this to download the whole web page.
37
00:02:52,160 --> 00:02:56,620
So as you can see here at the bottom right I have one page complete.
38
00:02:56,810 --> 00:03:00,820
I'm going to click on Save and that's it.
39
00:03:00,820 --> 00:03:04,560
Now the web page is downloaded in my downloads directory.
40
00:03:06,260 --> 00:03:09,010
Now I'm going to quit this.
41
00:03:09,100 --> 00:03:12,260
I'm going to go to the files right here.
42
00:03:13,450 --> 00:03:20,060
I'm going to go to downloads and as you can see here I have my royal log in page.
43
00:03:20,060 --> 00:03:28,400
The place where I downloaded the Pitt web page in and you can see we have two files right here related
44
00:03:28,580 --> 00:03:30,650
to the web page we downloaded.
45
00:03:31,160 --> 00:03:39,180
So first we have the web page itself right here and in here we have the files used by this web page.
46
00:03:39,260 --> 00:03:46,190
So this will contain the images it will contain the javascript the style files and all that.
47
00:03:46,190 --> 00:03:50,020
So if I doubleclick it you'll see I have.
48
00:03:50,040 --> 00:03:50,310
Yes.
49
00:03:50,310 --> 00:03:58,320
As files javascript files and pictures used inside that main logon page right here.
50
00:03:58,320 --> 00:04:04,410
So when you're trying to clone this you need to use both of these because this web page right here refers
51
00:04:04,410 --> 00:04:07,220
to the files inside this directory.
52
00:04:07,230 --> 00:04:11,980
So if it can find the files in here the web page won't be displayed properly.
53
00:04:13,260 --> 00:04:20,960
So if I just double click this real quick it's going to open in Firefox and as you can see it looks
54
00:04:20,960 --> 00:04:27,830
very similar to the web page that way that the captive portal uses We can click on log in here we can
55
00:04:27,830 --> 00:04:35,510
put a username and password and it's an identical replica of the web page used in the captive portal.
56
00:04:35,690 --> 00:04:40,310
Now I'm going to quit this again because we can't share this with our users.
57
00:04:40,310 --> 00:04:47,960
We have to put this into our web server so that we can redirect people to it and display to them when
58
00:04:47,960 --> 00:04:50,940
they connect to our fake access point.
59
00:04:51,530 --> 00:04:54,340
So I'm going to copy both of these files.
60
00:04:57,740 --> 00:05:03,350
Then I'm going to go to my Webroot which is the location where you should store the files on your web
61
00:05:03,350 --> 00:05:07,190
server that you want to show to the users that visit your web server.
62
00:05:07,460 --> 00:05:13,640
So that's going to be in Vire W.W. hasty email.
63
00:05:13,660 --> 00:05:15,890
Now I'm going to paste them in here.
64
00:05:17,940 --> 00:05:26,440
And as you can see now I have my files here now by default the web server will display our page that's
65
00:05:26,440 --> 00:05:28,360
called index or attached himself.
66
00:05:28,480 --> 00:05:32,440
And as you can see here we automatically have a default index.
67
00:05:32,740 --> 00:05:35,740
So you can either rename this or delete it.
68
00:05:35,740 --> 00:05:38,450
I'm just going to delete it because I'm not going to use it.
69
00:05:41,260 --> 00:05:48,250
Then I'm going to rename the welcome on line page so I'm going to write click it rename and I'm going
70
00:05:48,250 --> 00:05:48,760
to name it.
71
00:05:48,790 --> 00:05:51,090
Index to an HMO.
72
00:05:51,130 --> 00:05:57,640
Now I did this so that when people access my IP so when they access my web server even if they don't
73
00:05:57,640 --> 00:06:04,610
put a file name they'll automatically see this index page this page because I called that index or DML
74
00:06:04,930 --> 00:06:09,220
and it's going to display the logon page that we just cloned.
75
00:06:09,220 --> 00:06:10,680
So let's have a look on this.
76
00:06:10,690 --> 00:06:17,810
I'm going to first of all we're going to have to start our web server and we can do that by doing service
77
00:06:18,560 --> 00:06:25,290
Apache to start that will start my web server on.
78
00:06:25,340 --> 00:06:30,960
Now I can go on Firefox again and I'm just going to go.
79
00:06:30,960 --> 00:06:39,640
You can go to your own IP address or you can just go to localhost or 6:59 the zero those 0.1.
80
00:06:39,780 --> 00:06:45,450
And this basically just tells the browser to open the web server installed on the current computer.
81
00:06:45,450 --> 00:06:53,160
So it's your current IP and as you can see we'll automatically see the logon page that we cloned without
82
00:06:53,160 --> 00:06:54,880
having to put anything in here.
83
00:06:54,900 --> 00:06:59,930
We just put the address so in the future we're going to be put in our address on the network.
84
00:06:59,970 --> 00:07:01,700
Right now I'm not connected to anything.
85
00:07:01,700 --> 00:07:05,560
So I'm just put in 1 2 7 0 0 1 or you can put localhost.
86
00:07:05,670 --> 00:07:08,430
And as you can see now web page works perfectly.
87
00:07:08,490 --> 00:07:14,640
We can put a username and password and then if users see it it still looks identical to the page that
88
00:07:14,640 --> 00:07:15,230
they use.
9108
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.
Afrikaans
Akan
Albanian
Amharic
Armenian
Azerbaijani
Basque
Belarusian
Bemba
Bengali
Bihari
Bosnian
Breton
Bulgarian
Cambodian
Catalan
Cebuano
Cherokee
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
English
Esperanto
Estonian
Faroese
Finnish
Galician
Georgian
German
Greek
Guarani
Haitian Creole
Hausa
Hawaiian
Hebrew
Hmong
Hungarian
Icelandic
Indonesian
Irish
Italian
Japanese
Kazakh
Kinyarwanda
Kirundi
Kongo
Korean
Krio (Sierra Leone)
Kurdish
Kyrgyz
Laothian
Latin
Latvian
Lithuanian
Luganda
Luo
Luxembourgish
Macedonian
Malagasy
Malay
Maltese
Maori
Mauritian Creole
Moldavian
Mongolian
Myanmar (Burmese)
Montenegrin
Nepali
Norwegian
Pashto
Persian
Polish
Portuguese (Brazil)
Portuguese (Portugal)
Quechua
Romanian
Romansh
Russian
Samoan
Scots Gaelic
Serbian
Sesotho
Setswana
Seychellois Creole
Shona
Sindhi
Sinhalese
Slovak
Slovenian
Somali
Spanish
Swedish
Tajik
Thai
Tigrinya
Tonga
Turkish
Turkmen
Ukrainian
Uzbek
Vietnamese
Welsh
Wolof