Hacking WiFi networks in seconds With AI | Real Experiment Pwnagotchi

Thx for the comment

Your comment made me insanely interested!!

@@iuse9646 Look into it. There are yt videos. There's a main website that'll help.
Red (it) will help.
There's a learning curve to it but if you watch & read enough you'll likely pick it up. You'll probably see my comments trying to figure out what to do lol.
You'll get some exposure to Kali Linux, Raspberry pi, & how to link it all together g get Bluetooth working.
I knew very little myself so don't be intimidated. Just watch & read enough before you try.

It's important to understand that attempting to brute force any account, including a Gmail account, is against the terms of service of the provider and can be illegal. If you've forgotten the password to your Gmail account, the best and safest approach is to use the account recovery options provided by Google. Google has a comprehensive account recovery process designed to help users regain access to their accounts by verifying their identity through various means, such as a recovery email, phone number, or answering security questions. This process is in place to protect user accounts from unauthorized access and ensure the security of personal information. I strongly advise against attempting any form of unauthorized access to your account and recommend following the legitimate recovery processes provided

@@yanivhoffman i already tried, my old phone is on this account, 2fa disabled, old revover email also (which i have no idea what email it was), and google dont answer

@@yanivhoffman looks like my comment is removed, its my old gmail account that i created that i have no clue about recovery email and its my old phone number and google dont answer, what should i do then ?

Thx so much!! We are trying to improve video by video so appreciate the feedback

Capture only not cracking. for that you need designated app

​@@yanivhoffman the app that u means, is that some open source apps that can be installed into the flipper or using normal cracking tools and software outside flipper?

​@@aqbar135it could be installed easily but the reason people don't do that is, that it requires a lot of computing power, so it wouldn't make much sense to run something like this on a device like this.

so what's the point of this device when i can do the same thing through kali linux airgeddon and a cheap alpha usb adapter .

@@erisi1988 yes sure. U want to scan a network. We can go setup a laptop with kali linux, plug some adapter, do some scan to get the packet and crack it. But u cant do covert operation right? Especially if u want to attack some private site. Look super sus to setup laptop there. Thats where pwnagotchi come. You can make it as small as a keychain, attach to your bag or keys, then just go jogging to your target place or chat casually with ur target. Let it collect the wifi packet, go back home and crack it, and come back to attack later.
One other reason, is for fun. Theres no harm in capturing wifi packet (yet haha) unless u know cybersec stuff. This it make pwnagotchi some small cute toys. Normal people can just have fun exploring around capturing wifi packet, without even knowing how to crack it..
So thats it. Have fun 🙂

True and thats why I explained you take data from pwnagotchi and use hash at

Yes sorry - will put it tonight my time zone

Thx a lot ❤️

😱

Thx a lot my friend

Thx a lot

yes

True 😂

What's the salt diabetic called?

@@anglija-england 😂

Great question - Pwnagotchi is specialized for WiFi penetration testing with a focus on learning and AI-driven network auditing. It's great for those interested in network security and ethical hacking. Flipper Zero, on the other hand, is a versatile hacking multi-tool that supports a wide range of protocols like RFID, NFC, and Bluetooth, making it suitable for a broader range of hacking and making activities beyond just WiFi. Choose Pwnagotchi for WiFi security exploration and Flipper Zero for a more general-purpose hacking tool

@@yanivhoffman thanks man. i will get this one too.

Haha... i only state the product and i did look at their AI algorithm which is open source

Thx a lot

Brute-forcing a complex mix of letters and numbers is highly impractical due to the massive number of combinations. While techniques like dictionary, hybrid attacks, and rainbow tables exist, their effectiveness drastically decreases with password complexity. Modern security measures further complicate brute-forcing. It's essential to remember that attempting to brute-force without authorization is illegal and unethical. In practice, focusing on securing systems against vulnerabilities is more viable than attempting to crack complex passwords

@@crownlands7246 I'm know that, just want to be sure (as I'm not an expert just a bit more advanced user) is it something out there to have to worry about safety or I'm OK with my pass codes (so not words :) ). In this case a bit misleading the title of this video. Am I right?

@@yanivhoffman Here is a useful chart that roughly shows the time it would take to literally 'brute force' a password, i.e. attempt every possible combination of random letters, numbers, uppercase, lowercase, & symbols, for a given password length.
I may be disliked for saying this, but unfortunately it gives some credibility to those annoying requirements that are forced on us as we are updating our passwords....lol........... www.halnor.ca/wp-content/uploads/2023/04/PASSWORD-CRACK-TIME-CHART-2023-scaled.jpg

Great question! Wordlists can indeed be language-specific, and using an English wordlist might not be as effective in non-English speaking countries or in specific contexts like corporate networks named after businesses. To enhance your penetration testing efforts, it's beneficial to use or create wordlists tailored to the target's language or industry. Tools like Mascot can generate custom wordlists based on various criteria, including non-English languages or specific jargon. For global or diverse environments, incorporating multilingual wordlists or custom terms related to the target organization can significantly improve your chances of success. This approach reflects the adaptability and global perspective necessary in ethical hacking and cybersecurity. but remember do only ethical hacking !

​@@yanivhoffman- If a password is longer than 20 charters including non-standard spelling AND symbols, it would take thousands of years to crack it with HashCat. That's what I use for my WiFi password, also better routers have a timeout on wrong password attempts making brute forcing impractical.

Thx so much.

True it’s not new but still effective

I have a small M5-NEMO that can make a fake Google Captive portal for WiFi and it can be changed to anything such as starbucks free wifi or airport free wifi.@@yanivhoffman

teach for ethical hackers and dont simplify it too much otherwise any random person can try it and will get in trouble

@@myname-mz3lo thank you

Thx a lot for watching and the feedback . Will work on it

Thx for your comment. let me try to answer you - Pwnagotchi's use of machine learning (ML) isn't about releasing an 'inferior product' but rather embracing a dynamic learning approach that adapts to varied and real-world WiFi environments. The ML model isn't 'bad' but designed to improve through experience, much like how human skills develop over time. This learning process allows Pwnagotchi to optimize its strategy for capturing WiFi handshakes based on the unique characteristics of the networks it encounters.
The reason for this approach is twofold: First, it ensures that Pwnagotchi becomes more effective in a broader range of scenarios than if it were programmed with a static set of behaviors. Second, it engages users in the learning journey, making the experience interactive and educational.
In cybersecurity and AI, the adaptability to new threats and environments is crucial. Pwnagotchi's evolving efficiency reflects the nature of security work, where continuous learning and adaptation are key. So, it's not about waiting for the product to 'do its job' from day one but about engaging with a tool that grows smarter and more tailored to your specific environment over time

@offman I'm sorry but that sounds like some AI marketing bullshit someone made up.
WiFi networks are not a framework where you are allowed to create arbitrary servers and clients and some MITM system needs time to figure out most frequently used combinations to make any attack feasible.
WiFi networks are based on standards and norms (IETF 802.11) and the set of authentication and encryption options is finite and is actually not big (you can practically only use AES or TKIP).
What you are probably (and unknowingly) talking about is that the device gets better at guessing (ridiculously simple) WiFi PSK due to the fact that it keeps hashed results and does not need to calculate them again. That in and of itself is very weak argument for it being "ML/AI powered" or "good at it".
Brute forcing WiFi PMK/PSK with 8 characters with UPPER, lower and digits takes almost 2 days with RTX 4090 (2533.3 kH/s in hashcat), 7 days if it also contains special characters.
10 character UPPPER, lower, digits, special characters password takes 17,5 years to brute force with one RTX 4090.

@@SlavomirDanas my friend , it’s simple video for educational purposes . There is no point to continue saying what you say on raspberry pi since it’s not for it . Ofc you need super computer but even today pass can be cracked by hours and days but it depends indeed on the chars and complexity. I did experiment connecting 8xRTX 4090 and cracked a 8 digit pass in 48 min. If you want send me private message and I will share the info. Anyway it’s not that you are wrong but again it’s educational video

it’s a stupid clickbait video for people with 0 knowledge that thinks you can brute force a wifi with 50$ hardware complete bullshit

@@qu3nt good for you, you said it three times.

It’s not BS - Pwnagotchi is an A2C-based “AI” powered by bettercap that learns from its surrounding WiFi environment in order to maximize the crackable WPA key material ... I suggest you do your research

Lol he shut you up little boy

Thx for the feedback and sorry you feel its a click bate but its totally not. let me explain - You're right that a Raspberry Pi has limited processing power, making it unsuitable for brute-force cracking of complex passwords within a practical timeframe. Brute-force attacks, especially on secure systems with strong passwords, require significant computational resources that far exceed what a Raspberry Pi can offer. The intention behind using tools like Pwnagotchi on a Raspberry Pi isn't to perform brute-force attacks on highly secure passwords but to explore and learn about network security, ethical hacking, and AI in a more accessible, hands-on way.
For those interested in the computational challenges of password cracking, there are more efficient methods like using GPUs or specialized hardware designed for high-intensity computations. However, the ethical and legal implications of attempting to crack passwords without authorization remain paramount, regardless of the hardware used.
The Raspberry Pi's appeal lies in its affordability and versatility for educational purposes, not its capacity to break into secure networks. It's a tool for learning and experimentation within the bounds of ethical hacking guidelines

Bro if you are stupid, and/or have not listened to him, don't write a comment

Yes will do !

Thanks @@yanivhoffman