I'm invited to a party a few days from now. I'm planning to open a WiFi hotspot on my rooted android phone during the party and ask people to connect to it and steal their accounts with a MITM tool on my phone.
Which application do I use to perform the MITM? I've heard of zANTI but never tried it.
Well looks like they shouldn't have invited the fat neckbeard to the party. Looking to creep some phones? Wow such good thing to do, impress, impress sir
Noah Sanchez
Get out of here you faggot.
Jayden Harris
Fuck off faggot.
Ayden Jenkins
U smaht
Caleb Rivera
Neck bearded NEET wants to feel like a hacker
Connor Davis
"steal their accounts". MITM isn't a magic bullet. It allows intercept but if this is the problem then what are you going to do with the data you take? The probably encrypted data. Look at it sternly?
Stealing is for losers. It's not your stuff. No matter how savvy you are, doesn't excuse any parasitic behaviours, user.
And how many more parties did you want to go to??
Ryder Perry
Haha user got shot down. But really, fuck off faggot.
Kevin Thompson
Yeah, that was one thing that did cross my mind. I'm thinking to redirect social media sites to their respective phishing pages which I'll create and store locally on my phone. But I'm specifically am looking into hacking Instagram accounts, so if someone could help me with that it'd be great.
Benjamin Morris
>going to ask So you'll rat yourself out? You know the first thing they're going to remember after you stole their info is someone asking to connect to their wifi.
Don't ask and name it something witty.
Joseph Butler
Why do you even care? Why not use these skills to make the world better than than just being a dick, taking advantage of people.
Luis Robinson
same fagged by op
Elijah Wood
HTTPS /thread
David Kelly
Are you full retard? Who the fuck pulls up their browser and goes to instagram or FB website on their phone?
Mason Rodriguez
That's a decent contingency plan. I hope it works. I was reading that CSploit thing that another user posted and it looks pretty solid.
Jaxson James
I'll obviously not ask them to connect to it straight away. I know how to manipulate the target person, so it'll be easy and she won't understand.
Colton Price
he could forge a false certificate, but mobile apps probably check for that
Lucas Long
I'm not really a hacker but I am an app developer. MITM only really works if the traffic between the target and their service provider is unencrypted.
Since last year all iOS apps have had to use encryption by default.
A lot of the info you will find on the web will be out of date. It's note as easy as just firing up wireshark like it used to be.
Ian Lee
fuck off.
My target does. I'm looking into it too. Hope it works.
Brayden Perry
People that are fucking stupid, like almost everyone, and are told, "Did instagram give you that offers page today? Mine started to process it then failed." "What offer?" "I forget. Pull it up. I'll show you. ... [ ] [ ] .'. /.\ huh, I guess they took it down." Your lack of imagination is why you will never accomplish anything significant.
Jack Brown
You obviously do not know what you are talking about
John Kelly
Ohh, any idea about android mate? She's using a Galaxy S2 running Kitkat 4.2.2 which I rooted a few years ago.
Tyler Flores
the whole point in this place is that you can come and ask this kind of thing anonymously
Jace Robinson
You're a fucking idiot, they're gonna know who did it, even if they understand none of the technology.
You'd get farther if if you took the name of the host's own (presumably secured) wi-fi, and named yours after it but with "-guest" appended to the SSID, and made it open, still most people won't bother connecting to it. But if you asked them to they'd still sense something was weird.
Noah Brown
There are tons of app that do that but you can't decrypt TLS.
And what you want to do is not a MITM attack
Nathaniel Parker
This >What do I do then? You got an idea?
Daniel Peterson
You're obviously a neckbeard and a faggot, but because you got dubs, I'll let it go for now.
What you need to do is wait for one person to inevitably start asking around for the WIFI password, then casually tell them the "house WIFI" that they can let others know. That's it. Nothing more. Say anything else and you'll incriminate yourself from the start.
It also heavily depends on the type of "party" you're attending. If there's a DJ and it's a bumping house party, no one will be sober enough to even remember to spread a password some fat dude told them 20 minutes and 4 PBRs ago.
Ryder Reed
Sorry couldn't help you there mate.
so from what I gather you're after her photos. It may be sensible to look for them at another place.
This is gonna sound super creepy but my ex gf's netflix password (which she shared with me) was the same as her dropbox password.
Turns out she backed up her phone photos with dropbox. So I logged into dropbox once and made a public link to her photo stream file.
Just to warn you though. I spent the next 6 months watching her photo stream including naked pics she was obviously sending her new bf.
My advice. It really isn't worth it. It'll make you more unhappy than anything
James Torres
>ask people to connect haha good luck faggot
Hudson Wilson
Sniffing packets
Jaxson Nelson
They're not going to be drunk but I'll handle it on that front. I just need to figure out a solid plan to hack it "after they are connected" to my wifi.
Nolan Sanders
Don't fucking tell people to connect, just name it something stupid or generic and leave it unlocked. Everyone on their phone will connect.
Asking people to connect is literally suspicious as fuck and even drunk people will remember that shit.
Nathan Moore
I use the FB website on my phone instead of the objectively inferior app.
Christopher Hernandez
She destroyed me emotionally and socially man. I don't want to fuck with her photos, she has some DM's on her instagram account which could help me expose her.
Dominic White
have you thought about getting the mac address of your school and spoofing that?
I don't know if you could do it with a phone but definitely with a raspberry pi or something. If the access point looks like a network their phones already know they will connect automatically
Jeremiah Allen
Sounds like a nice idea user. Will definitely research on it.
Ryan Sullivan
place a sign on the "bar" with the wifi infos
Wyatt James
Even if the connection is encrypted. OP will not succeed
Justin Russell
>be me at a party w/ some friends >some sweaty neet walks up to us >"Hey guys you can connect to my mobile hotspot if you want." >he walks away leaving a trail of swamp ass funk in the air >everyone makes fun of him for the next 5 minutes >already have massive data packages already because we're white you dumb shit
Christopher Collins
you should at least try to hack your own phone first so you know what to expect and if there's anything that might indicate that the creep at the party who made everyone connect to his hotspot is trying to do something weird
Kayden Miller
I'm testing cSploit on my devices right now. Doesn't work properly as expected, i'm still trying to find a way to make it work though.
Luis Powell
I've got bad news for you OP. Instagram app communication has been encrypted since 2014. There is no way you can do a MITM attack.
Realistically your only hope would be some form of phishing
Luis Brown
Go buy a blue coat web gateway with transparent TLS interception. It'll MITM without needing to install root certs. But you're probably 1) a broke fag and 2) have no idea what a bluecoat appliance is anyway.
Get out of the deep end of the pool kiddie.
Elijah Lewis
It won't work because the connection is encrypted you cock cheese.
Gabriel Allen
>be at party >sending data packets with reputable software packages over a secure connection >neet asks me to connect to his hotspot because hotspots seem cool and he wants to try them out or something >politely inform him that doing so would increase the chance for a man in the middle attack, possibly triggering security implementations in certain apps preventing them from working correctly and make him liable should any loss of or interception or damage to data occur >he says thanks and walks away >go about my day
Dominic Carter
yeah... A blue coat gateway doesn't do what you think it does
Kevin Long
I'm thinking of redirecting Facebook to my local phishing page and get her to login her facebook, then reset her instagram with facebook.
Right, I got no idea what blue coat is.
John James
Stop messing around with this hacker shit OP. You cant beat the nerds in silicon valley.
Just do this. 1. watch her while she unlocks her phone. 2. remember code 3. make sure she drinks 4. when she's drunk steal phone 5. fucking profit nigger
Eli Sullivan
the only real way to hack is to understand how these systems work well enough to know their security exploits, the problem with being someone who wants to hack is that you're probably a low life whose not a decent enough human being to actually learn anything about how computers work and without this knowledge you're not going to even understand what anything on the software means, they're tools not not droids made to serve
Jaxon Watson
Sounds doable. She doesn't drink though, but I can get someone to keep her engaged while I mess with her phone. Thanks
Brandon Rodriguez
Slip her some roofees / Rohypnol
Christian Long
this is pretty much the reason sites like facebook have an app that handles the connection and logs you in automatically so you don't have to enter your password when you use it, you could intercept that but it'd be encrypted, which would be fine because you could then use a lookup table to convert it back into the password, but if you knew how to do that you wouldn't be here because you have to not be retarded to pick this sort of thing up
I have no problems telling you this because I love talking about it because computers are my thing and am completely confident you're not gonna pull this off and will hopefully get caught trying
Aiden Brooks
get a pineapple wifi
Isaiah Smith
Cut him some slack. The kid knows what a man in the middle attack is. 10 years ago that would of been a way into almost any online system. That's precisely why encryption is so important.
When I started my job ALL PASSWORDS were sent in plain text.
Sebastian Evans
Fuck outta here summer fag
Mason Hill
Your point is valid. I've only been a script kiddie. I'm taking up computer science engineering in college so I hope that'll give me a closer look at how things work..
Mason Wright
Rainbow tables haven't worked for a few years now. We all learned our lesson after MD5
Easton Jones
Can you link me to some working guides or something?
Nathaniel Allen
the thing is when I actually started making software is when I realized hacking is just a dickmove where you break someone else's stuff and that you should really have more respect for people
Luke Diaz
and while you are there, use a rubberducky to install some shit on their computers
Charles Ortiz
Don't help this fag. Reported to FBI for intentions
Ryder Brown
you can literally google it for md5
Nicholas Foster
Might learn that later. I'm just beginning with the technical stuff here.
Kayden Morgan
Go and rape some drunk girl. Its better than you fucking faggot idea.
Take video or timestamp
Xavier Hughes
It won't be hard to figure out what you did when ppl realize they've been hacked.
You're going to get your ass kicked.
William Harris
eastside grab session key thank fuck nobody has published how to do this on the application layer.
Eat a cock OP
Brody King
this is why we don't use md5 anymore. We switched to salted hashes then to algos that auto generate salt.
Joseph Taylor
Get the fuck out summer fag
Noah Long
Fuck off newfag.
Levi Gray
Butthurt losers will be butthurt
Jason Hill
really? you want him to go to the victims computer, check the cookies, create the same cookie on his machine and then hope that the session does not check for os, installed fonts, browser, whatever?
Cooper Watson
>plottwist
literally nobody did
Jackson Robinson
I did some freelance work for a client about 6 months ago who's whole database of 40k users were all stored as md5 hashes. It's a 10 year old system and when I asked they said they have no immediate plans to update.
Sounds crazy but they're out there
Asher Gray
you faggots who are knocking on OP are the kind of pussies who made this website gay as fuck in the first place
Angel Jones
No, I don't. You been smoking meth?
Ryder Howard
>Ask people to connect to it You're setting yourself up for failure. You've just incriminated yourself. Stupid ass.
Noah Brooks
>isn't he that weird kid who sits alone at lunch? >Yeah idk who invited him >milady.jpg >care to connect to my hotspot? >wtf whatever >"your account has been logged in on another device" >Fkin neckbeard
Anthony Jenkins
then, how would you manage to get and successfully use a session key?
Daniel Gomez
That's actually not a bad idea. However to do that you'd need to 1. Install your own app on her phone 2. some how access the instagram app's local data store (considering it's a rooted phone that might be possible)
That's prob beyond OP's and my abilities
Tyler Nguyen
Its a rooted phone. I thought of another idea. How about I pickpocket her phone, install titanium backup, transfer backup files and restore the app data on my device.
Just tried it with my devices and it worked. Looks like i found the right way.
Evan Gutierrez
The samefagging is real
Levi Flores
Did you ever include the fact that the FB account may weell be secured via sms ???
Everytime i login with the correct password im presented with a screen asking for a 4 digit code wich they sent via sms.
2016 trying to access a FB/Insta thats not yours. Good luck op
Alexander Stewart
Top plan OP. Of all the plans this one seems the most doable!
Noah Watson
Story?
Robert Walker
You faggots need to chill.
Jayden Robinson
Yes op use zanti
Hunter Perry
Only nerds have this set up.
source: > I have this set up for google & dropbox > I am a nerd > therefore only nerds do this
Normals would never in a million years set this shit up
Wyatt Kelly
Her account is not connected to a phone and I'm sure about it.
I'll greentext it gimme a sec.
Joseph Butler
:^)
Blake Lee
>ask people to connect to it Smart move, not suspicious at all.
Landon Johnson
Not true. My GF set it up for me. She is computer illiterate. Give her a phone and app and its a diff story
Jose Campbell
This. Earn what you have OP, stealing is for niggers.
Jose Wood
Could be connected via email.
Leo Peterson
>be me >Have a gf of 2 years >everything's going good >Chad the thundercock enters the equation. >Starts getting really close to her. >She calls her brother. >You don't have to worry about him user he's like a brother to me. >itrustyou.jpeg
Cont?
Robert Davis
facecrap, instashit is going to send the same shit during an idle connection. You would use a combination of your account and the actual website for the delta. The only difference during the two sessions are the key and account details, but you probably could get the account name too.