1
00:00:01,740 --> 00:00:08,730
Now, as with any penetration test, we need to do discovery in order to determine our target wireless

2
00:00:08,730 --> 00:00:09,330
network.

3
00:00:10,340 --> 00:00:16,740
We must also make sure that we're not targeting a network that we are not authorized to test.

4
00:00:17,570 --> 00:00:18,070
All right.

5
00:00:18,110 --> 00:00:20,180
That's as opposed to having a network connection.

6
00:00:21,110 --> 00:00:27,710
So it becomes a major problem when discussing wireless penetration testing, as you'll often find several

7
00:00:27,710 --> 00:00:31,430
wireless networks mixed with one target network.

8
00:00:32,180 --> 00:00:38,300
So it's especially true in situations where the target organization and its associated networks are

9
00:00:38,300 --> 00:00:40,790
located in an office building.

10
00:00:40,790 --> 00:00:45,920
Or what do you call those things, the office office park or compounder?

11
00:00:45,950 --> 00:00:47,180
Well, you know what I'm talking about.

12
00:00:48,500 --> 00:00:49,400
Better cap.

13
00:00:50,790 --> 00:00:58,860
So better cap is a powerful, easily extensible, easy to use and all in one solution with all the features

14
00:00:58,920 --> 00:01:05,310
that might possibly be needed for performing reconnaissance and attacking Wi-Fi networks.

15
00:01:06,390 --> 00:01:10,440
I'm also going to use better cap in the WPA cracking section.

16
00:01:11,430 --> 00:01:16,110
But in this section, we're just going to start the reconnaissance feature of Better Cap.

17
00:01:17,090 --> 00:01:19,280
So why don't we go ahead and install it?

18
00:01:20,670 --> 00:01:28,050
So first, go to Calli, open the terminal screen and switch the user to route with a command pseudo

19
00:01:28,050 --> 00:01:31,050
space you space dash.

20
00:01:32,930 --> 00:01:36,290
Then I'll run and install better cap.

21
00:01:43,390 --> 00:01:45,940
And what do you think it's that easy to install?

22
00:01:47,550 --> 00:01:49,020
OK, so let's run Betacam.

23
00:01:50,070 --> 00:01:58,020
And there's no problem, it's working properly, but we do need to give access to better care in order

24
00:01:58,020 --> 00:02:00,030
to monitor all the network traffic.

25
00:02:01,680 --> 00:02:08,620
So first of all, don't forget to set the Wi-Fi adapter to monitor mode with the airmen and start W

26
00:02:08,700 --> 00:02:09,960
Land Zero command.

27
00:02:11,800 --> 00:02:15,490
All right, so now we can monitor the Wi-Fi network traffic.

28
00:02:16,820 --> 00:02:20,780
Now, run better cap dashi, face w land zero, man.

29
00:02:22,020 --> 00:02:23,700
Type helped wi fi.

30
00:02:25,300 --> 00:02:31,300
And what you see here is that we are using a Wi-Fi module that is one of the modules in better cap and

31
00:02:31,630 --> 00:02:39,400
there are lots of parameters to perform various Wi-Fi attacks, such as Wi-Fi, reconnaissance, defecation

32
00:02:39,400 --> 00:02:46,390
attacks and creating fake access points of its type Wi-Fi recon on.

33
00:02:48,120 --> 00:02:55,820
So better cab starts to lift devices and access points with SS ID names, Mac addresses, signal powers.

34
00:02:56,550 --> 00:02:58,590
It also shows probe packets.

35
00:03:00,100 --> 00:03:07,680
So if we type wi fi dot show as a parameter, we can see the detected devices on a table.

36
00:03:09,560 --> 00:03:15,470
Now, in this table, we'll also learn the encryption standard channel, the client number connected

37
00:03:15,470 --> 00:03:21,440
to the device, the size of the packet sent and received, as well as the same time.

38
00:03:23,490 --> 00:03:30,120
Cool, so after displaying this table, better Cap continues to discover new clients until we type,

39
00:03:30,480 --> 00:03:33,270
we find out Rickon bought off.