Ways To Use Public Wi-Fi to Hack Identity (In Hindi)

-

 


पहचान हैक करने के लिए सार्वजनिक वाई-फाई का उपयोग करने के तरीके


1. मैन-इन-द-मिडिल अटैक


तकनीकी शब्द, मैन-इन-द-मिडिल (एमआईटीएम) एक ऐसा हमला है जिसके तहत कोई तीसरा पक्ष दो प्रतिभागियों के बीच संचार को रोकता है। डेटा को सीधे सर्वर और क्लाइंट के बीच साझा करने के बजाय, वह लिंक किसी अन्य तत्व द्वारा तोड़ दिया जाता है। फिर बिन बुलाए अपहर्ता आपके सामने प्रदर्शित करने के लिए साइट का अपना संस्करण प्रस्तुत करता है, जिसमें अपने स्वयं के संदेश भी शामिल होते हैं।


सार्वजनिक वाई-फाई का उपयोग करने वाला कोई भी व्यक्ति विशेष रूप से एमआईटीएम हमले के प्रति संवेदनशील है। चूँकि प्रेषित सूचना आम तौर पर अनएन्क्रिप्टेड होती है, यह केवल हॉटस्पॉट ही सार्वजनिक नहीं है बल्कि आपका डेटा भी सार्वजनिक है। आप अपना विवरण भी चिल्लाकर बता सकते हैं। एक समझौता किया गया राउटर अपेक्षाकृत आसानी से बहुत सारी व्यक्तिगत सामग्री को खाली कर सकता है: उदाहरण के लिए, केवल आपके ईमेल में प्रवेश करने से हैकर्स को आपके उपयोगकर्ता नाम, पासवर्ड और निजी संदेशों तक पहुंच मिल जाती है।


2. नकली वाई-फाई कनेक्शन


एमआईटीएम हमले के इस संस्करण को "ईविल ट्विन" के रूप में भी जाना जाता है। यह तकनीक ट्रांज़िट में आपके डेटा को इंटरसेप्ट करती है, लेकिन सार्वजनिक वाई-फ़ाई हॉटस्पॉट की किसी भी सुरक्षा प्रणाली को बायपास कर देती है। दुर्भावनापूर्ण राउटर से कनेक्ट होने के कारण हुई समस्या. उस स्थिति में, उपयोगकर्ताओं को एक एलियन में एकीकृत किया गया था

खुफिया विभाग ने माना कि इसकी संभावना नहीं है। लेकिन वास्तव में, पीड़ित अपनी सारी निजी जानकारी केवल इसलिए सौंप सकते हैं क्योंकि उन्हें गलत नेटवर्क में शामिल होने के लिए धोखा दिया गया था।


नकली एक्सेस प्वाइंट (एपी) स्थापित करना काफी आसान है, और साइबर अपराधियों के लिए यह प्रयास के लायक है। वे वास्तविक हॉटस्पॉट के समान नाम से एपी सेट करने के लिए स्मार्टफोन सहित इंटरनेट क्षमताओं वाले किसी भी उपकरण का उपयोग कर सकते हैं। नकली नेटवर्क से जुड़ने के बाद भेजा गया कोई भी प्रसारित डेटा हैकर के माध्यम से चला जाता है।


3. पैकेट सूँघना


यह एक मनोरंजक नाम है, लेकिन "पैकेट सूंघने" का वास्तविक अभ्यास हंसी की बात नहीं है। यह विधि एक हैकर को हवाई जानकारी प्राप्त करने और फिर अपनी गति से उसका विश्लेषण करने में सक्षम बनाती है। एक उपकरण एक अनएन्क्रिप्टेड नेटवर्क पर एक डेटा पैकेट प्रसारित करता है, जिसे वायरशार्क जैसे मुफ्त सॉफ्टवेयर द्वारा पढ़ा जा सकता है। यह सही है: यह मुफ़्त है। ऑनलाइन देखें और आपको "कैसे करें" मार्गदर्शिकाएँ भी दिखाई देंगी, जो आपको वायरशार्क का उपयोग करना सिखाएंगी। क्यों? क्योंकि यह वेब ट्रैफ़िक का विश्लेषण करने के लिए एक उपयोगी उपकरण है, जिसमें विडंबनापूर्ण रूप से पर्याप्त, साइबर अपराधियों और कमजोरियों को ढूंढना शामिल है जिन्हें पैचिंग की आवश्यकता है।


4. सत्र अपहरण


साइडजैकिंग पैकेट सूँघकर जानकारी प्राप्त करने पर निर्भर करती है। हालाँकि, उस डेटा को पूर्वव्यापी रूप से उपयोग करने के बजाय, एक हैकर इसे ऑन-लोकेशन पर उपयोग करता है। इससे भी बुरी बात यह है कि यह एन्क्रिप्शन की कुछ डिग्री को बायपास कर देता है! लॉग-इन विवरण आम तौर पर एक एन्क्रिप्टेड नेटवर्क के माध्यम से भेजे जाते हैं (उम्मीद है) और वेबसाइट द्वारा रखी गई खाता जानकारी का उपयोग करके सत्यापित किया जाता है। यह तो

आपके डिवाइस पर भेजी गई कुकीज़ का उपयोग करके प्रतिक्रिया देता है। लेकिन उत्तरार्द्ध हमेशा एन्क्रिप्टेड नहीं होता है, एक हैकर आपके सत्र को हाईजैक कर सकता है और आपके द्वारा लॉग इन किए गए किसी भी निजी खाते तक पहुंच प्राप्त कर सकता है।


5. शोल्डर-सर्फिंग


जब भी एटीएम का उपयोग करें, तो आपको अपने आस-पास के लोगों की जांच करनी चाहिए, यह सुनिश्चित करना चाहिए कि जब आप अपना पिन दर्ज कर रहे हों तो कोई उसे ताक-झांक न कर रहा हो। जब सार्वजनिक वाई-फाई की बात आती है तो यह भी एक खतरा है। जब आप निजी दौरे पर जा रहे हों तो यदि एक या अधिक व्यक्ति आसपास मंडरा रहे हों। साइटें, संदिग्ध रहें। पासवर्ड जैसी कोई भी व्यक्तिगत चीज़ सबमिट न करें. यह एक बहुत ही बुनियादी घोटाला है, लेकिन निश्चित रूप से यह अभी भी हसलर और हैकर्स के लिए काम करता है।




Ways To Use Public Wi-Fi to Hack Identity


1. Man-in-the-Middle Attacks


The technological term, man-in-the-middle (MITM) is an attack whereby a third party intercepts communications between two participants. Instead of data being shared directly between server and client, that link is broken by another element. The uninvited hijacker then presents their own version of a site to display to you, adding in their own messages.


Anyone using public Wi-Fi is especially vulnerable to an MITM attack. Because the information transmitted is generally unencrypted, it's not just the hotspot that's public it's your data too. You might as well shout out your details. A compromised router can vacuum up a lot of personal material relatively simply: just getting into your emails, for instance, gives hackers access to your usernames, passwords, and private messages.


2. Fake Wi-Fi Connections


This variation of an MITM attack is also known as the "Evil Twin". The technique intercepts your data in transit, but bypasses any security systems a public Wi-Fi hotspot might have. The trouble caused by connecting to a malicious router. In that case, users were integrated into an alien

intelligence admittedly unlikely. But in reality, victims could be handing over all their private information, merely because they were tricked into joining the wrong network.


It's fairly easy to set up a fake access point (AP), and is well worth the effort for cybercriminals. They can use any device with internet capabilities, including a smartphone, to set up an AP with the same name as a genuine hotspot. Any transmitted data sent after joining a fake network goes via a hacker.


3. Packet Sniffing


It's an amusing name, but the actual practice of "packet sniffing" is far from a laughing matter. This method enables a hacker to acquire airborne information then analyze it at their own speed. A device transmits a data packet across an unencrypted network, which can then be read by free software like Wireshark. That's right: it's free. Look online and you'll even see "how to" guides, teaching you how to use Wireshark. Why? Because it's a handy tool for analyzing web traffic, including, ironically enough, finding cybercriminals and vulnerabilities that need patching.


4. Session Hijacking


Sidejacking relies on obtaining information via packet sniffing. Instead of using that data retroactively, however, a hacker uses it on-location. Even worse, it bypasses some degrees of encryption! Log-in details are typically sent through an encrypted network (hopefully) and verified using the account information held by the website. This then

responds using cookies sent to your device. But the latter isn't always encrypted a hacker can hijack your session and can gain access to any private accounts you're logged into.


5. Shoulder-Surfing


Whenever using an ATM, you should check those around you, making sure no one's peeking as you enter your PIN. It's also a danger when it comes to public Wi-Fi. If one or more individuals are hovering around when you're visiting private. sites, stay suspicious. Don't submit anything personal like a password. It's a very basic scam, but one that certainly still works for hustlers and hackers.

👇👇👇👇👇👇👇👇👇👇👇👇👇👇

Wireless network technology is widely used but at the same time, it has many security weaknesses. Several reports have explained weaknesses in the Wired Equivalent Privacy (WEP) & Wi-Fi Protected Setup (WPS) to encrypt wireless data. Before understanding the benefits of Wireless Network Assessment it is necessary to know what it is, why it is needed, how the service works and what you get from the service.

Let’s understand what is known as wireless assessment

Wireless Assessment is an analysis of the current wireless installation that looks at the specific environmental, architectural, and configuration factors that impact the performance and functionality of the system.

In Wireless Assessment following items are considered:

The Wireless Assessment provides tactical analysis and strategic assessment of the risks of your wireless implementations. Security Consultants utilize the same techniques the hackers use and provide a realistic view of your susceptibility to network attacks. It helps in determining if the systems, data, and wireless users are being protected. Further, it also improves Wireless Network Security and mitigates possible threats. Wireless Assessment or Wi-Fi hacking involves different attacks like weak encryption, evil twin attacks, Deauth attacks, etc.

Why is the Wireless Assessment essential?

The Wireless Assessment is necessary because it uncovers specific configurations or components that are affecting the performance of the system. It provides insight into the system and highlights weaknesses or gaps that require remediation to improve the overall health of the system.

Wireless Encryption Types:

  • WEP (Wired Equivalent Privacy)
  • WPS (WiFi Protected Setup)
  • WPA (WiFi Protected Access)
  • WPA2 (WiFi Protected Access v2)
  • WPA3 (WiFi Protected Access v3)

 a) Wired Equivalent Privacy (WEP)

The main issue with WEP is that while sending data from our computer, it only utilises one static key. When WEP first appeared, this wasn’t a problem, but over time, hackers were able to decipher the secret code hidden in the keys. As a result, if a hacker obtains the key to your Wi-Fi connectivity, they can decrypt the data you’re sending and read it. Of course, a hacker can’t just apply a key and hope for the best, our computer can choose from a variety of WEP keys. Hackers can, however, observe patterns in the encryption and keep an eye on the packets. They then determine which key matches the profile and decipher the code.

b) Wi-Fi Protected Setup (WPS)

WPS is a built-in feature of many routers that makes it easier to connect Wi-Fi-enabled devices to a secure wireless network. This information is provided to help connect your TV or other supported home video products to a wireless network using WPS. A router with WPS enabled is at a risk of getting hacked. A successful attack on your router’s WPS function will reveal your network password in a matter of hours – regardless of how strong that password is. Again, there is no point in putting a strong password on a weak network.

c) Wi-Fi Protected Access (WPA)

WPA improves upon the security feature of WEP by using Extensible Authentication Protocol (EAP) to secure network access and Temporal Key Integrity Protocol (TKIP) encryption method to secure data transmissions. Temporary Key Integrity Protocol (TKIP), a 128-bit dynamic key that makes WPA distinct and difficult to crack, is what gives it its security. Because it was designed for WEP-enabled devices, WPA’s main components were much the same as those of WEP, which was one obvious drawback.

d) Wi-Fi Protected Access Version 2 (WPA2)

Only users with your network password can access the data broadcast or received over your wireless network thanks to WPA2. The Advanced Encryption Technology (AES), which replaced the more exposed TKIP system used in the original WPA protocol, was one advantage of the WPA2 system.

e) Wi-Fi Protected Access Version 3 (WPA3)

The newest security encryption, the WPA3 Protocol, is rising in popularity. WPA3 provides excellent security and hinders illegal access. This degree of security is impenetrable to unauthenticated or unauthorised users. Due to its automatic encryption, WPA3 is the preferred security protocol for public networks.Further, WPA3 security uses GCMP-256 encryption, which is way better than previously used 128-bit encryption.

Types of wireless attacks.

  • Fake authentication Attack
  • Deauthentication Attack
  • Hirte Attack
  • Fragmentation Attack
  • Chop-Chop Attack
  • Evil twin Attack

a) Fake Authentication Attack

In Fake Authentication attacks, attacker tries to authenticate to the access points in the disguise of an authenticated client. Fake authentication attacks work with conjunction to deauthentication attack.

b) De-authentication Attack

A Wi-Fi De-authentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point. De-authentication attacks represent fraudulent requests that interfere with the communication between routers and devices. The strategy attacks 802.11-based wireless networks, as they require De-authentication frames whenever users terminate connections.

c) Hirte Attacks

Hirte is a form of assault that aims to crack the WEP key of wi-fi networks that aren’t available however the client device (laptop, mobile, etc.) is withinside the vicinity of the attacker. This can be accomplished due to the fact the WEP key and the configuration info are nevertheless saved in the wi-fi device.

d) Fragmentation Attacks

A Fragmentation attack does one of the two things: It captures visitors passing via unsecured networks, mimics it, and then impersonates servers. It injects the community visitors with malicious plaintext frames that resemble handshake messages.

e) Chop-Chop Attack

It targets the WEP encrypted Wi-Fi Network. This attack determines the pre-shared key (PSK) through trial and error, rather than mathematically or cryptographically. The WEP key or WPA/WPA2 pre-shared key/passphrase is not the same as the password for the access point. The WEP key or WPA/WPA2 pre-shared key/passphrase allows printers and computers to join your wireless network.

f) Evil Twin Attack

An evil twin attack is a spoofing cyber-attack that works by tricking users into connecting to a fake Wi-Fi access point that mimics a legitimate network.

What is the expected outcome of the Wireless Assessment?

Post conducting the Wireless Assessment, the assessment engineer and your account executive will deliver a detailed report comprising the data gathered during the engagement. The Wireless Assessment report includes an overall summary of the assessment and its findings.  The Wireless Assessment report provides a list of findings that the assessment engineer found concerning the wireless system.

These findings are analyzed individually and prioritized to specifically address concerns. The Wireless Assessment report provides a list of recommendations for remediating the items that were of concern from the findings section of the report. The recommendations are very specific about what changes are needed, why they are needed, and how they will improve the performance of the system.

Protecting Wireless Networks – Best Practices

 a) Update router firmware

It is recommended to update the firmware of the router whenever an update is released. Updating the firmware will minimize the risk of getting hacked as it will remove most of the vulnerabilities.

 b) Make use of Strong Passwords

A strong password is at least eight characters long and includes a mix of upper- and lower-case letters, numbers, and symbols. It is recommended to change the passwords frequently.

 c) Using MAC Filtering

By allowing only devices with specific MAC addresses to connect to the network, you can prevent unauthorized access. MAC filtering can be implemented by accessing the wireless router’s configuration page and adding the MAC addresses of devices that are allowed to connect to the network.

 d) Enable WPA3 Security

It is recommended to make use of WPA3 encryption as it provides stronger protection than WPA2

Comments

Post a Comment

Popular posts from this blog

Increase Apk v_1.0.0 ( Increase Followers And Subscribers)

-
Image
               Version 1.0.0 Increase followers Increases view Increase like Increase subscriber How To Use Increase Instagram followers and subscribers download Increase apk and Increase like shear ucbscriber follow anythings all social media accounts Instagram Facbook Twitter YouTube telegram 1.download app and install 2.shwo warning click more and click Install Anyway 3.submit gmail user name password and Create Acount    4.Login Your Acoount Create Order 5.get Oeder Select Cotegry         6.View Ammount And Select Amunts Cotegry all Cotegry Avilevel     7. Click Order And Incresh Your Follower        Download Increase Apk 1.0.0 Any Problam Comments me Get supports
Read more

Increase Instagram Followers Without Login

-
Image
  Increase Folloers Increase like Increase comments Increase View All In One Wepsite 👇👇👇👇👇👇👇👇👇👇👇👇👇👇 Increase Followers Wepsite 👇👇👇👇👇👇👇👇👇 Email Username Password Create account Already have an account? Sign in Download Increase Apk All services → 👇👇👇👇👇👇 All categories Instagram Bots Followers [No Refill] Instagram Followers (No Refill) Instagram Followers (Refill) Instagram Followers [Auto Refill] Real Ads Method Instagram Followers Instagram [NFT Followers Real Ads] 🆕 Instagram Engaging Followers Instagram Followers [Big Packages] Instagram Followers/Likes [365 Days Refill] Instagram Indian Followers/Likes/Comments🇮🇳 Instagram Usa Followers/Likes 🇺🇸 Instagram Arab Services [Followers/Likes/Comments]🇦🇪 Instagram Russian Services 🇷🇺 Instagram Followers [Targeted] Instagram Brazil Followers 🇧🇷 Instagram Brazil Followers [Targeted By States]🇧🇷 Instagram Japan Services 🇯🇵 Instagram Female Likes [Real] Instagram Likes [Non Drop] Instagram Real Like
Read more

SaveFrom helper 2.3.12. Apk

-
Image
  Version 2.3.12 Video downloder YouTuve video Download Instagram Video Download Twitter Video Download Wepsite Savefromnet How to Use Download Savfrom helper Apk Savefrom.net   Install For webmasters Help Online Video Downloader Download By using our service you accept our  Terms of Service  and  Privacy Policy How to download? Watch the tutorial Scanned by Norton TM  Safe Web Download videos from the most popular websites without visiting SaveFrom.net Download a video using SaveFrom.net helper Note: Click on the website name to see how to download & save files from there. facebook.com instagram.com youtube.com twitter.com All resources dailymotion.com vimeo.com vk.com odnoklassniki.ru soundcloud.com tiktok.com reddit.com How to use? Video Downloader by SaveFrom.Net is an excellent service that helps to download online videos or music quickly and free of charge. Don't need to install other software or look for an online service for video download anymore. Here is SaveFrom! It
Read more