Submit Search
Upload
Holland safenet livehack hid usb pineapple_cain_oph_with_video
ā¢
Download as PPTX, PDF
ā¢
0 likes
ā¢
793 views
R
robbuddingh
Follow
Life Hacking presentation Roy Gray, Safenet
Read less
Read more
Technology
Report
Share
Report
Share
1 of 36
Download now
Recommended
Home Automation Benchmarking Report
Home Automation Benchmarking Report
Synack
Ā
Configuring asa site to-site vp ns
Configuring asa site to-site vp ns
chiensy
Ā
All about routers
All about routers
agwanna
Ā
Ceh v5 module 21 cryptography
Ceh v5 module 21 cryptography
Vi TĆnh HoĆ ng Nam
Ā
Network Security
Network Security
DURYODHAN MAHAPATRA
Ā
Anton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
Anton Chuvakin
Ā
OWASP Cambridge Chapter Meeting 13/12/2016
OWASP Cambridge Chapter Meeting 13/12/2016
joebursell
Ā
Dror-Crazy_toaster
Dror-Crazy_toaster
guest66dc5f
Ā
Recommended
Home Automation Benchmarking Report
Home Automation Benchmarking Report
Synack
Ā
Configuring asa site to-site vp ns
Configuring asa site to-site vp ns
chiensy
Ā
All about routers
All about routers
agwanna
Ā
Ceh v5 module 21 cryptography
Ceh v5 module 21 cryptography
Vi TĆnh HoĆ ng Nam
Ā
Network Security
Network Security
DURYODHAN MAHAPATRA
Ā
Anton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
Anton Chuvakin
Ā
OWASP Cambridge Chapter Meeting 13/12/2016
OWASP Cambridge Chapter Meeting 13/12/2016
joebursell
Ā
Dror-Crazy_toaster
Dror-Crazy_toaster
guest66dc5f
Ā
[2.2] Hacking Internet of Things devices - Ivan Novikov
[2.2] Hacking Internet of Things devices - Ivan Novikov
OWASP Russia
Ā
Exploiting WiFi Security
Exploiting WiFi Security
Hariraj Rathod
Ā
Network Security fundamentals
Network Security fundamentals
Tariq kanher
Ā
Wireless security
Wireless security
Aurobindo Nayak
Ā
Reconnaissance & Scanning
Reconnaissance & Scanning
amiable_indian
Ā
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
APNIC
Ā
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networks
Mehrdad Jingoism
Ā
The Top 10/20 Internet Security Vulnerabilities ā A Primer
The Top 10/20 Internet Security Vulnerabilities ā A Primer
amiable_indian
Ā
Network security
Network security
syed mehdi raza
Ā
The state of wireless security
The state of wireless security
Filip Waeytens
Ā
ŠŃŠøŃŠøŃŠµŃŠŗŠø Š¾ŠæŠ°ŃŠ½ŃŠµ ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŠø Š² ŠæŠ¾ŠæŃŠ»ŃŃŠ½ŃŃ 3G- Šø 4G-Š¼Š¾Š“ŠµŠ¼Š°Ń ŠøŠ»Šø ŠŗŠ°Šŗ ŠæŠ¾ŃŃŃŠ¾ŠøŃŃ...
ŠŃŠøŃŠøŃŠµŃŠŗŠø Š¾ŠæŠ°ŃŠ½ŃŠµ ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŠø Š² ŠæŠ¾ŠæŃŠ»ŃŃŠ½ŃŃ 3G- Šø 4G-Š¼Š¾Š“ŠµŠ¼Š°Ń ŠøŠ»Šø ŠŗŠ°Šŗ ŠæŠ¾ŃŃŃŠ¾ŠøŃŃ...
Positive Hack Days
Ā
Bh fed-03-kaminsky
Bh fed-03-kaminsky
Dan Kaminsky
Ā
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky
Ā
Hack wifi password using kali linux
Hack wifi password using kali linux
Helder Oliveira
Ā
Internet census 2012
Internet census 2012
Giuliano Tavaroli
Ā
Aircrack
Aircrack
MuhammadHanzalah6
Ā
Open vpn feature_on_yealink_ip_phones_v80_60(1)
Open vpn feature_on_yealink_ip_phones_v80_60(1)
maunicmer
Ā
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
Ahmad Yar
Ā
An Approach to for Improving the Efficiency of IDS System Using Honeypot
An Approach to for Improving the Efficiency of IDS System Using Honeypot
Editor Jacotech
Ā
DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
Synack
Ā
Airheads dallas 2011 wireless security
Airheads dallas 2011 wireless security
Aruba, a Hewlett Packard Enterprise company
Ā
2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals
Aruba, a Hewlett Packard Enterprise company
Ā
More Related Content
What's hot
[2.2] Hacking Internet of Things devices - Ivan Novikov
[2.2] Hacking Internet of Things devices - Ivan Novikov
OWASP Russia
Ā
Exploiting WiFi Security
Exploiting WiFi Security
Hariraj Rathod
Ā
Network Security fundamentals
Network Security fundamentals
Tariq kanher
Ā
Wireless security
Wireless security
Aurobindo Nayak
Ā
Reconnaissance & Scanning
Reconnaissance & Scanning
amiable_indian
Ā
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
APNIC
Ā
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networks
Mehrdad Jingoism
Ā
The Top 10/20 Internet Security Vulnerabilities ā A Primer
The Top 10/20 Internet Security Vulnerabilities ā A Primer
amiable_indian
Ā
Network security
Network security
syed mehdi raza
Ā
The state of wireless security
The state of wireless security
Filip Waeytens
Ā
ŠŃŠøŃŠøŃŠµŃŠŗŠø Š¾ŠæŠ°ŃŠ½ŃŠµ ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŠø Š² ŠæŠ¾ŠæŃŠ»ŃŃŠ½ŃŃ 3G- Šø 4G-Š¼Š¾Š“ŠµŠ¼Š°Ń ŠøŠ»Šø ŠŗŠ°Šŗ ŠæŠ¾ŃŃŃŠ¾ŠøŃŃ...
ŠŃŠøŃŠøŃŠµŃŠŗŠø Š¾ŠæŠ°ŃŠ½ŃŠµ ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŠø Š² ŠæŠ¾ŠæŃŠ»ŃŃŠ½ŃŃ 3G- Šø 4G-Š¼Š¾Š“ŠµŠ¼Š°Ń ŠøŠ»Šø ŠŗŠ°Šŗ ŠæŠ¾ŃŃŃŠ¾ŠøŃŃ...
Positive Hack Days
Ā
Bh fed-03-kaminsky
Bh fed-03-kaminsky
Dan Kaminsky
Ā
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky
Ā
Hack wifi password using kali linux
Hack wifi password using kali linux
Helder Oliveira
Ā
Internet census 2012
Internet census 2012
Giuliano Tavaroli
Ā
Aircrack
Aircrack
MuhammadHanzalah6
Ā
Open vpn feature_on_yealink_ip_phones_v80_60(1)
Open vpn feature_on_yealink_ip_phones_v80_60(1)
maunicmer
Ā
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
Ahmad Yar
Ā
An Approach to for Improving the Efficiency of IDS System Using Honeypot
An Approach to for Improving the Efficiency of IDS System Using Honeypot
Editor Jacotech
Ā
What's hot
(19)
[2.2] Hacking Internet of Things devices - Ivan Novikov
[2.2] Hacking Internet of Things devices - Ivan Novikov
Ā
Exploiting WiFi Security
Exploiting WiFi Security
Ā
Network Security fundamentals
Network Security fundamentals
Ā
Wireless security
Wireless security
Ā
Reconnaissance & Scanning
Reconnaissance & Scanning
Ā
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
Ā
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networks
Ā
The Top 10/20 Internet Security Vulnerabilities ā A Primer
The Top 10/20 Internet Security Vulnerabilities ā A Primer
Ā
Network security
Network security
Ā
The state of wireless security
The state of wireless security
Ā
ŠŃŠøŃŠøŃŠµŃŠŗŠø Š¾ŠæŠ°ŃŠ½ŃŠµ ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŠø Š² ŠæŠ¾ŠæŃŠ»ŃŃŠ½ŃŃ 3G- Šø 4G-Š¼Š¾Š“ŠµŠ¼Š°Ń ŠøŠ»Šø ŠŗŠ°Šŗ ŠæŠ¾ŃŃŃŠ¾ŠøŃŃ...
ŠŃŠøŃŠøŃŠµŃŠŗŠø Š¾ŠæŠ°ŃŠ½ŃŠµ ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŠø Š² ŠæŠ¾ŠæŃŠ»ŃŃŠ½ŃŃ 3G- Šø 4G-Š¼Š¾Š“ŠµŠ¼Š°Ń ŠøŠ»Šø ŠŗŠ°Šŗ ŠæŠ¾ŃŃŃŠ¾ŠøŃŃ...
Ā
Bh fed-03-kaminsky
Bh fed-03-kaminsky
Ā
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Ā
Hack wifi password using kali linux
Hack wifi password using kali linux
Ā
Internet census 2012
Internet census 2012
Ā
Aircrack
Aircrack
Ā
Open vpn feature_on_yealink_ip_phones_v80_60(1)
Open vpn feature_on_yealink_ip_phones_v80_60(1)
Ā
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
Ā
An Approach to for Improving the Efficiency of IDS System Using Honeypot
An Approach to for Improving the Efficiency of IDS System Using Honeypot
Ā
Similar to Holland safenet livehack hid usb pineapple_cain_oph_with_video
DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
Synack
Ā
Airheads dallas 2011 wireless security
Airheads dallas 2011 wireless security
Aruba, a Hewlett Packard Enterprise company
Ā
2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals
Aruba, a Hewlett Packard Enterprise company
Ā
Security Handbook
Security Handbook
Anthony Hasse
Ā
Cisco Connect Halifax 2018 Anatomy of attack
Cisco Connect Halifax 2018 Anatomy of attack
Cisco Canada
Ā
Firewall
Firewall
Angga Racing
Ā
10 Wireless Home Network Security Tips
10 Wireless Home Network Security Tips
PECB
Ā
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
Ernest Staats
Ā
Comptia Security+ Exam Notes
Comptia Security+ Exam Notes
Vijayanand Yadla
Ā
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutions
Nick Owen
Ā
Sectools
Sectools
securedome
Ā
aaa
aaa
hungnhatban
Ā
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
inventy
Ā
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
SolarWinds
Ā
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
Michele Chubirka
Ā
voip_en
voip_en
Pierpaolo Palazzoli
Ā
A modern approach to safeguarding your ICS and SCADA systems
A modern approach to safeguarding your ICS and SCADA systems
Alane Moran
Ā
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Aruba, a Hewlett Packard Enterprise company
Ā
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEP
Joe McCray
Ā
Wireless hacking
Wireless hacking
arushi bhatnagar
Ā
Similar to Holland safenet livehack hid usb pineapple_cain_oph_with_video
(20)
DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
Ā
Airheads dallas 2011 wireless security
Airheads dallas 2011 wireless security
Ā
2012 ah vegas wlan security fundamentals
2012 ah vegas wlan security fundamentals
Ā
Security Handbook
Security Handbook
Ā
Cisco Connect Halifax 2018 Anatomy of attack
Cisco Connect Halifax 2018 Anatomy of attack
Ā
Firewall
Firewall
Ā
10 Wireless Home Network Security Tips
10 Wireless Home Network Security Tips
Ā
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
Ā
Comptia Security+ Exam Notes
Comptia Security+ Exam Notes
Ā
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutions
Ā
Sectools
Sectools
Ā
aaa
aaa
Ā
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
Ā
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
Ā
Ending the Tyranny of Expensive Security Tools
Ending the Tyranny of Expensive Security Tools
Ā
voip_en
voip_en
Ā
A modern approach to safeguarding your ICS and SCADA systems
A modern approach to safeguarding your ICS and SCADA systems
Ā
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Ā
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEP
Ā
Wireless hacking
Wireless hacking
Ā
Recently uploaded
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
The Digital Insurer
Ā
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
Ā
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
Ā
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
Ā
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
Ā
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
johnbeverley2021
Ā
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
Ā
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
MadyBayot
Ā
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
Ā
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
Ā
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Remote DBA Services
Ā
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Ā
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
Ā
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Zilliz
Ā
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
Ā
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
Ā
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
Ā
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
Ā
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
Ā
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vƔzquez
Ā
Recently uploaded
(20)
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
Ā
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
Ā
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Ā
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Ā
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Ā
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
Ā
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Ā
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
Ā
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
Ā
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
Ā
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Ā
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Ā
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Ā
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Ā
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Ā
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Ā
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Ā
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Ā
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Ā
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Ā
Holland safenet livehack hid usb pineapple_cain_oph_with_video
1.
Insert Your Name Insert
Your Title Insert Date New World ā New Security BYODā¦. & some cool h@ck1ng gadgets / toolsā¦. Roy Gray CISSP-CCIE-CCNA-CEH-CHFI roy.gray@safenet-inc.com Ā© SafeNet Confidential and Proprietary
2.
2Ā© SafeNet Confidential
and Proprietary Who We Are Trusted to protect the worldās most sensitive data for the worldās most trusted brands. We protect the most money that moves in the world, $1 trillion daily. We protect the most digital identities in the world. We protect the most classified information in the world. FOUNDED 1983 REVENUE ~500m EMPLOYEES +1,500 In 25 countries OWENERSHIP Private GLOBAL FOOTPRINT +25,000 Customers in 100 countries ACCREDITED Products certified to the highest security standard
3.
3Ā© SafeNet Confidential
and Proprietary -Disclaimer -Local Laws -USB HID Device -Cool Wi-Fi story -Wi-Fi MITM Experimentā¦.Want to take part? -Example ācrackingā sites -Cain & Able ARP MITMA -Cain & Able Brute Force -Cain & Able R$A Calculator -OPH Rainbow tables
4.
4Ā© SafeNet Confidential
and Proprietary Legal Disclaimer Hacking without permission may result in a prison sentence ā do not try any of these techniques at home *See Hacking Lawās from CEH* Do send me a postcard though and tell me which one you used!
5.
5Ā© SafeNet Confidential
and Proprietary
6.
6Ā© SafeNet Confidential
and Proprietary +
7.
USB HID- Scripting
101 7Ā© SafeNet Confidential and Proprietary As Storage As Keyboard
8.
8Ā© SafeNet Confidential
and Proprietary Script Encode Payload USB HID- Keyboard Scripting For Fun
9.
9Ā© SafeNet Confidential
and Proprietary USB HID- Keyboard Scripting Not For Fun Script Encode Payload
10.
10Ā© SafeNet Confidential
and Proprietary USB HID- Keyboard Scripting Not For Fun
11.
11Ā© SafeNet Confidential
and Proprietary Imagine you are Chuck, a Wi-Fi penetration tester at ACME Corp., sitting at the cafeteria. Busy office workers that BYOD, are eating, socializing and using the Internet from their laptops, smartphones and tablets. Alice is sitting across from you pulling a tablet from her purse. She intends to connect to the wireless, and surf during lunch. The tablet, waking up, transmits Wi-Fi probe requests looking for preferred networks.
12.
12Ā© SafeNet Confidential
and Proprietary Since Alice has connected to ACME Corp. wireless from her tablet in the past it remembers the network name (SSID) and looks for it periodically in this fashion. If the network is within range it will receive a probe response to its probe request. The probe responses provides Aliceās tablet with the necessary information it needs to associate with ACME Corp. network. Since this process happens automatically for every network Alice frequently connects to, both on her tablet and laptop she isnāt inconvenienced by choice when getting online at the office, home, cafes or even airplanes! Probe responses Probe requests
13.
13Ā© SafeNet Confidential
and Proprietary Chuck (thatās you!) has a Wi-Fi Pen testing device in his bag. The device is constantly listening for probes requests. When it hears the probe request for the ACME Corp. network from Aliceās tablet it responds with an appropriately crafted probe response. This informs Aliceās tablet that the device is in fact the ACME Corp. wireless network. Of course this is a lie that Aliceās tablet will believe. This simple yet effective lie is responsible for the deviceās code name āJasagerā āGerman for āThe Yes Sayerā or āThe Yes Manā.
14.
14Ā© SafeNet Confidential
and Proprietary Once Aliceās tablet receives the probe response from Chuckās device they begin the process of associating, and within moments her tablet has obtained an IP address this the Pen test deviceās DHCP server. The Pen test deviceās DHCP server provides Aliceās tablet with not only an IP address, but DNS and routing information necessary to get her online. Chuck has the Pen test device ādialled-upā to the internet via a pre -configured USB Modem, the default gateway used by Aliceās tablet will be the IP of the Pen test device. Probe responses Probe requests
15.
15Ā© SafeNet Confidential
and Proprietary Now that Chuckās internet enabled device has made friends with Aliceās tablet she is free to browse the web and Chuck is free to eavesdrop and even change the web she sees. Using man in the middle tools, Chuck is able to watch what web sites Alice visits (url snarf). Since Chuck is particularly mischievous he prefers to change what servers Alice connects to when looking up a website (dns spoof)āthus replacing would be kitten videos with ones of puppies. Oh the horrors!...
16.
16Ā© SafeNet Confidential
and Proprietary Chuck is even capable of saving Aliceās browsing sessions to disk for later analysis (tcpdump), intercept secure communications (sslstrip), or inject malicious code on to websites (ettercap-ng). Alternatively if Chuck chooses not to provide internet access at all the device will still be an effective wireless auditing tool. By enabling DNS spoof Chuck is able to redirect Aliceās browsing session from legitimate websites to the deviceās built in web server, which may host a number of phishing sites, password harvesting or malware.
17.
17Ā© SafeNet Confidential
and Proprietary Since Chuck canāt stay at the ACME Corp. cafeteria all day, he considers leaving his device on site. The device is concealed in a case with a battery pack, hidden in plain sight.
18.
18Ā© SafeNet Confidential
and Proprietary In this case Chuck is able to remotely manage the device a few ways. If no internet access is being provided Chuck must be within range of the device wireless network in order to connect to the management SSID. If internet access is provided, Chuck can configure a persistent SSH tunnel. With an SSH or VPN tunnel enabled, internet traffic from the device connected client routes through the tunnel endpoint ā typically a virtual private server. From this VPS Chuck may also extend the man in the middle attack.
19.
19Ā© SafeNet Confidential
and Proprietary www Probe requests Proberequests
20.
20 Wi-Fi MITM Experiment
: mk4 karma, urlsnarf, dns spoof , facebook/twitter phishing phishing site
21.
21 Cell phone tracking
deviceā¦.send picā¦see gps,txt,calls,emailā¦.
22.
22Ā© SafeNet Confidential
and Proprietary Hacking Gadgetsā¦..who needs themā¦.when..
23.
23Ā© SafeNet Confidential
and Proprietary Hacking Gadgetsā¦..who needs themā¦.when..
24.
24Ā© SafeNet Confidential
and Proprietary Hacking Gadgetsā¦..who needs themā¦.when..
25.
25Ā© SafeNet Confidential
and Proprietary The Weapons ā Hands On Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by: -Sniffing the network -Cracking encrypted passwords using Dictionary -Brute-Force and Cryptanalysis attacks -Recording VoIP conversations -Decoding scrambled passwords -Recovering wireless network keys -Revealing password boxes -Uncovering cached passwords -Analyzing routing protocolsā¦.and more.
26.
26Ā© SafeNet Confidential
and Proprietary Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also includes routing protocols authentication monitors & routes extractors, dictionary & brute-force crackers for all common hashing algorithms & for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders & some not so common utilities related to network and system security. The Weapons ā Hands On
27.
27Ā© SafeNet Confidential
and Proprietary -Added support for Windows 2008 Terminal Server in APR-RDP sniffer filter. - Added Abel64.exe and Abel64.dll to support hashes extraction on x64 OS. - Added x64 operating systems support in NTLM hashes Dumper, MS-CACHE hashes Dumper, LSA Secrets Dumper, Wireless Password Decoder, Credential Manager Password Decoder, DialUp Password Decoder. - Added Windows Live Mail (Windows 7) Password Decoder for POP3, IMAP, NNTP, SMTP and LDAP accounts. - Fixed a bug of RSA SecurID Calculator within XML import function. - Fixed a bug in all APR-SSL based sniffer filters to avoid 100% CPU utilization while forwarding data. - Executables rebuilt with Visual Studio 2008. **Be very aware of versions with screenscrape / backdoors, not downloaded from the correct source. The Weapons ā Hands On
28.
28Ā© SafeNet Confidential
and Proprietary ARP Poison Select interface - Scan for hosts - Poison ARP Table - Look for PWās Brute Force R$A Calculatorā¦and more Lets take it for a āTest Driveā Industry Example: The Weapons ā Hands On
29.
29Ā© SafeNet Confidential
and Proprietary Ophcrack is an open source (GPL licensed) program that cracks Windows passwords by using LM hashes through rainbow tables. The program includes the ability to import the hashes from a variety of formats, including dumping directly from the SAM files of Windows. It is claimed that these tables can crack 99.9% of alphanumeric passwords of up to 14 characters in usually a few minutes. A rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function. A common application is to make attacks against hashed passwords feasible. The Weapons ā Hands On
30.
30Ā© SafeNet Confidential
and Proprietary XP Rainbow Tables Example: The Weapons ā Hands On
31.
31Ā© SafeNet Confidential
and Proprietary Vista / Win 7 Rainbow Tables Example: The Weapons ā Hands On
32.
32Ā© SafeNet Confidential
and Proprietary Example using a XP VM Length = 14 Predefined Charset : Base64 = Decimal + Lowercase + Uppercase + Special Characters < 4min CRACKED! The Weapons ā Hands On
33.
33Ā© SafeNet Confidential
and Proprietary Lets take it for a āTest Driveā In Under 4min The Weapons ā Hands On
34.
34Ā© SafeNet Confidential
and Proprietary CAIN vs OPHCRACK The Weapons ā Hands On
35.
35Ā© SafeNet Confidential
and Proprietary CAIN vs OPHCRACK The Weapons ā Hands On
36.
36Ā© SafeNet Confidential
and Proprietary
Download now