Ygoltsev dcg 21_08_wifiineapple

539 views

Published on

Ygoltsev dcg 21_08_wifiineapple

Published in: Travel, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
539
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ygoltsev dcg 21_08_wifiineapple

  1. 1. Автономный сетевой шпион.WiFi Pineapple usage in the wild 21/08/2012 DCG #7812 г. Санкт-Петербург by @ygoltsev @d0znpp @d_olex
  2. 2. Few words about myself Security expert/Penetration testing team Community memberPHDays g00n Editor Defcon Russia (DCG #7812) 2
  3. 3. WiFi Pineapple byhttp://cloud.wifipineapple.com/ Defcon Russia (DCG #7812) 3
  4. 4. Functionality• Stealth Access Point for Man-in-the-Middle attacks• Mobile Broadband connectivity (3g/4g via USB)• Manage from afar with persistent SSH tunnels and meterpreter• Relay or Deauth attack with auxiliary WiFi adapter• Web-based management simplify MITM attacks• Easily concealed and battery powered• Expandable with community modules Defcon Russia (DCG #7812) 4
  5. 5. Based onAP121U (http://bit.ly/NAvaq9)- 45 $ +Jasager (OpenWRT) (http://bit.ly/EgvNV)- free Defcon Russia (DCG #7812) 5
  6. 6. AP121U• 93 x 70 x 26mm• 74g• IEEE 802.11b/g/n• 2x Ethernet• USB 2.0• 400 MHz Defcon Russia (DCG #7812) 6
  7. 7. Jasager- Linux (kernel 3.2)- hostapd (http://hostap.epitest.fi/hostapd/) hostapd is a user space daemon for access point and authentication servers.- Karma (http://www.digininja.org/karma/) Patch for hostapd. Set of patches to access point software to get it to respond to probe requests not just for itself but for any ESSID requested. Defcon Russia (DCG #7812) 7
  8. 8. Equalness = Defcon Russia (DCG #7812) 8
  9. 9. But• 93 x 70 x 26mm• 74g and 100 $... Defcon Russia (DCG #7812) 9
  10. 10. money - not so important Defcon Russia (DCG #7812) 10
  11. 11. Yammi!!Defcon Russia (DCG #7812) 11
  12. 12. Usage- As a home router- As a tool for penetration testing- As an energy independent network spy Defcon Russia (DCG #7812) 12
  13. 13. Some statistics• Location: Big Mall, Food Court• Wi-Fi SSID – ‘Ne_podkluchaytes_k_etoy_to4ke’• Action: Respond to all probe request. Disconnect. Ignore MAC next time. Defcon Russia (DCG #7812) 13
  14. 14. Over 9000….P.S. Over 100 Defcon Russia (DCG #7812) 14
  15. 15. More interesting~ 189 minutes Defcon Russia (DCG #7812) 15
  16. 16. More interesting• Mobile Juice pack~ More than 6 hours Defcon Russia (DCG #7812) 16
  17. 17. And what if? Defcon Russia (DCG #7812) 17
  18. 18. Other stuff• More than 20 add-ons (modules)• Build in web/dns/ssh services• tcpdump/air*/ettercap/sslstrip Defcon Russia (DCG #7812) 18
  19. 19. Cover story: fairy tale Defcon Russia (DCG #7812) 19
  20. 20. Cover story: legendary legend Defcon Russia (DCG #7812) 20
  21. 21. Cover story: box location Defcon Russia (DCG #7812) 21
  22. 22. Cover story: box location Defcon Russia (DCG #7812) 22
  23. 23. Cover story: packing the box• Pelican boxes – the best choice Defcon Russia (DCG #7812) 23
  24. 24. Cover story: setting up environment• Setting up SSH tunnel• …• Do the stuff Defcon Russia (DCG #7812) 24
  25. 25. Cover story: Catch me if you can• Wipe all shit! + Defcon Russia (DCG #7812) 25
  26. 26. Bonus track: Wipe video Defcon Russia (DCG #7812) 26
  27. 27. Bonus track: Wipe Defcon Russia (DCG #7812) 27
  28. 28. Thanks for your attention! @ygoltsev ygoltsev@ptsecuity.ru Defcon Russia (DCG #7812) 28

×