Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
FREE PASSWORDS AND 
FWroIFmI !your local DC970: 
ch0wn35, Supertweak, Tyson, IceQUICK 
November 12, 2014
AGENDA 
Who is DC970? 
Wireless Security 
Physical Security 
Questions
WHO IS DC970 
 DEF CON is one of the world’s largest hacker 
conferences 
 Occurs every year in Las Vegas 
 Over 16,000...
WIRELESS – CURRENT STATE 
 WPA2 released in 2004 
 WPA released in 2003 
 WEP released in 1999 
 162.5M+ data points o...
WIRELESS – WEP DEMO 
Live Demonstration
WIRELESS – WPS DEMO 
Live Demonstration
WIRELESS – WIFI PINEAPPLE 
Live Demonstration
WIRELESS - RECOMMENDATION 
 Encrypt using WPA2 
 Disable WPS 
 Change the default SSID (don’t use ‘linksys’) 
 Use a l...
PHYSICAL – CURRENT STATE 
 Survey 
 How many use Full Disk Encryption (FDE) at work? 
 How many use it at home / on per...
PHYSICAL – CRACK THE 
PASSWORD 
 OphtCrack Demo
PHYSICAL – BYPASS LOGIN 
 KON-BOOT Demo
PHYSICAL - RECOMMENDATIONS 
 Use Full Disk Encryption (FDE) 
 Use a long passphrase 
 Don’t lose your device 
 Don’t s...
WRAP UP 
 These are real attacks 
There are attacks for nearly every device 
Be difficult and not worth the attacker’s ...
QUESTIONS?
WOULD YOU LIKE TO SEE MORE? 
 If we came back, what topic / demo would you like to 
see?
Upcoming SlideShare
Loading in …5
×

NoCo IT Pros Hacking Demo

489 views

Published on

Live hacking demo presented to the NoCO IT Pros Meetup group by a group from the local DC970 group.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

NoCo IT Pros Hacking Demo

  1. 1. FREE PASSWORDS AND FWroIFmI !your local DC970: ch0wn35, Supertweak, Tyson, IceQUICK November 12, 2014
  2. 2. AGENDA Who is DC970? Wireless Security Physical Security Questions
  3. 3. WHO IS DC970  DEF CON is one of the world’s largest hacker conferences  Occurs every year in Las Vegas  Over 16,000 attended in 2014 DC970 is a local meet up with similar interest  Meets the 3rd Thursday of the month at Wild Boar Café  One of a handful of groups around Northern Colorado  E.g. NoCo2600.org meets the 1st Friday of the month at Centerra Starbucks
  4. 4. WIRELESS – CURRENT STATE  WPA2 released in 2004  WPA released in 2003  WEP released in 1999  162.5M+ data points on  https://wigle.net/
  5. 5. WIRELESS – WEP DEMO Live Demonstration
  6. 6. WIRELESS – WPS DEMO Live Demonstration
  7. 7. WIRELESS – WIFI PINEAPPLE Live Demonstration
  8. 8. WIRELESS - RECOMMENDATION  Encrypt using WPA2  Disable WPS  Change the default SSID (don’t use ‘linksys’)  Use a long passphrase  ‘Hiding’ the SSID won’t stop a targeted attack
  9. 9. PHYSICAL – CURRENT STATE  Survey  How many use Full Disk Encryption (FDE) at work?  How many use it at home / on personal devices?  Encryption is slowly becoming more ‘default’  We’re not there yet
  10. 10. PHYSICAL – CRACK THE PASSWORD  OphtCrack Demo
  11. 11. PHYSICAL – BYPASS LOGIN  KON-BOOT Demo
  12. 12. PHYSICAL - RECOMMENDATIONS  Use Full Disk Encryption (FDE)  Use a long passphrase  Don’t lose your device  Don’t sell it before wiping the data first
  13. 13. WRAP UP  These are real attacks There are attacks for nearly every device Be difficult and not worth the attacker’s effort
  14. 14. QUESTIONS?
  15. 15. WOULD YOU LIKE TO SEE MORE?  If we came back, what topic / demo would you like to see?

×