Submit Search
Upload
The CARzyPire - Another Red Team Operation
•
0 likes
•
211 views
Prathan Phongthiproek
Follow
Raspberry Pi Zero W + Crazyradio PA + PowerShell Empire in the Radio-controlled car !!
Read less
Read more
Technology
Report
Share
Report
Share
1 of 19
Download now
Download to read offline
Recommended
Create WiFi Hotspot on Windows 7
Create WiFi Hotspot on Windows 7
Jack Smith
Linux Foundation Live Webinar: Applying Governance to CI/CD
Linux Foundation Live Webinar: Applying Governance to CI/CD
Tiffany Jachja
Building a Mobile App Pen Testing Blueprint
Building a Mobile App Pen Testing Blueprint
NowSecure
Tools for building your Startup on AWS
Tools for building your Startup on AWS
Rob De Feo
DEF CON 27 - workshop - POLOTO - hacking the android apk
DEF CON 27 - workshop - POLOTO - hacking the android apk
Felipe Prado
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Splunk
B2B Software Global Trends
B2B Software Global Trends
Amazon Web Services
Desktop-as-a-Service: Flexible Application Delivery to Cloud-Native Desktops
Desktop-as-a-Service: Flexible Application Delivery to Cloud-Native Desktops
Amazon Web Services
Recommended
Create WiFi Hotspot on Windows 7
Create WiFi Hotspot on Windows 7
Jack Smith
Linux Foundation Live Webinar: Applying Governance to CI/CD
Linux Foundation Live Webinar: Applying Governance to CI/CD
Tiffany Jachja
Building a Mobile App Pen Testing Blueprint
Building a Mobile App Pen Testing Blueprint
NowSecure
Tools for building your Startup on AWS
Tools for building your Startup on AWS
Rob De Feo
DEF CON 27 - workshop - POLOTO - hacking the android apk
DEF CON 27 - workshop - POLOTO - hacking the android apk
Felipe Prado
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Splunk
B2B Software Global Trends
B2B Software Global Trends
Amazon Web Services
Desktop-as-a-Service: Flexible Application Delivery to Cloud-Native Desktops
Desktop-as-a-Service: Flexible Application Delivery to Cloud-Native Desktops
Amazon Web Services
顧客要望と情熱のあいだ - B2B SaaS のプロダクトマネジメント -
顧客要望と情熱のあいだ - B2B SaaS のプロダクトマネジメント -
Takuma Haraguchi
A few milliseconds in the life of an HTTP request
A few milliseconds in the life of an HTTP request
Amazon Web Services
From Unattended Ground Sensors (UGS) to Installations; Leveraging AWS IoT fo...
From Unattended Ground Sensors (UGS) to Installations; Leveraging AWS IoT fo...
Amazon Web Services
Developing intelligent robots with AWS RoboMaker - SVC207 - New York AWS Summit
Developing intelligent robots with AWS RoboMaker - SVC207 - New York AWS Summit
Amazon Web Services
Fortinet - Digital Government Cloud Security 2.pptx
Fortinet - Digital Government Cloud Security 2.pptx
ThanhBoHoaluaVn
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
NowSecure
2019-11-09 DevOpsNG - What I've learned from DevOps
2019-11-09 DevOpsNG - What I've learned from DevOps
Cobus Bernard
AWS微服務時代-Serverless架構與物聯網的整合與應用-Tomofun-Charles Yang
AWS微服務時代-Serverless架構與物聯網的整合與應用-Tomofun-Charles Yang
Amazon Web Services
Trends in Digital Transformation by Joe Chung
Trends in Digital Transformation by Joe Chung
Sameer Kenkare
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
NSC42 Ltd
Becoming A High Frequency Enterprise
Becoming A High Frequency Enterprise
Amazon Web Services
Digital transformation for local news - SVC220 - New York AWS Summit
Digital transformation for local news - SVC220 - New York AWS Summit
Amazon Web Services
Blackhat - Do you trust your Threat Intelligence
Blackhat - Do you trust your Threat Intelligence
Christopher Doman
Developing intelligent robots with AWS RoboMaker - SVC207 - Santa Clara AWS S...
Developing intelligent robots with AWS RoboMaker - SVC207 - Santa Clara AWS S...
Amazon Web Services
Android Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy Enhancements
NowSecure
張楷翊(Oscar):客製打造專屬工作 App – Power Apps / Automate
張楷翊(Oscar):客製打造專屬工作 App – Power Apps / Automate
開拓文教基金會
{unscripted} 2020 : A Conference for Simplifying and Scaling Software Delivery
{unscripted} 2020 : A Conference for Simplifying and Scaling Software Delivery
Tiffany Jachja
Machine Learning at the Edge
Machine Learning at the Edge
Amazon Web Services
Bitcoin and cryptocurrencies fs club final - public
Bitcoin and cryptocurrencies fs club final - public
Chris Skinner
Shell Script 4 DBAs
Shell Script 4 DBAs
Rodrigo Mufalani
Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)
Prathan Phongthiproek
Cyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application Exploitation
Prathan Phongthiproek
More Related Content
Similar to The CARzyPire - Another Red Team Operation
顧客要望と情熱のあいだ - B2B SaaS のプロダクトマネジメント -
顧客要望と情熱のあいだ - B2B SaaS のプロダクトマネジメント -
Takuma Haraguchi
A few milliseconds in the life of an HTTP request
A few milliseconds in the life of an HTTP request
Amazon Web Services
From Unattended Ground Sensors (UGS) to Installations; Leveraging AWS IoT fo...
From Unattended Ground Sensors (UGS) to Installations; Leveraging AWS IoT fo...
Amazon Web Services
Developing intelligent robots with AWS RoboMaker - SVC207 - New York AWS Summit
Developing intelligent robots with AWS RoboMaker - SVC207 - New York AWS Summit
Amazon Web Services
Fortinet - Digital Government Cloud Security 2.pptx
Fortinet - Digital Government Cloud Security 2.pptx
ThanhBoHoaluaVn
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
NowSecure
2019-11-09 DevOpsNG - What I've learned from DevOps
2019-11-09 DevOpsNG - What I've learned from DevOps
Cobus Bernard
AWS微服務時代-Serverless架構與物聯網的整合與應用-Tomofun-Charles Yang
AWS微服務時代-Serverless架構與物聯網的整合與應用-Tomofun-Charles Yang
Amazon Web Services
Trends in Digital Transformation by Joe Chung
Trends in Digital Transformation by Joe Chung
Sameer Kenkare
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
NSC42 Ltd
Becoming A High Frequency Enterprise
Becoming A High Frequency Enterprise
Amazon Web Services
Digital transformation for local news - SVC220 - New York AWS Summit
Digital transformation for local news - SVC220 - New York AWS Summit
Amazon Web Services
Blackhat - Do you trust your Threat Intelligence
Blackhat - Do you trust your Threat Intelligence
Christopher Doman
Developing intelligent robots with AWS RoboMaker - SVC207 - Santa Clara AWS S...
Developing intelligent robots with AWS RoboMaker - SVC207 - Santa Clara AWS S...
Amazon Web Services
Android Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy Enhancements
NowSecure
張楷翊(Oscar):客製打造專屬工作 App – Power Apps / Automate
張楷翊(Oscar):客製打造專屬工作 App – Power Apps / Automate
開拓文教基金會
{unscripted} 2020 : A Conference for Simplifying and Scaling Software Delivery
{unscripted} 2020 : A Conference for Simplifying and Scaling Software Delivery
Tiffany Jachja
Machine Learning at the Edge
Machine Learning at the Edge
Amazon Web Services
Bitcoin and cryptocurrencies fs club final - public
Bitcoin and cryptocurrencies fs club final - public
Chris Skinner
Shell Script 4 DBAs
Shell Script 4 DBAs
Rodrigo Mufalani
Similar to The CARzyPire - Another Red Team Operation
(20)
顧客要望と情熱のあいだ - B2B SaaS のプロダクトマネジメント -
顧客要望と情熱のあいだ - B2B SaaS のプロダクトマネジメント -
A few milliseconds in the life of an HTTP request
A few milliseconds in the life of an HTTP request
From Unattended Ground Sensors (UGS) to Installations; Leveraging AWS IoT fo...
From Unattended Ground Sensors (UGS) to Installations; Leveraging AWS IoT fo...
Developing intelligent robots with AWS RoboMaker - SVC207 - New York AWS Summit
Developing intelligent robots with AWS RoboMaker - SVC207 - New York AWS Summit
Fortinet - Digital Government Cloud Security 2.pptx
Fortinet - Digital Government Cloud Security 2.pptx
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
2019-11-09 DevOpsNG - What I've learned from DevOps
2019-11-09 DevOpsNG - What I've learned from DevOps
AWS微服務時代-Serverless架構與物聯網的整合與應用-Tomofun-Charles Yang
AWS微服務時代-Serverless架構與物聯網的整合與應用-Tomofun-Charles Yang
Trends in Digital Transformation by Joe Chung
Trends in Digital Transformation by Joe Chung
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
The security phoenix - from the ashes of DEV-OPS Appsec California 2020
Becoming A High Frequency Enterprise
Becoming A High Frequency Enterprise
Digital transformation for local news - SVC220 - New York AWS Summit
Digital transformation for local news - SVC220 - New York AWS Summit
Blackhat - Do you trust your Threat Intelligence
Blackhat - Do you trust your Threat Intelligence
Developing intelligent robots with AWS RoboMaker - SVC207 - Santa Clara AWS S...
Developing intelligent robots with AWS RoboMaker - SVC207 - Santa Clara AWS S...
Android Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy Enhancements
張楷翊(Oscar):客製打造專屬工作 App – Power Apps / Automate
張楷翊(Oscar):客製打造專屬工作 App – Power Apps / Automate
{unscripted} 2020 : A Conference for Simplifying and Scaling Software Delivery
{unscripted} 2020 : A Conference for Simplifying and Scaling Software Delivery
Machine Learning at the Edge
Machine Learning at the Edge
Bitcoin and cryptocurrencies fs club final - public
Bitcoin and cryptocurrencies fs club final - public
Shell Script 4 DBAs
Shell Script 4 DBAs
More from Prathan Phongthiproek
Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)
Prathan Phongthiproek
Cyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application Exploitation
Prathan Phongthiproek
Mobile App Hacking In A Nutshell
Mobile App Hacking In A Nutshell
Prathan Phongthiproek
Jump-Start The MASVS
Jump-Start The MASVS
Prathan Phongthiproek
OWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-Dive
Prathan Phongthiproek
The Hookshot: Runtime Exploitation
The Hookshot: Runtime Exploitation
Prathan Phongthiproek
Understanding ransomware
Understanding ransomware
Prathan Phongthiproek
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure!
Prathan Phongthiproek
Don't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application Attacks
Prathan Phongthiproek
Owasp Top 10 Mobile Risks
Owasp Top 10 Mobile Risks
Prathan Phongthiproek
Point-Of-Sale Hacking - 2600Thailand#20
Point-Of-Sale Hacking - 2600Thailand#20
Prathan Phongthiproek
OWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration Testing
Prathan Phongthiproek
Mobile Application Pentest [Fast-Track]
Mobile Application Pentest [Fast-Track]
Prathan Phongthiproek
Hack and Slash: Secure Coding
Hack and Slash: Secure Coding
Prathan Phongthiproek
CDIC 2013-Mobile Application Pentest Workshop
CDIC 2013-Mobile Application Pentest Workshop
Prathan Phongthiproek
Web Application Firewall: Suckseed or Succeed
Web Application Firewall: Suckseed or Succeed
Prathan Phongthiproek
Layer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load Target
Prathan Phongthiproek
Advanced Malware Analysis
Advanced Malware Analysis
Prathan Phongthiproek
Tisa mobile forensic
Tisa mobile forensic
Prathan Phongthiproek
Tisa-Social Network and Mobile Security
Tisa-Social Network and Mobile Security
Prathan Phongthiproek
More from Prathan Phongthiproek
(20)
Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)
Cyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application Exploitation
Mobile App Hacking In A Nutshell
Mobile App Hacking In A Nutshell
Jump-Start The MASVS
Jump-Start The MASVS
OWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-Dive
The Hookshot: Runtime Exploitation
The Hookshot: Runtime Exploitation
Understanding ransomware
Understanding ransomware
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure!
Don't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application Attacks
Owasp Top 10 Mobile Risks
Owasp Top 10 Mobile Risks
Point-Of-Sale Hacking - 2600Thailand#20
Point-Of-Sale Hacking - 2600Thailand#20
OWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration Testing
Mobile Application Pentest [Fast-Track]
Mobile Application Pentest [Fast-Track]
Hack and Slash: Secure Coding
Hack and Slash: Secure Coding
CDIC 2013-Mobile Application Pentest Workshop
CDIC 2013-Mobile Application Pentest Workshop
Web Application Firewall: Suckseed or Succeed
Web Application Firewall: Suckseed or Succeed
Layer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load Target
Advanced Malware Analysis
Advanced Malware Analysis
Tisa mobile forensic
Tisa mobile forensic
Tisa-Social Network and Mobile Security
Tisa-Social Network and Mobile Security
Recently uploaded
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
MarianaLemus7
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
The Digital Insurer
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Alfredo García Lavilla
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
carlostorres15106
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Wonjun Hwang
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Miki Katsuragi
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Recently uploaded
(20)
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
The CARzyPire - Another Red Team Operation
1.
© 2019 Secure
D Center Co.,Ltd The CARzyPire Another Red Team Operations
2.
© 2019 Secure
D Center Co.,Ltd DISCLAIMER All the information provided on this site are for educational purposes only. Any actions and or activities related to the material contained within this document is solely your responsibility. The misuse of the knowledge can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information from this document to break the law.
3.
© 2019 Secure
D Center Co.,Ltd Introduction Agenda The CARzyPire Project Preparation Customizing Payload Delivery and Exploitation Speaker Prathan Phongthiproek tanprathan pprathan prathan cwhunderground
4.
© 2019 Secure
D Center Co.,Ltd The CARzyPire Project Raspberry Pi Zero W + Crazyradio PA + PowerShell Empire in the Radio-controlled car !! External Zone Internal Zone
5.
© 2019 Secure
D Center Co.,Ltd Preparation
6.
© 2019 Secure
D Center Co.,Ltd Hardware Preparation https://re4son-kernel.com/re4son-pi-kernel Sticky Fingers Kali-Pi 0 – Armel edition Raspberry Pi Zero W
7.
© 2019 Secure
D Center Co.,Ltd Hardware Preparation https://github.com/BastilleResearch/mousejack Build the firmware Flash over USB Crazyradio PA https://github.com/insecurityofthings/jackit Install the JackIt https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Duckyscript Create Duckyscript
8.
© 2019 Secure
D Center Co.,Ltd Radio Frequency (RF) over USB Dongle Wireless devices (Mouse/Keyboard/Presenter remote) can be hijacked !! Source: https://www.mousejack.com/
9.
© 2019 Secure
D Center Co.,Ltd Command-and-Control Server Preparation https://github.com/EmpireProject/Empire Setup the Empire C2 Server PowerShell Empire https://github.com/interference-security/empire-web Set up the PowerShell Empire Web
10.
© 2019 Secure
D Center Co.,Ltd Customizing Payload
11.
© 2019 Secure
D Center Co.,Ltd Our Enemy Windows Defender !!
12.
© 2019 Secure
D Center Co.,Ltd Our Enemy Windows Defender !!
13.
© 2019 Secure
D Center Co.,Ltd The Empire Strikes Back - Bypassing Windows Defender (Tested in July 2019) Customizing PowerShell Empire Stager HTTP Stager Agent
14.
© 2019 Secure
D Center Co.,Ltd The Empire Strikes Back - Bypassing Windows Defender (Tested in July 2019) Customized Payload x Duckyscript Stager (Multi/Launcher) Creation Duckyscript
15.
© 2019 Secure
D Center Co.,Ltd Delivery and Exploitation
16.
© 2019 Secure
D Center Co.,Ltd Delivery through CARzyPire Jackit AutoPWN x Empire Web
17.
© 2019 Secure
D Center Co.,Ltd Exploitation PowerShell Empire on the Web
18.
© 2019 Secure
D Center Co.,Ltd Exploitation PowerShell Empire on the Web
19.
© 2019 Secure
D Center Co.,Ltd Thank You Contact us: info@secure-d.tech
Download now