Title: Attacking Layer 2 Network Protocols

Instructor: Troy Defty & Erik Dul

Abstract:

Layer 2 can be a lesser-known attack surface; the techniques have been known for a while, have well-documented mitigations, and are often thought of as so old, they _can't possibly still be around, right?_

But this under-represented attack surface is also of great value to an attacker. Network segregation on a typical internal network is commonplace, and often heavily relied upon to segregate, isolate, and limit the spread of a compromise. A misconfigured switch or switch port can be the difference between an attacker compromising the desk phones, and core business server infrastructure. And when the misconfiguration can be a single two-word line in a ten-thousand line switch configuration file, it's easy to see how the basic hardening controls can be missed.

This workshop will run through analysing Layer 2 network traffic, identifying protocols and information of interest within network traffic, launching DTP attacks to pivot within a misconfigured network, and man-in-the-middling traffic via this pivot to compromise a target host (including using various tools in conjunction with virtual network interfaces). In terms of tooling, we will be looking to utilise the likes of Wireshark, Yersinia and Bettercap to launch the various network attacks, with standard Kali tooling/normal Linux functionality to exploit and escalate privileges on the target host.

Reading list (not required, but can be of interest):

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_arp/configuration/15-mt/arp-15-mt-book/arp-config-arp.html
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_53_se/configuration/guide/2960scg/swvlan.html
https://www.computernetworkingnotes.com/ccna-study-guide/vlan-tagging-explained-with-dtp-protocol.html
https://www.blackhat.com/presentations/bh-usa-02/bh-us-02-convery-switches.pdf
https://digi.ninja/blog/abusing_dtp.php

Level: Beginner

Pre-Requisites: Basic knowledge of networking particularly with Linux, knowledge of basic Linux exploitation and privilege escalation.

Required Materials: Laptop, 8GB RAM, Kali as a base or a VM with all updates applied, a network card/interface which supports VLAN tagging (this is usually the case with most kit nowadays by default, but just in case!)