Build your stack with Scapy, for fun and profit - Octavius 7

Build your stack with Scapy, for fun and profit - Octavius 7

Actions and Detail Panel

Sales Ended

Date and time

Location

Caesars Palace

Paradise, NV 89109

View map

Description

Build your stack with Scapy, for fun and profit

Instructor - stryngs, Jack64, zero-x

Pre-Requisites - Familiarity with RFC 1149

Abstract - 802.11 is still the Wild West in 2017. It has been around since the 90's, yet as most things with the Internet, security has always been a bolt-on addition. Through passive and active observations over the past couple years, it occurred to us that a workshop on how to abuse wifi would be interesting. This in and of itself is a spiderweb. There are so many ways to approach it; jam it, DOS it, crack it, so forth and so on.

We decided on the "ride the wave" approach. Take the existing infrastructure, and use it to your advantage by molding custom frames as you see fit. We feel this is under utilized and thus: demonstrations, beatings and examples should be given. ARP, ARP, ARP, who let the ARPs out. That is typically the battle cry for anything "LAN" these days. Pop the network, hop on the network, do your ARP, grab your MITM and go. Tried and true, it works, but it's outdated, oldskool and quite frankly, boring. Any hacker worth their salt should be able to arpspoof and ettercap. Any WIDS/WIPS should instantly lock on to what's going on and ban or alert accordingly. What we need, is a new approach.

Enter, Scapy. Without spending an hour on the wonders of Scapy and what it can do for you as a Pentester in this briefing, we'd quite frankly rather cut down to the nuts and bolts, and just, show you.

This workshop is going to center around Scapy and how you as a Pentester can use it to your advantage. Take the 802.11 and bend it to your will. Make it do your bidding and leave the SysAdmins scratching

Required materials -

- Laptop with bootable Linux of some variety
- Debian based is preferred
- apt is way easier than yum...
- WiFi NIC with Monitor Mode capability
- Curiosity

Save This Event

Event Saved