Sensepost Q Division: Hardware tools for close quarter hacking

2 Day Training: August 3,4

Abstract

"Q Division: Hardware tools for close quarter hacking" is a two day course bringing together the theory and practical operation of a bunch of cool hardware tools that can be used when you can gain physical access or nearby access to an environment. Things like Badge Cloning, Ethernet Person in the Middle techniques, HID attacks (from Rubber Duckies to WHID, P4wnP1 A.L.O.A and O.MG cable), RF peripheral hacks from MouseJacking to LOGITacker, and covert channel devices (like USaBUSe).

Suggested Combo: Sensepost - Introduction to Red Teaming, Aug 1,2

Course Contents

Close quarters attack surface, and the gadgets you need to exploit it:

RFID

  • Access Card cloning

Ethernet

  • Drop boxes
  • Avoiding detection
  • Transparent proxying of intercepted devices
  • Dealing with 802.1x
  • Connection interception and tampering
  • WiFi, GSM and other remote access techniques

USB Attacks

  • Class Driver basics
  • HID Attacks
    • Typed payload basics
      • Minimising on-screen time
      • Target runtimes: power shell, C#, more ...
    • Mouse jiggling
    • Payloads (traditional, advanced)
    • HID over RF
      • Targeting specific devices (MAC addresses, antennas)
      • Mouse Jacking
    • Covert channels
      • USaBUSe
      • LOGITacker
    • Other types of devices
      • Network interfaces
      • Mass storage
  • Disguising malicious devices
    • O.MG Cable
    • Implanting in innocent carriers

Students will be provided with

A bunch of neat hardware and the knowledge to use it.

Hardware Requirements

  • Laptop - powerful enough to run VMs
  • 8GB RAM minimum
  • 35GB free HDD space minimum
  • USB-A slot or dongle to copy VM

Software Requirements

  • Windows / Linux / macOS
  • One of the following virtualization suites:
  • VMWare Player
  • VMWare Workstation
  • VMWare Fusion
  • VirtualBox
Rogan Dawes

Rogan Dawes, SensePost

Early Bird Pricing - Register Now

Rogan Dawes is a senior researcher at SensePost and has been hacking since 1998, which, coincidentally, is also the time he settled on a final wardrobe. He used the time he saved on choosing outfits to live up to his colleague’s frequent joke that he has an offline copy of the Internet in his head. Rogan spent many years building web application assessment tools, and is credited as having built one of the first and most widely used intercepting proxies; WebScarab. In recent years, Rogan has turned his attentions towards hardware hacking; and these days many suspect him to be at least part cyborg. A good conversation starter is to ask him where he keeps his JTAG header.