Presentation is loading. Please wait.

Presentation is loading. Please wait.

WEEK 1.

Published byGeoffrey Mervyn Greer Modified over 5 years ago

Similar presentations

Presentation on theme: "WEEK 1."— Presentation transcript:

1 WEEK 1

2 Welcome to D.I.S.C. What is DISC?
We are a student-led group focused on exploring the hands-on practical skills of ethical hacking and developing some of the skills needed to kick-start a career in Cyber Security. What do you do? We run weekly sessions every Wednesday at 6pm in LT11. These sessions are generally run as a workshop/tutorial covering various pentesting techniques or security topics.

3 Previously on D.I.S.C… Weekly sessions through Tri1 & Tri2
Mid-trimester and Pre-exams drinks with the other uni’s CySCA (

4 Trimester 1 The schedule listed here may change. Week 1 (7/3) - Introduction & WiFi hacking tutorial. Week 2 (14/3) - ​Identifying network vulnerabilities Week 3 (21/3) - ​Guest Speakers (Nigel Hedges and Shane Laffin) Week 4 (28/3) - Sectalks (PWC Building) Mid-Tri Break - ​Social Drinks Night (Venue TBD) Week 5 (11/4) - ​Passive OSINT, Active Enumeration, Vulnerability Identification Week 6 (18/4) ​- Client-side exploitation, Intro to binary exploitation Week 7 (25/4) - Sectalks (PWC Building) Week 8 (2/5) - ​Intro to web application penetration testing Week 9 (9/5) - ​Further web application penetration testing Week 10 (16/5) - ​Password Cracking Week 11 (23/5) - Social Event

5 Le Housekeeping Join our official Slack channel at Sign up with your Deakin and install the app on your phone & PC!! Sign up to compete in this year’s CySCA at Sign up to compete in CySCA 2018 at Make sure to check in at before each weekly session for any pre-setup. We want to avoid doing any setup in the sessions themselves. If you’re having trouble with anything, ping somebody on Slack or Facebook!

6 Who are you? (Insert dope icebreaker here)

7 Where should I start? Head over to and follow the instructions to set up a Virtual Machine running Kali Linux. Start listening to podcasts ( Go to all the awesome free infosec events in Melbourne (keep an eye out in #events on Slack) Sectalks - Cyberspectrum - OWASP - LTOTM - (password: LTOTM1) Watch the 1995 masterpiece ‘Hackers’ once a week religiously (

8 WiFi Hacking WiFi adaptor capable of packet injection
IEEE protocol primer WPA/WPA2 (Demo) WPS The beauty of WEP

9 Requirements WiFi adaptor with a chipset that allows for ‘packet injection’ (Link below) The hustle For a decent card you’re generally looking at a spend of $20 - $40 all up. Buying guide: ng.org/doku.php?id=compatibility_drivers#which_is_the_best_card_to_buy And for the L337 hackers out there, have a look into the wonderful world of ‘Yagi Antennas’ Packetinjection:( purpose-of-packet-injection-within-wifi-attacks)

10 IEEE 802.11 Standard for WLAN communication since 1997
802.11b, g, and n utilize the 2.4GHz band (2.400–2.500 GHz) Has 14 channels spaced 5MHz apart, with the last 3 reserved for private use. Datagrams of the protocol are called frames EAPOL (“Extensible Authentication Protocol” over LAN) frames are used for authentication

11 WPA/WPA2 - WiFi Protected Access
The most current security protocol since 2003 Keep an eye out for WPA3 later this year! Wealth of security issues: WPA packet spoofing & decryption WPS pin recovery Predictable GTK (Group Temporal Key) KRACK attack Weak passwords

12 WPA Authentication PTK - Pairwise Transient Key
GTK - Group Temporal Key Nonce - Arbitrary pseudo-random value used in cryptography MIC - Message Integrity Code Ack - Acknowledgement

13 Capture that handshake
Check the name of your wireless adaptor with ifconfig Sets your wireless interface to ‘Monitor mode’ Kill other interfering network processes Dump all data that the interface is picking up Once we’ve picked our target AP, focus on only monitoring for all packets associated with it. While monitoring that AP, send some ‘deauth’ frames which disconnects all clients from that AP, forcing them to reconnect. airmon-ng start <interface> airmon-ng check kill airodump-ng wlan0mon airodump-ng --bssid <bssid> -c <channel> -w <output_file> wlan0mon aireplay-ng -0 <no_of_packets> -a <bssid> <mon_interface>

14 Decrypting the Passphrase
If done successfully, airodump-ng will say ‘[ WPA handshake: xx:xx:xx:xx:xx:xx’ in the top right of the console. Now we have a .cap file containing the encrypted passphrase, we need to figure out what the cleartext is There are several tools we could use to crack the passphrase: Hashcat (Best) Cowpatty For the scope of this demo, we’ll use the fairly inefficient CPU cracker ‘aircrack-ng’ aircrack-ng <capture.cap> -w <wordlist>

15 WPS - WiFi Protected Setup
A standard introduced to make setting up your home WiFi network as easily and hassle free as possible. Great news for us!

16 WEP - Weak Encryption Protocol
Standard for security from 1997 until it was deprecated in 2004 The protocol relies on weak ciphers, that allows for an attacker to recover the key by passively eavesdropping on the network Trivial to hack using airmon-ng

17 Wardriving For normies, by normies

Download ppt "WEEK 1."

Similar presentations

Overview How to crack WEP and WPA

Overview How to crack WEP and WPA
1 Practical stuff Crack the WPA key of this laptop. SSID: « Philips WiFi » Password list and cowpatty table available on CD (only useful today).

1 Practical stuff Crack the WPA key of this laptop. SSID: « Philips WiFi » Password list and cowpatty table available on CD (only useful today).
Crack WEP Lab Last Update 2014.08.12 1.1.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge.

ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge.
Wireless Cracking By: Christopher Zacky.

Wireless Cracking By: Christopher Zacky.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.

The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.
Thessaloniki 28-30 November 2014. Penetration Testing with Android Devices Hacking with our pocket device, made easy! Thomas Sermpinis a.k.a. Cr0wTom.

Thessaloniki November Penetration Testing with Android Devices Hacking with our pocket device, made easy! Thomas Sermpinis a.k.a. Cr0wTom.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.

 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.
MIS 5212.001 Week 11 Site:

MIS Week 11 Site:
Wireless Attacks. Set up the APs Computer IP: 192.168.11.50 Subnet Mask: 255.255.255.0 Router IP address: –

Wireless Attacks. Set up the APs Computer IP: Subnet Mask: Router IP address: –
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Ethical Hacking Defeating Wireless Security. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.

Ethical Hacking Defeating Wireless Security. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.
Wireless Network Security Dr. John P. Abraham Professor UTPA.

Wireless Network Security Dr. John P. Abraham Professor UTPA.

Similar presentations

Ads by Google