Friday, 20 June 2014

WOW! FRIDAY Network Club was RAD!

Minds blow by Friday Network Club. we’re learning all about some sweet networking tools and tricks. Thanks Samy!

“so many insecurities. and, so many people haven’t thought of. you should think about this.” –Samy

next time:


transparent mitm

start here:
airport -s is sweet for osx. find it here:

sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport

oui database for mac addresses to vendor

xss bugs in routers


cross site scripting via iframes

to find you without location check

google can still find you without the street view cars

androids might be sniffing locations

enter ssl man-in-the-middle (mitm)


understand this:

fire sheep came out to force everyone to start using ssl and browsers started making things trickier. enter charles. charles will create a cert.

CAs in your phone keep you from mitm. you can install your own charles cert:
great public dns

sudo tcpdump -i en0 -n port 53


hub we see everything

arp spoofing will allow you to see other wireless traffics

arp -na

apple is tracking your ass every time you are on a network:
starbucks is always att-wifi

setup your pc to act like ssid: att-wifi with a second wifi card and sharing

nothing is secure. just assume it.

ngrep is network grep

ngrep -d en1 crashspace

-x hex

be mindful of the datatype / encoding

and regex! cr.shsp[aei]\w

nslookup to convert to 3

arpspoof via dsniff

perl imll of cross platform networking and injection:
checkout arp requests

sudo tcpdump -i en0 arp

nmap as port scanner. ping everyone:

nmap -sn

view raps

arp -na|grep -v incomplete

send arp to spoof router

use ipfw (available on all os)
find other super cool stuff for this and productivity
learn a shit load from TCPIP illustrated volume 1

arm frame and dive into rfcs with google

arpspoof -i en -t

prevent with static arp routes

pcap files record packets. the ngrep can read em later. or you can replay them.

homework: redsocks

from SpaceBlogs


No comments:

Post a Comment