If you’re doing any wireless penetration testing these days, odds are you have a WiFi Pineapple Mark IV from Hak5 in your toolkit. If you’re not a professional penetration tester or are just starting out with wireless hacking, the Pineapple is a device that will save you a considerable amount of headaches and is easily the best “all-in-one” tool for the job. This first article in a series of three tutorials is all about walking you through those first baby steps of configuration to get your new toy up and running. Part 1 starts with the Mark IV since many shops have this device already. Part 2 of this series covers the new Mark V, and Part 3 will show the device in action on a real pen test.
The first step to being successful in any endeavor is preparation, and the pineapple is no different. This tool packs a considerable amount of options into a small frame, and getting your new device up and running prior to “game time” is critical. We’ll show you how to set up your host computer’s network interfaces, the communication options to talk to the device, installing and configuring modules (known as Infusions), and more. So let’s get to it.
ShowMeCon 2014 in St. Louis is just around the corner on May 5 – 6 and includes a great speaker lineup featuring Dave Chronister, Adrian “IronGeek” Crenshaw, Wayne Burke, Jayson E. Street, John Matherly, Kevin Cardwell, Aamir Lakhani, Benoxa, Robert Reed, and Paul Coggin with keynotes by Evan “treefort” Booth, Andy Ellis, Ralph Echemendia and Raphael Mudge. ShowMeCon 2014 also features a CtF event as well as training courses to be held just before the event with coverage of Network Defense, CISSP, Forensics, Ethical Hacking, Intro to PowerShell, Security+ as well as a course on Advanced Mobile, WiFi and Network Hacking.
The organizers of ShowMeCon 2014 were kind enough to offer Free Training Seats worth up to $6000 to top contributors. The winners this time around are EH-Netter, SephStorm, and a top contributor to our LinkedIn Group, Kurt Ellzey. Each of the winners will get their pick of one course offered at the event as well as entrance into the con for a great week of hacking education. Don;t forget to report back on the course and con. Congrats and have fun!! For those who didn’t win, you can still get in on the action by getting a
5%10% Discount using Coupon Code: EHNSMC14.
Backdoors are once again thrust into the forefront with this week’s breaking news that the NSA allegedly hacked Chinese router company Huawei’s servers. Back in October 2012 the House Intelligence Committee accused Huawei, which claims to interconnect one third of the Internet, of embedding backdoors into routers and “posing a national security threat.” And thanks to another Edward Snowden bombshell, we now know that the NSA took their own measures to ensure perpetual access to Huawei routers.
Government espionage is nothing new. Although both sides in the example above dismiss the claims, these recent developments confirm that the location of the battlefield is forever changed. Instead of bullets and bombs, the new intelligence war is being fought with almost imperceptible bursts of electricity. Reminds me of the classic AC/DC song “Dirty Deeds Done Dirty Cheap,” where they poetically proclaim that, “For a fee I’m happy to be your backdoor man.”
Win Hacker Training Worth $6000
We’re sure you’ve heard that our friends at Parameter Security have put together a great speaker lineup for ShowMeCon 2014 in St. Louis from May 5 – 6 that includes Dave Chronister, Adrian “IronGeek” Crenshaw, Wayne Burke, Jayson E. Street, John Matherly, Kevin Cardwell, Aamir Lakhani, Benoxa, Robert Reed, and Paul Coggin with keynotes by Evan “treefort” Booth, Andy Ellis, Ralph Echemendia and Raphael Mudge. These experts will tackle a variety of specialized topics such as hacking mobile devices, cloud computing, leveraging mobile devices in pen tests, cryptanalysis, how the most protected systems can be breached, defending your systems, forensics and more at this cutting-edge, two day con. ShowMeCon 2014 also features a CtF event. But in addition to being a quality con, they are also hosting training courses to be held just before the event with coverage of Network Defense, CISSP, Forensics, Ethical Hacking, Intro to PowerShell as well as a course on Advanced Mobile, WiFi and Network Hacking.
EH-Net has worked it out with the organizers of ShowMeCon 2014 to offer 3 Free Training Seats worth up to $6000 to top contributors. As we’ve done in the past, all you have to do is start posting in our Community Forums , spread the word on Twitter, join our LinkedIn Group… get involved. Suggest helpful hints, help a newbie, offer great career advice… anything you can think to share with the community is a chance to win. Participation will be tracked and the winners announced on April 4. Each of 3 winners will get their pick of one course offered at the event as well as entrance into the con for a great week of hacking education. More details after the break. Good luck!!
Late last year, EH-Net and eLearnSecurity threw out a little challenge to our readers as a way to make a gentle introduction to the topic of reverse engineering and also to announce eLS’s new course, Advanced Reverse Engineering Software (ARES). Below you will find the Reverse Engineering 101 Contest Solution not only in video format by challenge and course designer Kyriakos Economou but also the full winning entry by EH-Netter, Gerardo Iglesias Galvan. Congratulations to Gerardo and be sure to keep us posted on your progress through the free course you won through EH-Net.
Thanks to everyone who played, whether you submitted a solution or not. If you couldn’t solve it, no worries. It only means that you have the passion but you miss the knowledge, and this is what eLS guarantees to offer to you. Still, if you managed to solve it, then you know that there is so much still to learn. eLS guarantees that through the ARES course, you will learn much more in order to enhance your technical skills. If you didn’t try at all, now is your chance to start learning. Watch the video and read the write-up and hopefully it will spark your interest in diving deeper into this fantastic field of ethical hacking.
In terms of training, Offensive Security is best known for their Pentesting with BackTrack/Kali (PWK) and Cracking the Perimeter (CTP) courses. While PWK and CTP have reputations for being intense, grueling courses that require months of sacrifice and dedication, the word “Advanced” is conspicuously absent from their titles. This fact alone should emphasize where Offensive Security AWE falls in relation to these other courses.
After registering for the course, the student must complete a reversing challenge to ensure he or she has a basic understanding of the foundation concepts that are required to digest the course content. The material in the course is far more advanced than the challenge, and successfully completing the challenge is no guarantee that the student is fully prepared for the course. However, if the student is unable to complete this challenge, or has extreme difficulty with it, there is a significant gap in requisite knowledge, and it is recommended to pursue the course at a later date after additional preparation. Did I mention “Advanced?”
“The Basics of Hacking and Penetration Testing, 2nd Edition, Ethical Hacking and Penetration Testing Made Easy” by Patrick Engebretson covers the essentials. The introduction should not be skipped, because, first and foremost, it conveys that the book is intended for people that are new to pentesting and the hacking scene. It also gives a generic overview of a lot of tools in the book that “might” strongly come in handy even to those not so new to the industry. Additionally, he covers what is needed to follow along in the book, which transforms this work from being just a book into more of a “hands-on” reference guide.
The title by Syngress Publishing is divided into chapters that define each part of the standard methodology that should be used in every pentest. This is important because every good security professional knows that having a methodology or plan of action is the key to making sure that the pentest is successful every time. The “methodology” is covered in the meat of the book which includes Chapters 2 through 7. Most pentesting books have a “What is Pentesting” chapter, so naturally Chapter 1 starts here. The book ends in a great way, because the author covers the most important part of a penetration testing: the report. Now that it is known that the author covers the requisite topics, let’s see how he handles the details of delivering this message.
It’s a Thursday evening, and happy hour begins in a few minutes. You’re ready to get out of the office, as quickly as possible. You’ve been working on a report, and you know you still have work to do in the morning. So you lock your machine. It’s safe enough, right? You’ve got a strong password and full disk encryption. Ophcrack or a bootable Linux distro like Kali won’t work. You’d think you’d be fine, but you’d be wrong. More and more, attackers are using blended attacks to get the good stuff, and that includes utilizing the latest in forensic techniques.
There is a single section of your computer full of unencrypted sensitive information any attacker would love to get their hands on: your active memory. The system stores all manner of valuable information in memory for easy reference. Full disk encryption mechanisms must store encryption keys within memory somewhere. The same is true for Wi-Fi encryption keys. Windows keeps the registry hives in memory, and consequently the System and SAM hives. Most clipboards are stored within memory. Many applications keep passwords within memory. The point is, memory houses much of the valuable information that the system needs at a moment’s notice. Getting to it requires using some of the same forensics techniques employed by attackers. This article helps add some of those techniques to your pentesting toolkit.