Network Hacking (security) 101 [December '20 - Online]

I’m excited host another instance of Network Hacking 101 on Saturday December 19nd at 3:00pm PT! It’s designed from the ground up to be a great time hacking networks from the comfort of your WiFi!

2020-12-19T23:00:00Z2020-12-20T01:00:00Z

What this?

If you want to secure your home network, the best place to start is to learn how to attack it! Let’s do just that! By the end of this workshop, everyone can walk away having intercepted some packets and popped some reverse shells, and you’ll be able to use these skills on your own home network!

The content we will use is available online, and you can check it out now at naumachiactf.com. I encourage you to try the challenges ahead of time, and feel free to ask me any questions on Discord at chat.naumachiactf.com.

How will it work?

Come collaborate and work through the material on the day of the event, and if you want to get a head start, you can even access the materials right now at notebook.naumachiactf.com :scream:

During the event we’ll be using Discord to work together, discuss, and debate the air speed of an unladen packet. chat.naumachiactf.com

Topics we’ll cover:

  • Network crash course in peeling back the layers
  • Network sniffing and the world of broadcast traffic
  • Man-in-the-middle attacks through ARP poisoning
  • Network scanning and finding your next target
  • DNS poisoning so that your too can be facebook.com

What do I need to hack?

You’ll need a laptop and the following tools:

  • OpenVPN
    • Connect to the challenges you will be hacking
  • Wireshark (tcpdump also works)
    • Capture and dissect network traffic
  • nmap
    • Scan and search for vulnerable targets
  • ettercap
    • Intercept and manipulate traffic
  • arpspoof
    • Another good way to intercept traffic
  • bettercap (optional)
    • Next-generation replacement for ettercap (but a bit unreliable)
  • python3
    • Build new attack tools
  • netcat (nc)
    • Swiss-army-knife of networking

It’s highly recommended that you use Linux or MacOS, but these tools are availible for Windows as well. If you have a Windows laptop, I recommend you install Linux in a VM*. Kali is the canonical offensive security distribution if you need to pick one. (https://youtu.be/FVmWMogGX4Q )

*Windows Subsystem for Linux (WSL) is great, but doesn’t work with packet capturing, so you won’t be able to use it here