Announcement

Collapse
No announcement yet.

Workshop Information: Attacking Layer 2 Network Protocols

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Workshop Information: Attacking Layer 2 Network Protocols

    Title: Attacking Layer 2 Network Protocols

    Instructor: Troy Defty & Erik Dul

    Abstract: The use of remote-access malware has never been more prevalent, and in order to replicate or mitigate this threat, an understanding as to how the infrastructure supporting such an attack operates is crucial. From accounting for outbound network filtering controls, to building resilience with redundant inbound proxies, deploying an implant blindly into a target is more complex than 'msf > exploit'. This workshop aims to build an understanding around how malware Command and Control (C2) infrastructure is designed, built, and configured, and to provide attendees with experience in deploying malware within a realistic network environment. This will include:

    - A run-through of a basic red team campaign
    - The properties of a solid malware implant
    - Spinning-up Command and Control (C2) infrastructure, including burner inbound proxies, etc.
    - Configuring an implant to find and utilise outbound routes from a realistic corporate network, and to call back to our new infrastructure
    - Basic delivery of malware via common delivery routes
    - Gaining a persistent presence, and identifying routes to the campaign objectives

    We will be using Meterpreter and the Metasploit framework as the implant supported by Kali Linux, alongside Apache as a reverse proxy; all of which will be cloud-hosted. We will be using a variety of post-exploitation techniques to help attendees get to grips with some of the potential nuances of remote malware interaction (long RTTs, blind command execution, etc.).

    Reading list:

    https://www.lockheedmartin.com/conte...Kill_Chain.pdf

    https://ionize.com.au/reverse-https-...-behind-nginx/

    https://medium.com/@truekonrads/reve...y-e898f9dfff54

    Level: Intermediate

    Pre-Requisites: Basic knowledge of networking, Meterpreter/Metasploit Framework, basic Linux administration, knowledge of basic Windows privilege escalation

    Required Materials:

    Laptop, 8GB RAM, Kali as a base or a VM, with all updates applied
    Ethernet cable
Working...
X