Announcement

Collapse
No announcement yet.

Workshop Information: Introduction to Deploying Red Team Infrastructure

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Workshop Information: Introduction to Deploying Red Team Infrastructure

    Title: An Introduction to Deploying Red Team Infrastructure

    Instructor: Troy Defty & Erik Dul

    Abstract: Layer 2 can be a lesser-known attack surface; the techniques have been known for a while, have well-documented mitigations, and are often thought of as so old, they _can't possibly still be around, right?_

    But this under-represented attack surface is also of great value to an attacker. Network segregation on a typical internal network is commonplace, and often heavily relied upon to segregate, isolate, and limit the spread of a compromise. A misconfigured switch or switch port can be the difference between an attacker compromising the desk phones, and core business server infrastructure. And when the misconfiguration can be a single two-word line in a ten-thousand line switch configuration file, it's easy to see how the basic hardening controls can be missed.

    This workshop will run through analysing Layer 2 network traffic, identifying protocols and information of interest within network traffic, launching DTP attacks to pivot within a misconfigured network, and man-in-the-middling traffic via this pivot to compromise a target host (including using various tools in conjunction with virtual network interfaces). In terms of tooling, we will be looking to utilise the likes of Wireshark, Yersinia and (B)ettercap to launch the various network attacks, with standard Kali tooling/normal Linux functionality to exploit and escalate privileges on the target host.

    If attending, please consider bringing a 3-5m Ethernet (Cat5/Cat6) cable just to save us lugging 20kg of cabling around!

    Reading list (not required, but can be of interest):

    https://www.cisco.com/c/en/us/td/doc...onfig-arp.html
    https://www.cisco.com/c/en/us/td/doc...cg/swvlan.html
    https://www.computernetworkingnotes....-protocol.html
    https://www.blackhat.com/presentatio...y-switches.pdf
    https://digi.ninja/blog/abusing_dtp.php

    Level: Intermediate

    Pre-Requisites: Basic knowledge of networking, Meterpreter/Metasploit Framework, basic Linux administration, knowledge of basic Windows privilege escalation

    Required Materials: Laptop, 8GB RAM, Kali as a base or a VM, with all updates applied

    Ethernet cable
Working...
X