Tweet
Saturday from 10:00 – 11:50 in Sunset 2 at Planet Hollywood
Audience: Offense, Hardware Emilio Couto
Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of “Sec/Net/Dev/Ops” enterprise tools to capture network credentials in a stealth mode. Using a low-profile hardware & electronics camouflaged as simple network outlet box to be sitting under/over a desk. CIRCO include different techniques for network data exfiltration to avoid detection from IDS/IPS or monitoring systems. This tool gathers information and use a combination of honeypots to trick Automation Systems to give us their network credentials! We will build a physical network & infrastructure lab to show how CIRCO works (live demo) Major features for release v1.5 (Aug):
- Allow existing IP-Phone to co-exist with CIRCO
- Eliminate template files (craft all packets)
- Support NTP exfiltration
- Software encrypted via Bluetooth (prevent forensic)
- Self destroy and alarm switch
- Bypass active & passive fingerprinting (NAC)
- Credentials integration into Faraday
https://github.com/ekiojp/circo
Emilio Couto
Emilio Couto (@ekio_jp) is a Security Consultant with more than 20 years of experience in the network and security field. Born and raised in Argentina, he is currently located in Japan where multitasking between language, culture and technologies is a must. Over the last decade focusing mainly on Finance IT and presenting tools in conferences (BlackHat Asia, HITB, AV Tokyo, SECCON and HamaSec) In his spare time he enjoys 3D printing, tinkering electronics and home-made IoT devices.
Back to top
Audience: Offense, Hardware Emilio Couto
Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of “Sec/Net/Dev/Ops” enterprise tools to capture network credentials in a stealth mode. Using a low-profile hardware & electronics camouflaged as simple network outlet box to be sitting under/over a desk. CIRCO include different techniques for network data exfiltration to avoid detection from IDS/IPS or monitoring systems. This tool gathers information and use a combination of honeypots to trick Automation Systems to give us their network credentials! We will build a physical network & infrastructure lab to show how CIRCO works (live demo) Major features for release v1.5 (Aug):
- Allow existing IP-Phone to co-exist with CIRCO
- Eliminate template files (craft all packets)
- Support NTP exfiltration
- Software encrypted via Bluetooth (prevent forensic)
- Self destroy and alarm switch
- Bypass active & passive fingerprinting (NAC)
- Credentials integration into Faraday
https://github.com/ekiojp/circo
Emilio Couto
Emilio Couto (@ekio_jp) is a Security Consultant with more than 20 years of experience in the network and security field. Born and raised in Argentina, he is currently located in Japan where multitasking between language, culture and technologies is a must. Over the last decade focusing mainly on Finance IT and presenting tools in conferences (BlackHat Asia, HITB, AV Tokyo, SECCON and HamaSec) In his spare time he enjoys 3D printing, tinkering electronics and home-made IoT devices.
Back to top
Comment