No announcement yet.

CIRCO: Cisco Implant Raspberry Controlled Operations

  • Filter
  • Time
  • Show
Clear All
new posts

  • CIRCO: Cisco Implant Raspberry Controlled Operations

    Saturday from 10:00 – 11:50 in Sunset 2 at Planet Hollywood
    Audience: Offense, Hardware Emilio Couto

    Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of “Sec/Net/Dev/Ops” enterprise tools to capture network credentials in a stealth mode. Using a low-profile hardware & electronics camouflaged as simple network outlet box to be sitting under/over a desk. CIRCO include different techniques for network data exfiltration to avoid detection from IDS/IPS or monitoring systems. This tool gathers information and use a combination of honeypots to trick Automation Systems to give us their network credentials! We will build a physical network & infrastructure lab to show how CIRCO works (live demo) Major features for release v1.5 (Aug):

    - Allow existing IP-Phone to co-exist with CIRCO
    - Eliminate template files (craft all packets)
    - Support NTP exfiltration
    - Software encrypted via Bluetooth (prevent forensic)
    - Self destroy and alarm switch
    - Bypass active & passive fingerprinting (NAC)
    - Credentials integration into Faraday

    Emilio Couto
    Emilio Couto (@ekio_jp) is a Security Consultant with more than 20 years of experience in the network and security field. Born and raised in Argentina, he is currently located in Japan where multitasking between language, culture and technologies is a must. Over the last decade focusing mainly on Finance IT and presenting tools in conferences (BlackHat Asia, HITB, AV Tokyo, SECCON and HamaSec) In his spare time he enjoys 3D printing, tinkering electronics and home-made IoT devices.
    Back to top

  • #2

    The latest CIRCO version (1.5) will be release on Thursday Aug 8th
    If you would want to try it yourself during DEFCON Demo Labs (Sat 10th Aug, 10:00-11:50am).
    Bring the following:

    # Hardware

    - Rapsberry Pi (3/4) Wifi/Bluetooth capable

    - Blank >4GB Micro SD Card (32Gb price is not bad compare to 16Gb)

    - USB 2.0 LAN adapter (100Mb)

    - Laptop with LAN & Wireless capabities (of course admin/root access)

    Notice: If you want to bring a Pi Zero W instead, bring a micro USB Hub and (2) USB LAN adapters (x2)

    Notice2: If you want to test Wireless features, you need a decent USB Wifi adapter (monitor mode), most of Alpha cards will work
    I use Buffalo WLI-UC-GNM2S (~10 USD) Chipset Ralink RT8070 (full packet injection support)
    Maybe is more expensive to buy in US, so.... if you want me to bring you one for same price (convert JPY to USD), let me know in advance

    # Software

    - Python2, git and pip installed in Laptop
    - git clone (after Aug 8th)
    - Installed requierements for CARPA "pip install -r requirements.txt" (file
    - Make sure you can run "python ~/circo/" without issues
    - To test new BLE feature, install below App on a phone (iPhone/Android)