Announcement

Collapse
No announcement yet.

PhanTap (Phantom Tap)

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • PhanTap (Phantom Tap)

    Friday from 10:00 – 11:50 in Sunset 2 at Planet Hollywood
    Audience: Red Teams, it could also be used by Blue Teams. Diana Dragusin & Etienne Champetier

    PhanTap (phantom tap) is an ‘invisible’ network tap aimed at red teams. With limited physical access to a target building, this tap can be installed inline between a network device and the corporate network. PhanTap is silent in the network and does not affect the victim’s traffic, even in networks having NAC (Network Access Control 802.1X - 2004). PhanTap will analyze traffic on the network and mask its traffic as the victim device. It will mount a tunnel back to a remote server, giving the attacker a foothold in the network for further exploitation and pivoting. The physical device for PhanTap is currently a small, inexpensive and disposable router running OpenWrt, we've been testing the GL.iNet GL-AR150. Moreover, PhanTap is fully based on Linux packages and can be ported to any Linux distribution.

    Diana Dragusin
    Diana Dragusin is currently a Senior Security Consultant at NCC Group, where she performs a variety of types of penetration tests, with a focus on networks, hardware, and embedded systems. Diana previously worked as a Network Security Architect, with the goal of building more secure internal and external infrastructures. In addition to hardware hacking, Diana also enjoys applying her creativity and curiosity to world travel and the culinary arts.

    Etienne Champetier
    Etienne Champetier is an Operations Engineer at Anevia (a video software company). Day to day he troubleshoots complex ecosystems with lots of vendors and moving parts (i.e. uses tcpdump and strace), automates everything he can with Ansible, helps migrate Anevia softwares to Kubernetes, and does all kinds of small developments. He loves to understand how everything works and he contributes to open source software, like OpenWrt, when he can (@champtar on Github).

  • #2
    The source has been released at https://github.com/nccgroup/phantap. The phantap packages are also part of the OpenWrt packages.

    Comment

    Working...
    X