WOW! FRIDAY Network Club was RAD!

Minds blow by Friday Network Club. we’re learning all about some sweet networking tools and tricks. Thanks Samy!

“so many insecurities. and, so many people haven’t thought of. you should think about this.” —Samy

next time:
transparent mitm

start here:
airport -s is sweet for osx. find it here:
sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
oui database for mac addresses to vendor
xss bugs in routers
cross site scripting via iframes
to find you without location check
google can still find you without the street view cars
androids might be sniffing locations
enter ssl man-in-the-middle (mitm)
understand this:
fire sheep came out to force everyone to start using ssl and browsers started making things trickier. enter charles. charles will create a cert.
CAs in your phone keep you from mitm. you can install your own charles cert:
great public dns
sudo tcpdump -i en0 -n port 53
hub we see everything
arp spoofing will allow you to see other wireless traffics
arp -na
apple is tracking your ass every time you are on a network:
starbucks is always att-wifi
setup your pc to act like ssid: att-wifi with a second wifi card and sharing
nothing is secure. just assume it.
ngrep is network grep
ngrep -d en1 crashspace
-x hex
be mindful of the datatype / encoding
and regex! cr.shsp[aei]\w
nslookup to convert to 3
arpspoof via dsniff
perl imll of cross platform networking and injection:
checkout arp requests
sudo tcpdump -i en0 arp
nmap as port scanner. ping everyone:
nmap -sn
view raps
arp -na|grep -v incomplete
send arp to spoof router
use ipfw (available on all os)
find other super cool stuff for this and productivity
learn a shit load from TCPIP illustrated volume 1
arm frame and dive into rfcs with google
arpspoof -i en -t
prevent with static arp routes
pcap files record packets. the ngrep can read em later. or you can replay them.

homework: redsocks

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.