Advanced WiFi Attacks for Red Team Professionals

Presented at DEF CON 31 (2023), Aug. 11, 2023, 2 p.m. (240 minutes)

Wireless networks have become ubiquitous in today's world, and Red Teams are increasingly using advanced WiFi attacks to gain unauthorized access to these networks. This workshop will focus on advanced WiFi attacks utilized by Red Teams to gain access to wireless networks. Participants will learn how to conduct WiFi reconnaissance, identify misconfigurations in wireless networks, create Rogue APs for launching phishing attacks, bypass WIDS, and more. The workshop is entirely virtual, and participants will have access to a lab environment where they can experiment safely. Participants must have prior knowledge of WiFi attacks on Open, WEP, and WPA2-PSK networks. The workshop covers advanced techniques for WiFi reconnaissance, creating custom TLS certificates, Rogue AP attacks, MSCHAPv2 Relay attacks, password spraying, ESSID stripping, and more. The workshop also covers the importance of Wireless Intrusion Detection Systems for Blue Teams and an example using Nzyme. Overall, this workshop is ideal for Red Team professionals looking to enhance their WiFi attack skills and stay ahead of the game. Skill Level: Intermediate Prerequisites for students: - All participants in participating in this workshop must have a basic understanding of Linux, 802.11 protocol and Wireshark. - Must have prior knowledge of WiFi attacks on Open, WEP, and WPA2-PSK networks. Materials or Equipment students will need to bring to participate: - Participants must have access to a computer with a reliable internet connection and a virtualization software such as VirtualBox or VMware.

Presenters:

• Raúl Calvo Laorden / r4ulcl   as Raúl "r4ulcl" Calvo Laorden
  Raúl Calvo Laorden is a Spanish Senior Cybersecurity Analyst (Pentester) who is known in the online community as r4ulcl. He has a keen interest in hacking, particularly in Active Directory (AD), WiFi, and Radio Frequency (RF). Raúl enjoys working with Docker and git. He also has a passion for music, video games, and tinkering with electronic devices. Raúl is the author of WiFiChallenge Lab, a 100% virtualized realistic lab designed for learning and practicing wifi hacking (presented in RootedCON 2022). He is also the creator of wifi_db, a script that parses Aircrack-ng captures into a SQLite database, extracting valuable information such as handshakes, MGT identities, interesting relations between APs, clients and their probes, WPS information, and a global view of all the APs seen. Additionally, he holds the OSCP and CRTP certifications. In his free time, Raúl dedicates himself to programming hacking and cybersecurity tools. He also maintains his own micro-datacenter consisting of multiple servers and services where he continually learns and practices new technologies.

Similar Presentations:

• Hackfest 2017 / Advanced Wireless Attacks Against Enterprise Networks Workshop
• Black Hat Europe 2021 / Owfuzz: WiFi Nightmare
• BSidesDC 2017 / Advanced Wireless Attacks Against Enterprise Networks (CLASS)