Sneaky Wi-Fi Networks Stealing Your Passwords

Presented at Diana Initiative 2019, Aug. 10, 2019, 11:30 a.m. (30 minutes)

Can you trust the Wi-Fi networks you connect to? This talk will briefly discuss an incident triage that was conducted after two employee's laptops, connected to a hotel's wireless network, were found to be attempting connections to an IP address (on the internet) via SMB. This sort of activity is generally viewed as suspicious as hackers can use it to capture NTLM password hashes. Once root of the suspicious network traffic is relieved, a proof of concept attack will be explained and demonstrated. It will show how easily connecting to Wi-Fi can lead to sending your computer's username and NTLM password hash to an attacker.

Presenters:

• Lauren Rudman - Researcher at SecureData
  Lauren started off working as a penetration tester for SensePost based in South Africa. She is currently working for their parent company SecureData in the SDLabs team conducting research. She is passionate about security and especially enjoys reverse engineering malware in her spare time. Lauren holds a MSc degree in Computer Science from Rhodes University.

Links:

• https://dianainitiative2019.busyconf.com/schedule#activity_5cb10dbe5cd78b7da700008e

Similar Presentations:

• Black Hat Asia 2020 Virtual / WIFI-Important Remote Attack Surface: Threat is Expanding
• Black Hat Europe 2017 / Wi-Fi Direct to Hell: Attacking Wi-Fi Direct Protocol Implementations
• DEF CON 23 (2015) / Guests N' Goblins: Exposing Wi-Fi Exfiltration Risks and Mitigation techniques