SlideShare une entreprise Scribd logo

Sergio González - WiFiSlax 4.0 [RootedCON 2010]

RootedCON
RootedCON

WiFiSlax es una distribución GNU/Linux diseñada y estructurada para la auditoría de seguridad, especializada en evaluaciones de seguridad inalámbrica. Contiene una amplia lista de herramientas de seguridad y auditoría donde se incluyen escáneres de puertos, de servicios y de vulnerabilidades, herramientas para creación y diseño de exploits, ‘sniffers’, herramientas de análisis forense y herramientas para la evaluación de la seguridad de dispositivos wíreless. En esta presentación oficial de la versión 4.0 se mostrarán una serie de importantes cambios estructurales que han permitido al grupo de desarrolladores continuar innovando en cuanto al soporte hardware tal y como han hecho en sus anteriores versiones anticipándose al resto de distribuciones. Estos cambios les han permitido mantenerse en la vanguardia en las tecnologías inalámbricas.

Technologie
1  sur  29
Télécharger pour lire hors ligne
WiFiSlax 4.0 beta Advances and improvements Congreso de Seguridad ~ Rooted CON’2010
What was? • Focused on Wireless Audit • Latest tools for Wireless Audit • Drivers of the most common chipsets in our laptops (innovating with packet injection support) • Ease of use for the uninitiated in GNU/Linux • Launchers and GUI tools • Basic help in spanish Congreso de Seguridad ~ Rooted CON’2010 2
WiFiSlax 4.0 beta Congreso de Seguridad ~ Rooted CON’2010 3
What? • GNU/Linux distribution • Debian Stable based • Nowadays, not only Wireless Security: /NETWORK VULNERABILITY & PENTESTING /BLUETOOTH /RFID /IRDA /SERIAL PORT /CRACKING /REVERSING /FORENSIC • Compatible with other system • GRUB as boot loader Congreso de Seguridad ~ Rooted CON’2010 4
What? • Live CD/DVD/USB • Kernel 2.6.32.5 SMP • KDE 3.5.10|¿KDE 4? – Compiz Fusion included – Drivers ATI / Drivers NVIDIA • Automount new drives – RO/RW over NTFS, HFS and NAS • Automount new devices – Wireless devices / mouse / etc Congreso de Seguridad ~ Rooted CON’2010 5
Which support? • Ease of use regardless of driver • Launch GUI: – Broadcom bcm43xx – Intel IPW2200, IPW3945, IPW4965 – Ralink rt2570, rt73 – Prism, Prism2 – Realtek rt8180/rt8185, rt8187 – Atheros mode managed, monitor, master • Problems with your chipset? – usbview, lsusb, lspci, dmesg, etc... Congreso de Seguridad ~ Rooted CON’2010 6
Which support?  Prism54  IPW2100  Madwifi-ng  IPW2200  Wlan-ng  IPW3945  HostAP  IPW4965  Ralink rt2570  Intel WiFi Link 5X000  Ralink rt61  Zydas ZD1201  Ralink rt73  Zydas ZD1211rw  Ralink rt2X00  Zydas ZD1211b  Ralink rt2860  Realtek rtl8180  Ralink rt2870  Realtek rtl8185  Ralink rt8187  Realtek rtl8187B/L  Ralink rt3070  Atheros AR5007EG  Broadcom Congreso de Seguridad ~ Rooted CON’2010 7
What included? • Konqueror 3.5.9 • Iceweasel 3.6 – NoScript – Live HTTP headers – ShowIP – Tamper Data – Firebug – HackBar – etc Congreso de Seguridad ~ Rooted CON’2010 8
What include? • Audit & security tools • Wireless chipsets for auditing & pentesting • Wireless tools – Kismet, machanger, aircrack-ng, aircrack-ptw, etc • Cryptanalysis tools (WEP/WPA/WPA2, cookie entropy, etc) Congreso de Seguridad ~ Rooted CON’2010 9
What included? • Wi-Spy – Channels spectrum analyzer Congreso de Seguridad ~ Rooted CON’2010 1 0
Aircrack-ng-patch • Anticipating the next speaker: • WiFiSlax 4.0 is the only distribution that is not vulnerable to 0-day of Airodump-ng 1.0 [No more details, yet] – Thanks to Iñaki L. ;-) Congreso de Seguridad ~ Rooted CON’2010 1 1
What included? • More audit tools: – Zenmap – Wireshark – ettercap – asleap – Scapy – Etc. Congreso de Seguridad ~ Rooted CON’2010 1 2
What included? • wesside-ng – Automatic cracking WEP • WifiZoo v1.3 – WEP/WPA support (only in WiFiSlax 4) Congreso de Seguridad ~ Rooted CON’2010 1 3
Other attacks • Karma • Airbase-ng • Fake APs (MitM and hirte attack) auto-connect for Windows & MacOS clients & ¿mobile devices? ;-) Congreso de Seguridad ~ Rooted CON’2010 1 4
What included? • Bluetooth support: • airotooth.sh • Bluetooth Sniffing • BTSniff for chipsets CSR BC4 Flash/RAM • BTCrack for Linux Congreso de Seguridad ~ Rooted CON’2010 1 5
What included? • RFID tools: • IrDA & Serial port: • 3-G support: • Vodafone  • Yoigo  • Movistar ? Congreso de Seguridad ~ Rooted CON’2010 1 6
What included? • Cracking: • Reversing: Congreso de Seguridad ~ Rooted CON’2010 1 7
What included? • Forensic: Congreso de Seguridad ~ Rooted CON’2010 1 8
What included? • Recomposition of TCP sessions: • airdecap-ng • Form Fields without SSL encryption • Uncipher, WEP, WPA, WPA2 connections • Xplico – Data mining and network forensic • Wireshark • Uncipher, WEP and WPA connections • VoIP Congreso de Seguridad ~ Rooted CON’2010 1 9
What included? • Karmetasploit • Rogue AP attacks for e-mail and web password interception, cookie stealing and insecure services (POP3, FTP, SMB, etc) • Lorcon • Packet injection library for IEEE 802.11 • Lorcon2 • Packet and shellcode injection with Metasploit Congreso de Seguridad ~ Rooted CON’2010 2 0
What included? • Network security & Information gathering: Congreso de Seguridad ~ Rooted CON’2010 2 1
What included? • DNS: • WEB: …and DioNiSio Congreso de Seguridad ~ Rooted CON’2010 2 2
What do you expect? • For n-th time: WEP IS INSECURE BY DESING! – Vendors such as Ubiquiti don’t support • Forget poorly implemented ciphers – Don't exist strong passwords – Security must be transparent for the user Congreso de Seguridad ~ Rooted CON’2010 2 3
What do you expect? • Efficient alternative to another distributions • Abandon WEP and WPA • Improving wireless security • Automate and collect audit tools • Promote new security standards • Fostering interest in security Congreso de Seguridad ~ Rooted CON’2010 2 4
Updates? • Update packages : – apt-get / aptitude • WiFiSlax 4.0 repository: – Valid for all Debian Congreso de Seguridad ~ Rooted CON’2010 2 5
Who? • Staff elhacker.net ? • Staff Seguridadwireless.net ? pers ve l o g s of de thin roup make and ght g w to ry ti ho A ve know se, effe ctive • who r, conci clea ient. effic Congreso de Seguridad ~ Rooted CON’2010 2 6
Where? • WiFiSlax.com Oficial Webpage: http://www.wifislax.com/ • WiFiSlax @ LinkedIn Oficial Group: http://www.linkedin.com/groups?gid=2066315 Congreso de Seguridad ~ Rooted CON’2010 2 7
Questions? • Thanks to: – SeguridadWireless.net – BrutalSec.net – …anyone wishing to include their tools!  Congreso de Seguridad ~ Rooted CON’2010 2 8
www.wifislax.com Sergio González Congreso de Seguridad ~ Rooted CON’2010

Recommandé

Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Positive Hack Days
 
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Zoltan Balazs
 
Exfiltrating Data through IoT
Exfiltrating Data through IoTExfiltrating Data through IoT
Exfiltrating Data through IoTPriyanka Aash
 
D1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsD1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsqqlan
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?Zoltan Balazs
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Sessionveerababu penugonda(Mr-IoT)
 
Wireless security
Wireless securityWireless security
Wireless securityAurobindo Nayak
 
Буткит через СМС: оценка безопасности сети 4G
Буткит через СМС: оценка безопасности сети 4GБуткит через СМС: оценка безопасности сети 4G
Буткит через СМС: оценка безопасности сети 4GPositive Hack Days
 

Recommandé

Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Positive Hack Days
 
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Zoltan Balazs
 
Exfiltrating Data through IoT
Exfiltrating Data through IoTExfiltrating Data through IoT
Exfiltrating Data through IoTPriyanka Aash
 
D1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsD1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsqqlan
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?Zoltan Balazs
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Sessionveerababu penugonda(Mr-IoT)
 
Wireless security
Wireless securityWireless security
Wireless securityAurobindo Nayak
 
Буткит через СМС: оценка безопасности сети 4G
Буткит через СМС: оценка безопасности сети 4GБуткит через СМС: оценка безопасности сети 4G
Буткит через СМС: оценка безопасности сети 4GPositive Hack Days
 
" Breaking Extreme Networks WingOS: How to own millions of devices running on...
" Breaking Extreme Networks WingOS: How to own millions of devices running on..." Breaking Extreme Networks WingOS: How to own millions of devices running on...
" Breaking Extreme Networks WingOS: How to own millions of devices running on...PROIDEA
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreveerababu penugonda(Mr-IoT)
 
Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)
 
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]RootedCON
 
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015CODE BLUE
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90dhape01
 
Mikael Falkvidd IoT - Stena AB Faster Forward
Mikael Falkvidd IoT - Stena AB Faster ForwardMikael Falkvidd IoT - Stena AB Faster Forward
Mikael Falkvidd IoT - Stena AB Faster ForwardMikael Falkvidd
 
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald..."Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...PROIDEA
 
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceHardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceFatih Ozavci
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallShilaThak
 
Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Breaking Extreme Networks WingOS: How to own millions of devices running on A...Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Breaking Extreme Networks WingOS: How to own millions of devices running on A...Priyanka Aash
 
It’s in the Air(waves): Deconstructing 2017’s Biggest RF Attacks
It’s in the Air(waves): Deconstructing 2017’s Biggest RF AttacksIt’s in the Air(waves): Deconstructing 2017’s Biggest RF Attacks
It’s in the Air(waves): Deconstructing 2017’s Biggest RF AttacksPriyanka Aash
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slidesguest1c1a9a
 
Introduction to epid
Introduction to epidIntroduction to epid
Introduction to epidBeMyApp
 
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)Martin Schütte
 
Understanding and Troubleshooting ASA NAT
Understanding and Troubleshooting ASA NATUnderstanding and Troubleshooting ASA NAT
Understanding and Troubleshooting ASA NATCisco Russia
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesJulian Ernesto Martinez Oliva
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Introduction ciot workshop premeetup
Introduction ciot workshop premeetupIntroduction ciot workshop premeetup
Introduction ciot workshop premeetupBeMyApp
 
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar Santhosh Kumar
 
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...PROIDEA
 
SCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsSCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsAleksandr Timorin
 

Contenu connexe

Tendances

" Breaking Extreme Networks WingOS: How to own millions of devices running on...
" Breaking Extreme Networks WingOS: How to own millions of devices running on..." Breaking Extreme Networks WingOS: How to own millions of devices running on...
" Breaking Extreme Networks WingOS: How to own millions of devices running on...PROIDEA
 
Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)
 
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]RootedCON
 
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015CODE BLUE
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90dhape01
 
Mikael Falkvidd IoT - Stena AB Faster Forward
Mikael Falkvidd IoT - Stena AB Faster ForwardMikael Falkvidd IoT - Stena AB Faster Forward
Mikael Falkvidd IoT - Stena AB Faster ForwardMikael Falkvidd
 
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald..."Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...PROIDEA
 
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceHardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceFatih Ozavci
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallShilaThak
 
Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Breaking Extreme Networks WingOS: How to own millions of devices running on A...Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Breaking Extreme Networks WingOS: How to own millions of devices running on A...Priyanka Aash
 
It’s in the Air(waves): Deconstructing 2017’s Biggest RF Attacks
It’s in the Air(waves): Deconstructing 2017’s Biggest RF AttacksIt’s in the Air(waves): Deconstructing 2017’s Biggest RF Attacks
It’s in the Air(waves): Deconstructing 2017’s Biggest RF AttacksPriyanka Aash
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slidesguest1c1a9a
 
Introduction to epid
Introduction to epidIntroduction to epid
Introduction to epidBeMyApp
 
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)Martin Schütte
 
Understanding and Troubleshooting ASA NAT
Understanding and Troubleshooting ASA NATUnderstanding and Troubleshooting ASA NAT
Understanding and Troubleshooting ASA NATCisco Russia
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Introduction ciot workshop premeetup
Introduction ciot workshop premeetupIntroduction ciot workshop premeetup
Introduction ciot workshop premeetupBeMyApp
 

Tendances (19)

" Breaking Extreme Networks WingOS: How to own millions of devices running on...
" Breaking Extreme Networks WingOS: How to own millions of devices running on..." Breaking Extreme Networks WingOS: How to own millions of devices running on...
" Breaking Extreme Networks WingOS: How to own millions of devices running on...
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
 
Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd session
 
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]
Rafa Sánchez & Fran Gomez - IoCker - When IPv6 met malware [rooted2019]
 
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90d
 
Mikael Falkvidd IoT - Stena AB Faster Forward
Mikael Falkvidd IoT - Stena AB Faster ForwardMikael Falkvidd IoT - Stena AB Faster Forward
Mikael Falkvidd IoT - Stena AB Faster Forward
 
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald..."Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...
"Attacking industrial remote controllers for fun and profit" - Dr. Marco Bald...
 
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceHardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
 
Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Breaking Extreme Networks WingOS: How to own millions of devices running on A...Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Breaking Extreme Networks WingOS: How to own millions of devices running on A...
 
It’s in the Air(waves): Deconstructing 2017’s Biggest RF Attacks
It’s in the Air(waves): Deconstructing 2017’s Biggest RF AttacksIt’s in the Air(waves): Deconstructing 2017’s Biggest RF Attacks
It’s in the Air(waves): Deconstructing 2017’s Biggest RF Attacks
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slides
 
Introduction to epid
Introduction to epidIntroduction to epid
Introduction to epid
 
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
 
Understanding and Troubleshooting ASA NAT
Understanding and Troubleshooting ASA NATUnderstanding and Troubleshooting ASA NAT
Understanding and Troubleshooting ASA NAT
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-series
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Introduction ciot workshop premeetup
Introduction ciot workshop premeetupIntroduction ciot workshop premeetup
Introduction ciot workshop premeetup
 

Similaire à Sergio González - WiFiSlax 4.0 [RootedCON 2010]

OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar Santhosh Kumar
 
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...PROIDEA
 
SCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsSCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsAleksandr Timorin
 
How to Implement SDN Technology in ITB
How to Implement SDN Technology in ITBHow to Implement SDN Technology in ITB
How to Implement SDN Technology in ITBSDNRG ITB
 
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoTInria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoTStéphanie Roger
 
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)Martin Schütte
 
PicoScenes Tutorial @ CPS-IOT Week 2022
PicoScenes Tutorial @ CPS-IOT Week 2022PicoScenes Tutorial @ CPS-IOT Week 2022
PicoScenes Tutorial @ CPS-IOT Week 2022Zhiping Jiang
 
IPv6 Security - Myths and Reality
IPv6 Security - Myths and RealityIPv6 Security - Myths and Reality
IPv6 Security - Myths and RealitySwiss IPv6 Council
 
Scada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsScada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsAleksandr Timorin
 
Master-Master Replication and Scaling of an Application Between Each of the I...
Master-Master Replication and Scaling of an Application Between Each of the I...Master-Master Replication and Scaling of an Application Between Each of the I...
Master-Master Replication and Scaling of an Application Between Each of the I...vsoshnikov
 
Botprobe - Reducing network threat intelligence big data
Botprobe - Reducing network threat intelligence big data Botprobe - Reducing network threat intelligence big data
Botprobe - Reducing network threat intelligence big data DATA SECURITY SOLUTIONS
 
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017keyalea
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014Brian Knopf
 
Make Your Own IoT Device by ZigBee
Make Your Own IoT Device by ZigBeeMake Your Own IoT Device by ZigBee
Make Your Own IoT Device by ZigBeeOkis Chuang
 
Cybercon 2015 brandon kravitz
Cybercon 2015 brandon kravitzCybercon 2015 brandon kravitz
Cybercon 2015 brandon kravitzBrandon Kravitz
 
SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?Dan York
 

Similaire à Sergio González - WiFiSlax 4.0 [RootedCON 2010] (20)

OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
 
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...
CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...
 
SCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsSCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanisms
 
How to Implement SDN Technology in ITB
How to Implement SDN Technology in ITBHow to Implement SDN Technology in ITB
How to Implement SDN Technology in ITB
 
Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014
 
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoTInria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
 
Why choose pan
Why choose panWhy choose pan
Why choose pan
 
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)
 
PicoScenes Tutorial @ CPS-IOT Week 2022
PicoScenes Tutorial @ CPS-IOT Week 2022PicoScenes Tutorial @ CPS-IOT Week 2022
PicoScenes Tutorial @ CPS-IOT Week 2022
 
IPv6 Security - Myths and Reality
IPv6 Security - Myths and RealityIPv6 Security - Myths and Reality
IPv6 Security - Myths and Reality
 
Scada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsScada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanisms
 
Master-Master Replication and Scaling of an Application Between Each of the I...
Master-Master Replication and Scaling of an Application Between Each of the I...Master-Master Replication and Scaling of an Application Between Each of the I...
Master-Master Replication and Scaling of an Application Between Each of the I...
 
IPv6 and Telecom: IPv4 Is FInally Running Out. Now What?
IPv6 and Telecom: IPv4 Is FInally Running Out. Now What?IPv6 and Telecom: IPv4 Is FInally Running Out. Now What?
IPv6 and Telecom: IPv4 Is FInally Running Out. Now What?
 
Botprobe - Reducing network threat intelligence big data
Botprobe - Reducing network threat intelligence big data Botprobe - Reducing network threat intelligence big data
Botprobe - Reducing network threat intelligence big data
 
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
 
Make Your Own IoT Device by ZigBee
Make Your Own IoT Device by ZigBeeMake Your Own IoT Device by ZigBee
Make Your Own IoT Device by ZigBee
 
Cybercon 2015 brandon kravitz
Cybercon 2015 brandon kravitzCybercon 2015 brandon kravitz
Cybercon 2015 brandon kravitz
 
SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?
 
Web Application Detection with SNORT
Web Application Detection with SNORTWeb Application Detection with SNORT
Web Application Detection with SNORT
 

Plus de RootedCON

Rooted2020 A clockwork pentester - Jose Carlos Moral & Alvaro Villaverde
Rooted2020 A clockwork pentester - Jose Carlos Moral & Alvaro VillaverdeRooted2020 A clockwork pentester - Jose Carlos Moral & Alvaro Villaverde
Rooted2020 A clockwork pentester - Jose Carlos Moral & Alvaro VillaverdeRootedCON
 
rooted2020 Sandbox fingerprinting -_evadiendo_entornos_de_analisis_-_victor_c...
rooted2020 Sandbox fingerprinting -_evadiendo_entornos_de_analisis_-_victor_c...rooted2020 Sandbox fingerprinting -_evadiendo_entornos_de_analisis_-_victor_c...
rooted2020 Sandbox fingerprinting -_evadiendo_entornos_de_analisis_-_victor_c...RootedCON
 
Rooted2020 hunting malware-using_process_behavior-roberto_amado
Rooted2020 hunting malware-using_process_behavior-roberto_amadoRooted2020 hunting malware-using_process_behavior-roberto_amado
Rooted2020 hunting malware-using_process_behavior-roberto_amadoRootedCON
 
Rooted2020 compliance as-code_-_guillermo_obispo_-_jose_mariaperez_-_
Rooted2020 compliance as-code_-_guillermo_obispo_-_jose_mariaperez_-_Rooted2020 compliance as-code_-_guillermo_obispo_-_jose_mariaperez_-_
Rooted2020 compliance as-code_-_guillermo_obispo_-_jose_mariaperez_-_RootedCON
 
Rooted2020 the day i_ruled_the_world_deceiving_software_developers_through_op...
Rooted2020 the day i_ruled_the_world_deceiving_software_developers_through_op...Rooted2020 the day i_ruled_the_world_deceiving_software_developers_through_op...
Rooted2020 the day i_ruled_the_world_deceiving_software_developers_through_op...RootedCON
 
Rooted2020 si la-empresa_ha_ocultado_el_ciberataque,_como_se_ha_enterado_el_r...
Rooted2020 si la-empresa_ha_ocultado_el_ciberataque,_como_se_ha_enterado_el_r...Rooted2020 si la-empresa_ha_ocultado_el_ciberataque,_como_se_ha_enterado_el_r...
Rooted2020 si la-empresa_ha_ocultado_el_ciberataque,_como_se_ha_enterado_el_r...RootedCON
 
Rooted2020 wordpress-another_terror_story_-_manuel_garcia_-_jacinto_sergio_ca...
Rooted2020 wordpress-another_terror_story_-_manuel_garcia_-_jacinto_sergio_ca...Rooted2020 wordpress-another_terror_story_-_manuel_garcia_-_jacinto_sergio_ca...
Rooted2020 wordpress-another_terror_story_-_manuel_garcia_-_jacinto_sergio_ca...RootedCON
 
Rooted2020 Atacando comunicaciones-de_voz_cifradas_-_jose_luis_verdeguer
Rooted2020 Atacando comunicaciones-de_voz_cifradas_-_jose_luis_verdeguerRooted2020 Atacando comunicaciones-de_voz_cifradas_-_jose_luis_verdeguer
Rooted2020 Atacando comunicaciones-de_voz_cifradas_-_jose_luis_verdeguerRootedCON
 
rooted2020-Rootkit necurs no_es_un_bug,_es_una_feature_-_roberto_santos_-_jav...
rooted2020-Rootkit necurs no_es_un_bug,_es_una_feature_-_roberto_santos_-_jav...rooted2020-Rootkit necurs no_es_un_bug,_es_una_feature_-_roberto_santos_-_jav...
rooted2020-Rootkit necurs no_es_un_bug,_es_una_feature_-_roberto_santos_-_jav...RootedCON
 
Rooted2020 stefano maccaglia--_the_enemy_of_my_enemy
Rooted2020 stefano maccaglia--_the_enemy_of_my_enemyRooted2020 stefano maccaglia--_the_enemy_of_my_enemy
Rooted2020 stefano maccaglia--_the_enemy_of_my_enemyRootedCON
 
Rooted2020 taller de-reversing_de_binarios_escritos_en_golang_-_mariano_palom...
Rooted2020 taller de-reversing_de_binarios_escritos_en_golang_-_mariano_palom...Rooted2020 taller de-reversing_de_binarios_escritos_en_golang_-_mariano_palom...
Rooted2020 taller de-reversing_de_binarios_escritos_en_golang_-_mariano_palom...RootedCON
 
Rooted2020 virtual pwned-network_-_manel_molina
Rooted2020 virtual pwned-network_-_manel_molinaRooted2020 virtual pwned-network_-_manel_molina
Rooted2020 virtual pwned-network_-_manel_molinaRootedCON
 
Rooted2020 van a-mear_sangre_como_hacer_que_los_malos_lo_paguen_muy_caro_-_an...
Rooted2020 van a-mear_sangre_como_hacer_que_los_malos_lo_paguen_muy_caro_-_an...Rooted2020 van a-mear_sangre_como_hacer_que_los_malos_lo_paguen_muy_caro_-_an...
Rooted2020 van a-mear_sangre_como_hacer_que_los_malos_lo_paguen_muy_caro_-_an...RootedCON
 
Rooted2020 todo a-siem_-_marta_lopez
Rooted2020 todo a-siem_-_marta_lopezRooted2020 todo a-siem_-_marta_lopez
Rooted2020 todo a-siem_-_marta_lopezRootedCON
 
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valeroRooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valeroRootedCON
 
Rooted2020 live coding--_jesus_jara
Rooted2020 live coding--_jesus_jaraRooted2020 live coding--_jesus_jara
Rooted2020 live coding--_jesus_jaraRootedCON
 
Rooted2020 legalidad de-la_prueba_tecnologica_indiciaria_cuando_tu_papi_es_un...
Rooted2020 legalidad de-la_prueba_tecnologica_indiciaria_cuando_tu_papi_es_un...Rooted2020 legalidad de-la_prueba_tecnologica_indiciaria_cuando_tu_papi_es_un...
Rooted2020 legalidad de-la_prueba_tecnologica_indiciaria_cuando_tu_papi_es_un...RootedCON
 
Rooted2020 hackeando el-mundo_exterior_a_traves_de_bluetooth_low-energy_ble_-...
Rooted2020 hackeando el-mundo_exterior_a_traves_de_bluetooth_low-energy_ble_-...Rooted2020 hackeando el-mundo_exterior_a_traves_de_bluetooth_low-energy_ble_-...
Rooted2020 hackeando el-mundo_exterior_a_traves_de_bluetooth_low-energy_ble_-...RootedCON
 
Rooted2020 evading deep-learning_malware_detectors_-_javier_yuste
Rooted2020 evading deep-learning_malware_detectors_-_javier_yusteRooted2020 evading deep-learning_malware_detectors_-_javier_yuste
Rooted2020 evading deep-learning_malware_detectors_-_javier_yusteRootedCON
 
Rooted2020 encontrando 0days-en_2020_-_antonio_morales
Rooted2020 encontrando 0days-en_2020_-_antonio_moralesRooted2020 encontrando 0days-en_2020_-_antonio_morales
Rooted2020 encontrando 0days-en_2020_-_antonio_moralesRootedCON
 

Plus de RootedCON (20)

Rooted2020 A clockwork pentester - Jose Carlos Moral & Alvaro Villaverde
Rooted2020 A clockwork pentester - Jose Carlos Moral & Alvaro VillaverdeRooted2020 A clockwork pentester - Jose Carlos Moral & Alvaro Villaverde
Rooted2020 A clockwork pentester - Jose Carlos Moral & Alvaro Villaverde
 
rooted2020 Sandbox fingerprinting -_evadiendo_entornos_de_analisis_-_victor_c...
rooted2020 Sandbox fingerprinting -_evadiendo_entornos_de_analisis_-_victor_c...rooted2020 Sandbox fingerprinting -_evadiendo_entornos_de_analisis_-_victor_c...
rooted2020 Sandbox fingerprinting -_evadiendo_entornos_de_analisis_-_victor_c...
 
Rooted2020 hunting malware-using_process_behavior-roberto_amado
Rooted2020 hunting malware-using_process_behavior-roberto_amadoRooted2020 hunting malware-using_process_behavior-roberto_amado
Rooted2020 hunting malware-using_process_behavior-roberto_amado
 
Rooted2020 compliance as-code_-_guillermo_obispo_-_jose_mariaperez_-_
Rooted2020 compliance as-code_-_guillermo_obispo_-_jose_mariaperez_-_Rooted2020 compliance as-code_-_guillermo_obispo_-_jose_mariaperez_-_
Rooted2020 compliance as-code_-_guillermo_obispo_-_jose_mariaperez_-_
 
Rooted2020 the day i_ruled_the_world_deceiving_software_developers_through_op...
Rooted2020 the day i_ruled_the_world_deceiving_software_developers_through_op...Rooted2020 the day i_ruled_the_world_deceiving_software_developers_through_op...
Rooted2020 the day i_ruled_the_world_deceiving_software_developers_through_op...
 
Rooted2020 si la-empresa_ha_ocultado_el_ciberataque,_como_se_ha_enterado_el_r...
Rooted2020 si la-empresa_ha_ocultado_el_ciberataque,_como_se_ha_enterado_el_r...Rooted2020 si la-empresa_ha_ocultado_el_ciberataque,_como_se_ha_enterado_el_r...
Rooted2020 si la-empresa_ha_ocultado_el_ciberataque,_como_se_ha_enterado_el_r...
 
Rooted2020 wordpress-another_terror_story_-_manuel_garcia_-_jacinto_sergio_ca...
Rooted2020 wordpress-another_terror_story_-_manuel_garcia_-_jacinto_sergio_ca...Rooted2020 wordpress-another_terror_story_-_manuel_garcia_-_jacinto_sergio_ca...
Rooted2020 wordpress-another_terror_story_-_manuel_garcia_-_jacinto_sergio_ca...
 
Rooted2020 Atacando comunicaciones-de_voz_cifradas_-_jose_luis_verdeguer
Rooted2020 Atacando comunicaciones-de_voz_cifradas_-_jose_luis_verdeguerRooted2020 Atacando comunicaciones-de_voz_cifradas_-_jose_luis_verdeguer
Rooted2020 Atacando comunicaciones-de_voz_cifradas_-_jose_luis_verdeguer
 
rooted2020-Rootkit necurs no_es_un_bug,_es_una_feature_-_roberto_santos_-_jav...
rooted2020-Rootkit necurs no_es_un_bug,_es_una_feature_-_roberto_santos_-_jav...rooted2020-Rootkit necurs no_es_un_bug,_es_una_feature_-_roberto_santos_-_jav...
rooted2020-Rootkit necurs no_es_un_bug,_es_una_feature_-_roberto_santos_-_jav...
 
Rooted2020 stefano maccaglia--_the_enemy_of_my_enemy
Rooted2020 stefano maccaglia--_the_enemy_of_my_enemyRooted2020 stefano maccaglia--_the_enemy_of_my_enemy
Rooted2020 stefano maccaglia--_the_enemy_of_my_enemy
 
Rooted2020 taller de-reversing_de_binarios_escritos_en_golang_-_mariano_palom...
Rooted2020 taller de-reversing_de_binarios_escritos_en_golang_-_mariano_palom...Rooted2020 taller de-reversing_de_binarios_escritos_en_golang_-_mariano_palom...
Rooted2020 taller de-reversing_de_binarios_escritos_en_golang_-_mariano_palom...
 
Rooted2020 virtual pwned-network_-_manel_molina
Rooted2020 virtual pwned-network_-_manel_molinaRooted2020 virtual pwned-network_-_manel_molina
Rooted2020 virtual pwned-network_-_manel_molina
 
Rooted2020 van a-mear_sangre_como_hacer_que_los_malos_lo_paguen_muy_caro_-_an...
Rooted2020 van a-mear_sangre_como_hacer_que_los_malos_lo_paguen_muy_caro_-_an...Rooted2020 van a-mear_sangre_como_hacer_que_los_malos_lo_paguen_muy_caro_-_an...
Rooted2020 van a-mear_sangre_como_hacer_que_los_malos_lo_paguen_muy_caro_-_an...
 
Rooted2020 todo a-siem_-_marta_lopez
Rooted2020 todo a-siem_-_marta_lopezRooted2020 todo a-siem_-_marta_lopez
Rooted2020 todo a-siem_-_marta_lopez
 
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valeroRooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
 
Rooted2020 live coding--_jesus_jara
Rooted2020 live coding--_jesus_jaraRooted2020 live coding--_jesus_jara
Rooted2020 live coding--_jesus_jara
 
Rooted2020 legalidad de-la_prueba_tecnologica_indiciaria_cuando_tu_papi_es_un...
Rooted2020 legalidad de-la_prueba_tecnologica_indiciaria_cuando_tu_papi_es_un...Rooted2020 legalidad de-la_prueba_tecnologica_indiciaria_cuando_tu_papi_es_un...
Rooted2020 legalidad de-la_prueba_tecnologica_indiciaria_cuando_tu_papi_es_un...
 
Rooted2020 hackeando el-mundo_exterior_a_traves_de_bluetooth_low-energy_ble_-...
Rooted2020 hackeando el-mundo_exterior_a_traves_de_bluetooth_low-energy_ble_-...Rooted2020 hackeando el-mundo_exterior_a_traves_de_bluetooth_low-energy_ble_-...
Rooted2020 hackeando el-mundo_exterior_a_traves_de_bluetooth_low-energy_ble_-...
 
Rooted2020 evading deep-learning_malware_detectors_-_javier_yuste
Rooted2020 evading deep-learning_malware_detectors_-_javier_yusteRooted2020 evading deep-learning_malware_detectors_-_javier_yuste
Rooted2020 evading deep-learning_malware_detectors_-_javier_yuste
 
Rooted2020 encontrando 0days-en_2020_-_antonio_morales
Rooted2020 encontrando 0days-en_2020_-_antonio_moralesRooted2020 encontrando 0days-en_2020_-_antonio_morales
Rooted2020 encontrando 0days-en_2020_-_antonio_morales
 

Dernier

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 

Dernier (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 

Sergio González - WiFiSlax 4.0 [RootedCON 2010]

  • 1. WiFiSlax 4.0 beta Advances and improvements Congreso de Seguridad ~ Rooted CON’2010
  • 2. What was? • Focused on Wireless Audit • Latest tools for Wireless Audit • Drivers of the most common chipsets in our laptops (innovating with packet injection support) • Ease of use for the uninitiated in GNU/Linux • Launchers and GUI tools • Basic help in spanish Congreso de Seguridad ~ Rooted CON’2010 2
  • 3. WiFiSlax 4.0 beta Congreso de Seguridad ~ Rooted CON’2010 3
  • 4. What? • GNU/Linux distribution • Debian Stable based • Nowadays, not only Wireless Security: /NETWORK VULNERABILITY & PENTESTING /BLUETOOTH /RFID /IRDA /SERIAL PORT /CRACKING /REVERSING /FORENSIC • Compatible with other system • GRUB as boot loader Congreso de Seguridad ~ Rooted CON’2010 4
  • 5. What? • Live CD/DVD/USB • Kernel 2.6.32.5 SMP • KDE 3.5.10|¿KDE 4? – Compiz Fusion included – Drivers ATI / Drivers NVIDIA • Automount new drives – RO/RW over NTFS, HFS and NAS • Automount new devices – Wireless devices / mouse / etc Congreso de Seguridad ~ Rooted CON’2010 5
  • 6. Which support? • Ease of use regardless of driver • Launch GUI: – Broadcom bcm43xx – Intel IPW2200, IPW3945, IPW4965 – Ralink rt2570, rt73 – Prism, Prism2 – Realtek rt8180/rt8185, rt8187 – Atheros mode managed, monitor, master • Problems with your chipset? – usbview, lsusb, lspci, dmesg, etc... Congreso de Seguridad ~ Rooted CON’2010 6
  • 7. Which support?  Prism54  IPW2100  Madwifi-ng  IPW2200  Wlan-ng  IPW3945  HostAP  IPW4965  Ralink rt2570  Intel WiFi Link 5X000  Ralink rt61  Zydas ZD1201  Ralink rt73  Zydas ZD1211rw  Ralink rt2X00  Zydas ZD1211b  Ralink rt2860  Realtek rtl8180  Ralink rt2870  Realtek rtl8185  Ralink rt8187  Realtek rtl8187B/L  Ralink rt3070  Atheros AR5007EG  Broadcom Congreso de Seguridad ~ Rooted CON’2010 7
  • 8. What included? • Konqueror 3.5.9 • Iceweasel 3.6 – NoScript – Live HTTP headers – ShowIP – Tamper Data – Firebug – HackBar – etc Congreso de Seguridad ~ Rooted CON’2010 8
  • 9. What include? • Audit & security tools • Wireless chipsets for auditing & pentesting • Wireless tools – Kismet, machanger, aircrack-ng, aircrack-ptw, etc • Cryptanalysis tools (WEP/WPA/WPA2, cookie entropy, etc) Congreso de Seguridad ~ Rooted CON’2010 9
  • 10. What included? • Wi-Spy – Channels spectrum analyzer Congreso de Seguridad ~ Rooted CON’2010 1 0
  • 11. Aircrack-ng-patch • Anticipating the next speaker: • WiFiSlax 4.0 is the only distribution that is not vulnerable to 0-day of Airodump-ng 1.0 [No more details, yet] – Thanks to Iñaki L. ;-) Congreso de Seguridad ~ Rooted CON’2010 1 1
  • 12. What included? • More audit tools: – Zenmap – Wireshark – ettercap – asleap – Scapy – Etc. Congreso de Seguridad ~ Rooted CON’2010 1 2
  • 13. What included? • wesside-ng – Automatic cracking WEP • WifiZoo v1.3 – WEP/WPA support (only in WiFiSlax 4) Congreso de Seguridad ~ Rooted CON’2010 1 3
  • 14. Other attacks • Karma • Airbase-ng • Fake APs (MitM and hirte attack) auto-connect for Windows & MacOS clients & ¿mobile devices? ;-) Congreso de Seguridad ~ Rooted CON’2010 1 4
  • 15. What included? • Bluetooth support: • airotooth.sh • Bluetooth Sniffing • BTSniff for chipsets CSR BC4 Flash/RAM • BTCrack for Linux Congreso de Seguridad ~ Rooted CON’2010 1 5
  • 16. What included? • RFID tools: • IrDA & Serial port: • 3-G support: • Vodafone  • Yoigo  • Movistar ? Congreso de Seguridad ~ Rooted CON’2010 1 6
  • 17. What included? • Cracking: • Reversing: Congreso de Seguridad ~ Rooted CON’2010 1 7
  • 18. What included? • Forensic: Congreso de Seguridad ~ Rooted CON’2010 1 8
  • 19. What included? • Recomposition of TCP sessions: • airdecap-ng • Form Fields without SSL encryption • Uncipher, WEP, WPA, WPA2 connections • Xplico – Data mining and network forensic • Wireshark • Uncipher, WEP and WPA connections • VoIP Congreso de Seguridad ~ Rooted CON’2010 1 9
  • 20. What included? • Karmetasploit • Rogue AP attacks for e-mail and web password interception, cookie stealing and insecure services (POP3, FTP, SMB, etc) • Lorcon • Packet injection library for IEEE 802.11 • Lorcon2 • Packet and shellcode injection with Metasploit Congreso de Seguridad ~ Rooted CON’2010 2 0
  • 21. What included? • Network security & Information gathering: Congreso de Seguridad ~ Rooted CON’2010 2 1
  • 22. What included? • DNS: • WEB: …and DioNiSio Congreso de Seguridad ~ Rooted CON’2010 2 2
  • 23. What do you expect? • For n-th time: WEP IS INSECURE BY DESING! – Vendors such as Ubiquiti don’t support • Forget poorly implemented ciphers – Don't exist strong passwords – Security must be transparent for the user Congreso de Seguridad ~ Rooted CON’2010 2 3
  • 24. What do you expect? • Efficient alternative to another distributions • Abandon WEP and WPA • Improving wireless security • Automate and collect audit tools • Promote new security standards • Fostering interest in security Congreso de Seguridad ~ Rooted CON’2010 2 4
  • 25. Updates? • Update packages : – apt-get / aptitude • WiFiSlax 4.0 repository: – Valid for all Debian Congreso de Seguridad ~ Rooted CON’2010 2 5
  • 26. Who? • Staff elhacker.net ? • Staff Seguridadwireless.net ? pers ve l o g s of de thin roup make and ght g w to ry ti ho A ve know se, effe ctive • who r, conci clea ient. effic Congreso de Seguridad ~ Rooted CON’2010 2 6
  • 27. Where? • WiFiSlax.com Oficial Webpage: http://www.wifislax.com/ • WiFiSlax @ LinkedIn Oficial Group: http://www.linkedin.com/groups?gid=2066315 Congreso de Seguridad ~ Rooted CON’2010 2 7
  • 28. Questions? • Thanks to: – SeguridadWireless.net – BrutalSec.net – …anyone wishing to include their tools!  Congreso de Seguridad ~ Rooted CON’2010 2 8
  • 29. www.wifislax.com Sergio González Congreso de Seguridad ~ Rooted CON’2010