Sep 13, 2017

Snagging creds with USB Armory, Hak5 Turtle, raspi0+Responder+hashcat, Arduino, Bash Bunny

・Snagging creds from locked machines (2016/09/06)
 https://room362.com/post/2016/snagging-creds-from-locked-machines/
 有名ツール USB Armory ($155)、Hak5 Turtle ($49.99) の紹介
 Responder にも言及
 interfacesやdhcpd.conf の設定例あり

・Bash Bunny
 https://hakshop.com/products/bash-bunny
 有名ツール。$99.99 - $119.99

・Raspberry Pi Zero for credential snagging (2016/09/18)
 https://zone13.io/post/Raspberry-Pi-Zero-for-credential-snagging/
 Responder の記事
 Raspbian Jessie (I used Jessie Lite, Release date: 2016-05-27)を使用

 Cracking NTLMv2 responses captured using responder (2016/09/23)
 https://zone13.io/post/cracking-ntlmv2-responses-captured-using-responder/
 hashcatを使って事後、辞書攻撃

・pisponder
 https://github.com/dee-oh-double-gee/pisponder
 
・Vulnerability to Security Attacks in NDIS Drivers (04/20)
 https://docs.microsoft.com/en-us/windows-hardware/drivers/network/vulnerability-to-security-attacks-in-ndis-drivers

・USBポートを使ってPCを勝手に操作しちゃおう! (02/12)
 http://qiita.com/lowlevel/items/fc57a0c713e07e718918
 Arduino Micro の記事
 キーボードとして機能させるための設定やコードが極少量で手軽そう


No comments: