Page 39 - index
P. 39
If a college student can do it…
Imagine this. A local student is getting ready for a presentation about recycling in your office.
Within 15 minutes he has already found a backdoor to your computer, your username and
password and has already walked out the front door. You don’t know his name, where he
comes from or where he’s going. All you can really say is that he seemed so nice, and just
needed time to prepare his presentation. Who you thought was a college student, really turned
out to be a hacker and he’s just walked away with more than your username and password.
He’s just walked away with your life.
On April 2015 I was approached by the owner of a local company in my city. He knew that I was
a student at Dixie State University, and that I wanted to explore the aspects of becoming a
penetration tester (this is known as a security tester through ethical hacking). He wanted me to
check how secure his system was, through accessibility and vulnerability as well social
engineering (talking to people seeing what information they will give me). We wrote up a
contract with his personal contact information as well conversed with his head IT administrator
in the case I got caught, I would have something to show that I was not a real hacker. I laid out
the following goals in my assignment 1. Get direct access to their switch/router, 2. Find
vulnerabilities, 3. Verify the ability to open back doors for secure access and 4. Leave without a
trace.
In preparation of my tasks, I made a list of tools that I would need to aid me the hack. It is
important to note that these tools can be easily acquired and without the right protection, can
wreck havoc on not only your office but your home as well.
The first tool I grabbed purchased was the Pineapple router. The pineapple router is one of the
best tools for an evil twin and a man-in–the-middle attack. What set’s the pineapple apart from
normal routers are the infusions that come preinstalled on it. The three tools I used from the
router were SSL (secure sockets layer) strip, Karma and Beacon response. The best way to
explain what an evil twin is to understand how a normal wireless device connects to a network.
When you first connect to a network it stores in its settings the network name and
authentication, and is saved as a trusted network.
Then when you walk into your home your router sends out a beacon to the devices in the home
asking them if they want to connect, your devices then see that your network; has been used
before, is trusted, and sends a response back saying “Yes I would like to connect online”, and
automatically connects to that network.
Beacon Response and Karma send out a beacon to all wireless devices no matter what your
network name is and say “Hey I am your trusted network, you should talk to me first” your
device then says “are you a trusted a network?” finally the beacon response replies back “I have
the same network name for the network you usually connect to and you don’t even have to tell
me your password” and thus ensnares the victim.
39 Cyber Warnings E-Magazine – May 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
