Session:Network hacks for smart attacks
|A lab about practical attacks on different routing protocols (RIPv2, OSPFv2 and BGP), using GNS3 network simulation tool for creating the virtual lab and for testing the various attacks.
|software, network, hacking, security
|en - English
|Room:Lecture room 12
Be careful that this page is being edited with new info during the next days and nights.
The Vatican Embassy is happy to share some research we did in the last months.
The idea is to briefly explain how these three routing protocols works and then showing how different attacks work, using Python to implement the attacks, where needed. The attacks will be simulated with GNS3 against different iOS Cisco firmwares.
Prepare the environment
For the workshop, I expect that:
- you know how to prepare your environment (check below for the instructions)
- you know base IPv4 networking concepts
- you know Python (or, at least, you can understand it)
- some Cisco CLI knowledge could be useful
Even if you don't match those requirements but you are interested in the topic, join us! Even though you will not be able to follow every detail and to replicate it on your system, you will be able (I hope) to get the concepts and to fill the gap whenever you came back home.
Due to the fact that, inside the GNS3VM, you are going to run multiple Cisco iOS firmwares on a virtual hardware, your system needs to be capable to do virtualization inside a VM. To do that, your system has to support either Intel VT-x or AMD-V.
GNS3 is a software that is used to virtualize complex networks, with interesting capabilities: for us, we are interesting in GNS3 being able to run Cisco iOS images and to connect virtual machines (running on different hypervisors, such as Virtualbox and VMware) to the virtual network it is running.
GNS3 is composed by two parts:
- the GNS3 virtual machine (from now on, GNS3VM), which is ready to be downloaded and it is where the router/switches firmwares will be executed;
- the GNS3 desktop client, (from now on, GNS3CL) which is a client application allowing the user (a.k.a., you) to connect to the GNS3 VM and to interract efficiently with it.
Due to the fact that there will (hopefully) a lot of people attending the workshop, we (a.k.a, the Vatican Embassy) cannot provide a single GNS3VM where everyone can connect, so it is expected that you are going to run your own GNS3VM and GNS3CL on your notebook.
Prepare the GNS3 environment
Follow those steps to prepare the enviroment before the workshop:
- Install VMware Player (it is needed because currently Virtualbox does not allow nested virtualization)
- Please note that if you are running Ubuntu 17.10, there is a known bug preventing VMware Player to run... in that case, download the trial version of VMware Workstation 14.1 and it should work
- Prepare a host-only network inside the hypervisor
- Create an account on https://gns3.com/
- Login and download the GNS3VM
- Import the GNS3VM in your hypervisor
- In the GNSVM's hypervisor settings:
- check if the Intel VT-x / AMD-V is enabled (it should, by default)
- associate the previously created host-only network to the host-only interface of the GNS3VM
- Start the GNS3VM and, using the menu that appears, upgrade it (just in case)
- Install the GNS3CL on your notebook (check the GNS3 website for instructions)
Prepare the Kali VM
Kali, as probably you already know, is a Linux distribution created for penetration testing. In our case, probably more or less any other Linux distribution will work, but let's use Kali to have all the same enviroment.
For Kali, you can choose the version you prefer, but I suggest you to use the light one, providing 2 cores and at least 2GB of RAM.
Install the Kali VM (from now on, KaliVM) inside the hypervisor and install inside it any text editor that is fine for you (vi, vim, emacs, cat, echo, notepad.exe, SublimeText, Visual Studio Code, ...). Also double-check that Python (either 2.7 or 3) is installed and it is working.
The next stuff that you should install is Scapy, that is a tool we are going to use to generate malicious (muhahahaha) traffic in order to get control of the network.
If anything is not clear, feel free to drop an email to lo [at] microlab [dot] red . Of course, spread the voice!