Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Disclaimer

Do not run this on campus without having spoken with the Information Security Office! Use of these tools can result in an Acceptable Use Policy violation (which is bad).

There are plaintext passwords in this file and in the Ansible files. This is not good! Don't use this for any test or production system, these VMs are isolated and only in existence for a short period of time for the demo.

Infrastructure Setup

Setup Instructions

  1. Setup the VMs as shown below using VBox or VMware
  2. Install sshpass
    • Should be in your repos
    • Mac: brew install https://raw.githubusercontent.com/kadwanev/bigboybrew/master/Library/Formula/sshpass.rb
    • Debian/Ubuntu and its derivatives: sudo apt install sshpass
    • RedHat/CentOS: yum install sshpass
    • Windows: You can't use sshpass on Windows
  3. Update the host vars file with the appropriate MAC addresses (TBD)
  4. Make sure it all works: ansible -i hosts all -m ping
  5. Run the Ansible playbook: ansible-playbook -i hosts site.yml

Physical Systems

  • Control System (not shown to attendee)
    • Can be virtualized if host system is running Windows (Ansible control system can't be run on Windows).
  • Attacker System
  • Victim System
  • WiFi Access Point
    • This repo contains a file that can be used to restore settings to a Belkin N600.

Attacker VM has to be on the Attacker System, Victim VM has to be on Victim System, and the other two VMs can be on either of those systems. The Control System is not used to run VMs, only for orchestration via the wired network.

Configure the following settings on the WiFi AP:

  • SSID: OSUSEC-Demo
  • Use WPA2
    • PSK: hackdatboi
  • Address: 172.16.10.254
  • Mask: 255.255.255.0 Optionally, you can just restore the settings in router.conf to a N600.

Virtual Machines

This demo requires 4 VMs.

Base VM config (unless otherwise noted):

  • Ubuntu 18.04 Server
  • 1 vCPU
  • 2 GB RAM
  • 20 GB disk (thin alloc is fine)
  • 2 NICs:
    1. Bridged over WiFi host NIC
      • Subnet mask: /24 (255.255.255.0)
      • Gateway IP: 172.16.10.1
    2. Bridged over wired host NIC
      • Subnet mask: /24 (255.255.255.0)
      • Gateway IP: 172.20.10.1
  • Install Python after install finishes:
    • sudo apt -y install python

Specific VM configs:

  • Webserver
    • WiFi IP: 172.16.10.30
    • Wired IP: 172.20.10.30
    • Username: webuser
    • Password: ultrasecure
  • VPN Server
    • WiFi IP: 172.16.10.40
    • Wired IP: 172.20.10.40
    • Username: vpnuser
    • Password: cantsniffthis
  • Attacker
    • 2 vCPU
    • WiFi IP: 172.16.10.50
    • Wired IP: 172.20.10.50
    • Username: badguy
    • Password: gimmedamoney
    • USB Passthrough the Alfa NIC to this VM
  • Victm
    • Ubuntu 18.04 Desktop
    • 2 vCPU
    • 4 GB RAM
    • WiFi IP: 172.16.10.60
    • Wired IP: 172.20.10.60
    • Username: demouser
    • Password: ilikecookies
  • MitM box
  • WiFi IP: 172.16.10.70
  • Wired IP: 172.20.10.70
  • Username: mitmuser
  • Password: istoleyourpass

About

Wifi MitM/Snooping Demo

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published