Hacking Hardware
Description
Defend your system against hardware-based security breaches by thinking like a hacker! With this guide, master the tools you need to develop preventative IT security tests and measures. Learn how to perform penetration tests step by step, and then evaluate and correct vulnerabilities. Get up to speed on awareness training methods and hacking tools for protecting your hardware. From USB killers and keyloggers to manipulated Wi-Fi connections and beyond, understand real-world attack scenarios and-most importantly-how to prevent them!
In this book, you'll learn about:
a.Penetration Testing and Red Teaming
Where are the vulnerabilities in your infrastructure? How does an attacker see your environment, and what tools do they use? You'll discover that the best attack tools often look simple, yet still cause significant damage.
b. Security Awareness Training
The best virus scanners and firewalls are useless if your team doesn't take the necessary precautions. Learn how to conduct effective awareness training to educate your colleagues about the dangers posed by inconspicuous hardware.
c.Hacking Hardware
Rubber Ducky, USBKill, HackRF One, Flipper Zero-see common attack vectors and hacking hardware in action. Become a master at identifying threats, and get equipped with appropriate countermeasures.
Highlights include:
1)Hardware pentesting
2)Red teaming
3)Training security awareness
4)Spy gadgets
5)USB attacks
6)Wi-Fi manipulation
7)Spying on wired networks
8)Wireless connection disruption
9)RFID tag manipulation
10)Bluetooth tracking
11)Universal hacking hardware
More details
Person
Content
... Foreword ... 19
1 ... Introduction ... 21
1.1 ... The Audience for This Book ... 22
1.2 ... The Contents of This Book ... 22
1.3 ... The Structure of This Book ... 23
1.4 ... Note from the Author ... 26
1.5 ... Further Resources ... 27
PART I ... Performing IT Security Penetration Tests ... 29
2 ... IT Security Penetration Tests ... 31
2.1 ... Getting Started: What Are Pentests? ... 32
2.2 ... Characteristics of Penetration Tests ... 40
2.3 ... Procedure for Penetration Tests ... 44
2.4 ... Assessing Vulnerabilities ... 47
2.5 ... Eliminating Vulnerabilities ... 51
3 ... Red Teaming as a Method ... 53
3.1 ... Using Red Teaming Successfully ... 55
3.2 ... Procedure of Red Teaming ... 58
3.3 ... The Purple Team Variant ... 60
4 ... Test Scenarios in Practice ... 63
4.1 ... Scenario A: Testing a Wi-Fi Surveillance Camera ... 64
4.2 ... Scenario B: Examining RFID Access Cards for a Locking System ... 75
4.3 ... Scenario C: Checking the Network Connections of a Printer ... 83
4.4 ... Scenario D: Analyzing the Interfaces of a Client Computer ... 90
PART II ... Awareness Training with Pentest Hardware ... 101
5 ... Security Awareness Training ... 103
5.1 ... Social Engineering ... 104
5.2 ... Different Types of Training ... 105
5.3 ... Security Awareness Training Using Pentest Hardware ... 106
6 ... Successful Training Methods ... 111
6.1 ... Raising Interest ... 112
6.2 ... Promoting Motivation ... 114
6.3 ... Controlling Activation ... 115
6.4 ... Encouraging Interaction ... 117
7 ... Training Scenarios in Practice ... 121
7.1 ... Scenario A: Contaminated Workplace ... 121
7.2 ... Scenario B: Hardware Scavenger Hunt ... 124
7.3 ... Scenario C: USB Drives in Public Areas ... 127
PART III ... Hacking and Pentest Hardware Tools ... 135
8 ... Pentest Hardware ... 137
8.1 ... Overview of the Hardware ... 137
8.2 ... Sources of Supply ... 144
9 ... Secret Surveillance Using Spy Gadgets ... 147
9.1 ... Attack Scenario ... 148
9.2 ... Mini Recording Devices: Secret Audio Recordings ... 151
9.3 ... GSM Recording Device: Worldwide Audio Transmissions ... 153
9.4 ... Spy Cameras: Undetected Video Recordings ... 155
9.5 ... Mini Wi-Fi Cameras: Versatile Camera Modules ... 157
9.6 ... GPS Trackers: Secretly Tracking and Transmitting Positions ... 158
9.7 ... Countermeasures ... 160
9.8 ... Analyzing Devices Found ... 163
10 ... Recording Keystrokes and Monitoring Signals Using Loggers ... 165
10.1 ... Attack Scenario ... 166
10.2 ... Keyloggers: Inconspicuous Keyboard Monitoring ... 168
10.3 ... Screen Loggers: Secret Screen Monitoring ... 184
10.4 ... Countermeasures ... 196
10.5 ... Analyzing Devices Found ... 197
11 ... Attacks via the USB Interface ... 199
11.1 ... Attack Scenario ... 201
11.2 ... BadUSB Hardware ... 204
11.3 ... Control via Bluetooth or Wi-Fi ... 241
11.4 ... Simulating USB Devices ... 281
11.5 ... Destroying Computers Using USB Killers ... 297
11.6 ... Countermeasures ... 309
11.7 ... Analyzing Devices Found ... 312
12 ... Manipulating Wireless Connections ... 313
12.1 ... Attack Scenario ... 314
12.2 ... Frequencies and Antennas ... 316
12.3 ... Wireless Signal Cloners: Duplicating Wireless Connections ... 318
12.4 ... Nooelec NESDR SMArt: Analyzing Wireless Connections ... 319
12.5 ... LimeSDR Mini: Attacking Wireless Connections ... 326
12.6 ... YARD Stick One: Manipulating Wireless Signals ... 329
12.7 ... HackRF One: Easy Duplication of Wireless Communication ... 334
12.8 ... HackRF One PortaPack: Mobile Version ... 339
12.9 ... Jammers: Interrupting Wireless Connections ... 347
12.10 ... Countermeasures ... 348
12.11 ... Analyzing Devices Found ... 349
13 ... Duplicating and Manipulating RFID Tags ... 351
13.1 ... Attack Scenario ... 354
13.2 ... Detectors: Detecting RFID Readers and Tags ... 356
13.3 ... Cloners: Simply Copying RFID Tags ... 359
13.4 ... Keysy: A Universal RFID Key ... 366
13.5 ... ChameleonMini/Tiny: An RFID Multitool ... 368
13.6 ... Proxmark: Powerful RFID Hardware ... 373
13.7 ... iCopy-X: Another RFID Multitool ... 383
13.8 ... NFCKill: Destroying RFID/NFC Tags ... 386
13.9 ... Countermeasures ... 389
13.10 ... Analyzing Devices Found ... 389
14 ... Tracking and Manipulating Bluetooth Communication ... 391
14.1 ... Attack Scenario ... 392
14.2 ... Bluefruit LE Sniffer: Tracking Bluetooth Low Energy ... 394
14.3 ... BtleJack with BBC micro:bit for Tapping Bluetooth Low Energy Connections ... 397
14.4 ... Ubertooth One: Analyzing Bluetooth Connections ... 403
14.5 ... Countermeasures ... 408
14.6 ... Analyzing Devices Found ... 409
15 ... Manipulating and Interrupting Wi-Fi Connections ... 411
15.1 ... Attack Scenario ... 412
15.2 ... DSTIKE Deauther: Interrupting Wi-Fi Connections ... 414
15.3 ... Maltronics WiFi Deauther: Remote-Controlled Attacks ... 421
15.4 ... WiFi Pineapple: Fake Wi-Fi Networks ... 426
15.5 ... Countermeasures ... 444
15.6 ... Analyzing Devices Found ... 446
16 ... Tapping Wired LANs ... 447
16.1 ... Attack Scenario ... 448
16.2 ... Throwing Star LAN Tap: Simply Tapping Data ... 450
16.3 ... Plunder Bug: Exfiltrating Data with Style ... 454
16.4 ... Packet Squirrel Mark II: Capturing Network Traffic ... 458
16.5 ... Shark Jack: Performing Predefined Actions ... 481
16.6 ... LAN Turtle: Secret Network Access ... 488
16.7 ... Countermeasures ... 500
16.8 ... Analyzing Devices Found ... 502
17 ... Universal Hacking Hardware ... 503
17.1 ... USB Army Knife: LILYGO T-Dongle S3 ... 503
17.2 ... Raspberry Pi and P4wnP1 A.L.O.A.: The BadUSB Super Tool ... 511
17.3 ... Flipper Zero: A Hacker Tamagotchi ... 515
18 ... Discontinued Hardware and Previous Versions ... 533
18.1 ... Attacks via the USB Interface ... 533
18.2 ... Manipulating Wireless Connections ... 554
18.3 ... Tapping Wired LANs ... 557
19 ... Analyzing Detected Hardware ... 575
19.1 ... Documentation ... 576
19.2 ... Devices with Data Storage ... 576
19.3 ... Logging Network Traffic ... 587
19.4 ... Detecting and Analyzing Wi-Fi Networks ... 592
19.5 ... Conclusion ... 596
20 ... Instructions and Knowledge Base ... 597
20.1 ... Laboratory Environment ... 597
20.2 ... Arduino IDE ... 606
20.3 ... Virtual Keyboard and Mouse ... 610
20.4 ... DuckyScript from Hak5 ... 616
20.5 ... PayloadStudio from Hak5 ... 622
20.6 ... Cloud C2 from Hak5 ... 628
20.7 ... Keyboard Shortcuts and Special Keys ... 633
... The Author ... 637
... Index ... 639