Hak5

Hosted by Darren Kitchen and Shannon Morse. New episodes Tuesdays.

Put together by a band of IT ninjas, security professionals and hardcore gamers, Hak5 isn't your typical tech show. We take on hacking in the old-school sense, covering everything from network security, open source and forensics, to DIY modding and the homebrew scene. Then we wrap it all up with a... Read More

Botnet Command & Control and Man-in-the-Middle detection

Wednesday, February 17th, 2010 – running time 35:44

More episodes:

Download this episode:

  • MP4
  • WMV
  • Xvid

Following our 2010 Shmoocon special we're joined in studio by security expert and programmer extraordinaire Robin Wood to talk about his proof of concept botnet command and control tool KreiosC2. We also discuss tools for detecting traditional Man-in-the-Middle attacks. And stay tuned for a special season seven announcement.

Botnet Command and Control with Kreios C2

Using social networks as its communications channel, Robin Wood's Kreios C2 is far more sophisticated than the traditional IRC based approach for controlling hordes of zombie computers. Version 3 was recently released and demoed at the Shmoocon 2010 Social Zombies talk (32MB AVI).

04:08 | Play

Man-in-the-Middle Attack Detection

With Robin Wood, master of hardware based Man-in-the-Middle tools, in studio Darren decides to give the traditional ARP poisoning method some love. White-hat love that is. Your typical ARP Poisoning Man-in-the-Middle attack which can be easily performed using tools such as ettercap, arpspoof, or even Cain & Abel on Windows. Generally speaking the goal is to convince the victim, using spoofed ARP packets, that your MAC address is associated with the IP address of another machine on the network -- typically the router or gateway.

Of course in the real world the MAC address of your router doesn't happen to change very often, so if it does it's a tell-tale sign that something weird is happening. In this segment we demo Irongeek's ARPWatch-like tool for Windows, DecaffeinatID. On the Linux side check out arpwatch.

15:19 | Play

Connect with Hak5

  • 10 days ago

    Employers want social media passwords, US gets a #CPO, and #TheOnion! All that and more this time on #ThreatWire! http://t.co/SrZpicvnt6

    View Post

  • 13 days ago

    #Installing #Solar panels, #Google #Chrome #extensions, and more on @Hak5! http://t.co/QppYLgZpi5

    View Post

  • 13 days ago

    Legalizing #Internet eavesdropping, #LivingSocial is #hacked, and more on this weeks #ThreatWire! http://t.co/xyIxzy8kes

    View Post

  • 13 days ago

    @thescribe I didn't! They were disabled and enabled throughout the segment. Each one has a different icon. - @Snubs

    View Post

  • 13 days ago

    @myraitnetwork thank you!

    View Post

  • 28 days ago

    #PGP #Encrypt your email, back up your #Gmail Account with #Ubuntu, text #messaging your #WiFi #Pineapple On #Hak5! http://t.co/KSZeO4GEPU

    View Post

About the Show

Details
Show Title:
Hak5
Description:
Hak5 isn't your typical tech show. It's hacking in the old-school sense, covering everything from network security, open source and forensics to DIY modding and the homebrew scene. Damn the warranties, it's time to Trust your Technolust.
Categories:
How-To & DIY, Technology & Gadgets
Launch Date:
Sep 7, 2008
Episodes:
331
Credits
Shannon Morse (Host)
Darren Kitchen (Host)