Every thursday it’s all “About Hacking”

ABOUT YOU TECH
Jan 7, 2019 · 4 min read
Image for post
Image for post

“Hacking” is one of those fields that’s somewhat a mystery even to most people working in IT. To get a better feeling for the importance of the topic and how certain attack scenarios are working in practice, we have a weekly session in the evening, that is all About Hacking. So today we kickoff the series covering our weekly Hacker-Sessions and reporting for you on all our achievements and what we learn each week.

Recap of starting sessions

Image for post
Image for post

We recently had our 3rd “About Hacking”-Session. Sitting all cliche together, with just a few people, in a dark corner of a meeting room, chips and beer on the side of our laptops, while starring on our screens. After our 1st and 2nd meeting where we already focused on getting our HackingEnv up and running, choosing between ParrotOS and Kali Linux and setting up a Raspberry Pi as our targeted system, yesterday it was finally time to actually start getting “our hands dirty”.

The session setup

You can get hints as well, if you are stuck but with a problem, but choose wisely as only the first will be for free. 🤔 The first to finish will get a place in our Hacking Hall of Fame, taking their place amongst Elliot Alderson, Kevin Mitnick and Edward Snowden.

Image for post
Image for post

To put each of these smaller attacks into a bigger picture
and frame them as a real
world attack, we organize multiple sessions into a bigger attack scenario combining multiple smaller exploits
and attack vectors.

Hacking a WPA2 Access Point

Running airgeddon (Fancy effect, don’t you think? 😄)

So the basic attack for all of us worked in 5 easy steps:

  1. Figure out the BSSID (Basic Service Set Identification) of our target AP.
  2. Using that BSSID to capture all packages between the AP and all devices that are connected to it.
  3. Force one or multiple devices connected to the AP to reconnect to capture the handshake packages containing the encrypted WIFI-password.
  4. Use a dictionary file with commonly used passwords and their encrypted hash to lookup the captured, encrypted Wifi-password.
  5. Take password, connect to Wifi and enjoy free internet. 😁

Disclaimer
It is illegal to do this with wifis you don’t have explicit allowance for!!!

For more detailed instructions on how to do this just checkout some of our resources:

Conclusion so far

Image for post
Image for post

“Hacking” in movies is mostly BS. Of course, we all knew or at least suspected that somehow but to actually sit down and see how an attack would work, feels so cool and it’s amazing to sit together as a group and to figure out in teamwork how to best approach these problems.

We hope you liked this inside into one of our company events and if you want to stay updated on these weekly events or any other topics surrounding About You Tech, just follow us here and any of our other channels like twitter, facebook and instagram or just go ahead and checkout some of our
open positions and take part in the next About Hacking yourself. 😎

See you there

ABOUT YOU TECH blog

Want to know more ABOUT TECH?

ABOUT YOU TECH

Written by

AY Dev news — fast & flexible. Check our vacancies https://corporate.aboutyou.de/en/jobs or our large-scale eCommerce infrastructure https://cloud.aboutyou.com

ABOUT YOU TECH blog

Do you want to know more ABOUT TECH? What we're developing? Which technologies we're using? Have a look at corporate.aboutyou.de/de/jobs. We successfully launched the 1st eCommerce infrastructure for large scale & innovative retail - ABOUT YOU CLOUD see https://cloud.aboutyou.com

ABOUT YOU TECH

Written by

AY Dev news — fast & flexible. Check our vacancies https://corporate.aboutyou.de/en/jobs or our large-scale eCommerce infrastructure https://cloud.aboutyou.com

ABOUT YOU TECH blog

Do you want to know more ABOUT TECH? What we're developing? Which technologies we're using? Have a look at corporate.aboutyou.de/de/jobs. We successfully launched the 1st eCommerce infrastructure for large scale & innovative retail - ABOUT YOU CLOUD see https://cloud.aboutyou.com

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store