Security Penetrating Lecture

[nightwork]

I am considering giving a short workshop / lecture on security penetration. I have had many people express an interest in the subject. I have always had an interest in Hacking and thanks to this forum's help I was able to learn to crack my own wireless password. The vary next day I upgraded my router and encryption method.

My hope is that by teaching people the same thing, they too will take steps protect themselves, rather then believing that WEP encryption, or using their birthday as their password will protect them.

The topics I plan to cover are
1. How to crack WEP encrypted wireless (Using backtrack 3)
2. How to crack windows log in passwords (Using Ophcrack)
3. How to recover deleted files.

I will be stressing that it is illegal to use these techniques without permission.

I am interested in your opinions on a lecture of this kind. Should I do it or not? Do you see any potential problems or issues? What wisdom can I learn from your experience?

thanks in advance,
~Nightwork

[KMDave]

Well that does not really cover very much of the entire pentesting and security field.

If you have enough people who are interested in, why not but it seems that it only scratches a little little bit on the surface.

Maybe you should go ahead and learn more about it before really teaching this stuff. Also you should know exactly how it is working and why. If you just teach people to use a tool without knowing what it does under the hood, it is not really any beneficial. If there is the slightest issue and if it is not working the way you have shown it, they will be totally lost.

[thunderwing]

I would say that it depends on your audience, if you can't get technical enough with them to explain how these exploits work, I don't think just seeing you perform them will be any help. Just as an example, its all well in good to type in the list of commands needed to attack a wireless ap, but their are several different attacks that exploit it very differently. I think if you're going to cover that topic, you should explain to them how and why each of these techniques work. The next example is using ophcrack, you should be able to explain to them what a rainbow table is and why it works.

I wouldn't see this workshop going anywhere productive without the absolute full story. Otherwise it will just look like magic, and you the wizard.

[Andy90]

Important questions, who are you teaching and what do you hope to attain by this.

[streaker69]

Important questions, who are you teaching and what do you hope to attain by this.

Very good questions, and I'm sure that since you're asking them, you've given lectures.

That is #1 on the list for anyone that is going to be presenting anything.

[nightwork]

Thank you for all the comments thus far.

I would say that it depends on your audience, if you can't get technical enough with them to explain how these exploits work, I don't think just seeing you perform them will be any help. Just as an example, its all well in good to type in the list of commands needed to attack a wireless ap, but their are several different attacks that exploit it very differently. I think if you're going to cover that topic, you should explain to them how and why each of these techniques work. The next example is using ophcrack, you should be able to explain to them what a rainbow table is and why it works.

I feel that I understand the basics of the different attacks on wireless and was planning on focusing on only a few, so that I could go into detail. Before the lecture I was going to brush up on some of the details and try to put together a .pdf which I could give them. As for the rainbow tables I am confident that I understand enough of about them as well as how windows stores the hashes to explain it in detail.

Important questions, who are you teaching and what do you hope to attain by this.

My audience would mostly be university students enrolled in engineering and computer science. My experience is that security is really bad at most engineering firms. I'm currently teaching at the university and have had many people show interest in the subject. As for what I am hoping to attain, I am not really sure. I enjoy teaching and feel that I learn from teaching others as well.

~Nightwork

[Andy90]

Yes I did one, and the purpose was too raise awareness, not teach them how to hack, but I did some very quick exploits, the quicker/simpler the better, not for them to learn, but for them to realise how much you can do in such little time.

In over an hour i proved wep was useless, arp is manipulatable, and machines should always be patched, they have no idea how i did it (too quick) but they saw the consequences

[killadaninja]

Yes I did one, and the purpose was too raise awareness, not teach them how to hack, but I did some very quick exploits, the quicker/simpler the better, not for them to learn, but for them to realise how much you can do in such little time.

In over an hour i proved wep was useless, arp is manipulatable, and machines should always be patched, they have no idea how i did it (too quick) but they saw the consequences

Fair point, you need to aim your lecture more towards how to protect against exploitation NOT how to exploit, there would only be 1 reason someone would NEED to know EXACTLY HOW to this and it speaks for itsself. Like Andy said maybe perform the exploit but stay away from going into to much detail, instead concentrate on teaching how to protect networks.

[Thorn]

Fair point, you need to aim your lecture more towards how to protect against exploitation NOT how to exploit, there would only be 1 reason someone would NEED to know EXACTLY HOW to this and it speaks for itsself. Like Andy said maybe perform the exploit but stay away from going into to much detail, instead concentrate on teaching how to protect networks.

Exactly. One or two demos of exploits will open peoples' eyes, and make for good theater and therefore a more interesting lecture, but unless the audience members are specifically getting into pen testing or a bad guys, the 'how it's done' isn't the info most people will really need.

What they do need is info on protecting themselves. A few quick examples:
Demo: Break WEP. Protection info: Use WPA2 with a strong passphrase.
Demo: Break WPA (or a shadow file) with a weak password/phrase. Protection info: Why strong passwords protect against dictionary attacks, and long, strong password protect against brute force attacks.

[jhonnycage828]

I would also say use some metasploit stuff in a demo to reverse_vnc_inject to get your gui. That usually puts a good feeling in you and a scary thought to the average person. Will be entertaining for them as well as very enlightening. And better yet if you practice it a few times and automate the process you could crack the wep wpa or whatever and have your gui in about 5 minutes or so.