d3d ^ is a freelance security researcher (among other things) that ❤ exploit development, bug hunting, and writing offensive security tools.

Hardware Additions

42 sec read

In this post, I am going to go over a real world example of how hardware additions are used to assist operators in creating and maintaining access into a target network. Red team operators usually have various pieces of hardware to assist in their operations, including (but not limited to) P4wnp1 (badusb), PhanTap (implant), Pineapple Wifi (wireless), or any number of combinations to achieve their goal.

The MITRE ATT&CK Framework describes the attack as follows:

Adversaries may introduce computer accessories, computers, or networking hardware into a system or network that can be used as a vector to gain access. While public references of usage by APT groups are scarce, many penetration testers leverage hardware additions for initial access. Commercial and open source products are leveraged with capabilities such as passive network tapping, man-in-the middle encryption breaking, keystroke injection, kernel memory reading via DMA, adding new wireless access to an existing network, and others.

To show how this type of attack is used, you can take a look at my post on the Phantom Tap or ‘PhanTap’, which is used as a hardware implant to provide a secure VPN connection into the target network.

d3d ^ is a freelance security researcher (among other things) that ❤ exploit development, bug hunting, and writing offensive security tools.

Exploit Public-Facing Applications

In this post, I am going to go over a real world example of how public facing applications are attacked. This is a very...
d3d
1 min read

Drive-by Compromise

In this post, I am going to go over a real world example of how a drive-by attack works to exploit a target user’s...
d3d
1 min read

Leave a Reply

Your email address will not be published. Required fields are marked *