April 3, 2017 | Posted in Red Teams by Chris Salerno, Dan Astor, Chris Myers
Presented at BSides New Orleans, April 1, 2017
A few years ago all you needed was a 4 port switch and Kali VM to reliably bypass most controls and have domain admin in a few hours. Defenses and networks have improved and so should your red team arsenal. Spoiler alert; you’re going to need a bigger backpack. This talk will provide a practical guide to bypassing NAC controls, taking over workstations from the parking lot, and breaking into locked PC’s. We’ll walk through 5 different hardware devices; how to build them, use them effectively, and how to protect against them.