The CARzyPire - Another Red Team Operation
0 likes217 views
This document discusses a project called CARzyPire that involves using a Raspberry Pi Zero W, Crazyradio PA, and PowerShell Empire installed on a remote-controlled car to conduct penetration testing. It provides instructions on setting up the necessary hardware and software, including customizing a PowerShell Empire payload to bypass Windows Defender and creating a Duckyscript to deliver the payload. The payload would then be delivered to targets using the remote-controlled car and Crazyradio PA's ability to hijack wireless keyboards and mice. Control of any successful implants would be maintained using PowerShell Empire's web interface.
The CARzyPire - Another Red Team Operation
- 1. © 2019 Secure D Center Co.,Ltd The CARzyPire Another Red Team Operations
- 2. © 2019 Secure D Center Co.,Ltd DISCLAIMER All the information provided on this site are for educational purposes only. Any actions and or activities related to the material contained within this document is solely your responsibility. The misuse of the knowledge can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information from this document to break the law.
- 3. © 2019 Secure D Center Co.,Ltd Introduction Agenda The CARzyPire Project Preparation Customizing Payload Delivery and Exploitation Speaker Prathan Phongthiproek tanprathan pprathan prathan cwhunderground
- 4. © 2019 Secure D Center Co.,Ltd The CARzyPire Project Raspberry Pi Zero W + Crazyradio PA + PowerShell Empire in the Radio-controlled car !! External Zone Internal Zone
- 5. © 2019 Secure D Center Co.,Ltd Preparation
- 6. © 2019 Secure D Center Co.,Ltd Hardware Preparation https://re4son-kernel.com/re4son-pi-kernel Sticky Fingers Kali-Pi 0 – Armel edition Raspberry Pi Zero W
- 7. © 2019 Secure D Center Co.,Ltd Hardware Preparation https://github.com/BastilleResearch/mousejack Build the firmware Flash over USB Crazyradio PA https://github.com/insecurityofthings/jackit Install the JackIt https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Duckyscript Create Duckyscript
- 8. © 2019 Secure D Center Co.,Ltd Radio Frequency (RF) over USB Dongle Wireless devices (Mouse/Keyboard/Presenter remote) can be hijacked !! Source: https://www.mousejack.com/
- 9. © 2019 Secure D Center Co.,Ltd Command-and-Control Server Preparation https://github.com/EmpireProject/Empire Setup the Empire C2 Server PowerShell Empire https://github.com/interference-security/empire-web Set up the PowerShell Empire Web
- 10. © 2019 Secure D Center Co.,Ltd Customizing Payload
- 11. © 2019 Secure D Center Co.,Ltd Our Enemy Windows Defender !!
- 12. © 2019 Secure D Center Co.,Ltd Our Enemy Windows Defender !!
- 13. © 2019 Secure D Center Co.,Ltd The Empire Strikes Back - Bypassing Windows Defender (Tested in July 2019) Customizing PowerShell Empire Stager HTTP Stager Agent
- 14. © 2019 Secure D Center Co.,Ltd The Empire Strikes Back - Bypassing Windows Defender (Tested in July 2019) Customized Payload x Duckyscript Stager (Multi/Launcher) Creation Duckyscript
- 15. © 2019 Secure D Center Co.,Ltd Delivery and Exploitation
- 16. © 2019 Secure D Center Co.,Ltd Delivery through CARzyPire Jackit AutoPWN x Empire Web
- 17. © 2019 Secure D Center Co.,Ltd Exploitation PowerShell Empire on the Web
- 18. © 2019 Secure D Center Co.,Ltd Exploitation PowerShell Empire on the Web
- 19. © 2019 Secure D Center Co.,Ltd Thank You Contact us: info@secure-d.tech