Skip to main content

Post an event

Sign in

Disclaimer: Due to the current uncertainty regarding coronavirus, many events are being cancelled. Please contact the event organiser directly via the contact details on the listing if you are unsure.

(ISC)2 Melbourne Chapter - 22nd Sep '20 Meeting (Information Security)

(ISC)2 Melbourne Chapter Meeting – 22nd Sep 2020 (Tue) “Unlimited WiFi: Bypass Captive Portals and Proxies with a Twist!”

(ISC)2 Melbourne Chapter Meeting – 22nd Sep 2020 (Tue)
“Unlimited WiFi: Bypass Captive Portals and Proxies with a Twist!”



About this Event




(ISC)2 Melbourne Chapter Meeting – 22nd Sep 2020 (Tue)

“Unlimited WiFi: Bypass Captive Portals and Proxies with a Twist!”

Overview 

Have you ever been stuck in the airport and run out of the one hour free WiFi? Have you ever been in a hotel that makes you pay for WiFi? Our talk, Unlimited WiFi, helps understand the common flaws within captive portals and proxies. On restricted networks, these methods can be used to exfiltrate information, where it may seem rather difficult, and download necessary exploits (please stop blocking exploit.db… makes pen testing a pain!).

Finally, we will talk about how we developed a mini-authentication framework over DNS, allowing us to turn on IoT devices when stuck in a plane and WiFi connectivity is questionable!

This talk brings in the concepts of misusing whitelisted software, writing scripts to bypass restrictions, writing your own authentication, and general software vulnerabilities. Our audience should gain a good understanding of the most common weaknesses within our target software and interesting ways to use the flaws they expose to our advantage!

Talk Outline:

1. Introductions + story of how we came about the idea

2. SQL Injections

3. MAC spoofing - Using MAC spoofing to get speed upgrades

4. IP Spoofing

5. Creds Stealing

6. SSH Tunnelling

7. DNS Tunnelling

8. DNS Tunnelling - Iodine Demo

9. Sub-domain Service Tunnelling

10. Outlook + Skype Tunnelling + Demo

11. Conclusion

Speaker Profile:

Sajeeb Lohani is a senior penetration tester at Privasec, who graduated from Monash University with a Bachelor of Software Engineering (Honours) in 2017. Sajeeb remains passionate about contributing to and improving cyber security research. Sajeeb currently holds 120+ CVEs and is the co-developer of Interlace, an open-source project.

Sajeeb gives back regularly to the Melbourne cyber security community by founding the Monash Cyber Security Club, presenting at local meetups, and mentoring at the Australian Women in Security Network (AWSN) Cadets workshops. Sajeeb also runs initiatives which attempt to responsibly disclose security issues within open source software projects, making the world of software ‘more secure’.

https://www.linkedin.com/in/sml555/Event Agenda:

5:00 – 5:05 pm: Welcome and Chapter Announcements

5:10 – 6:00 pm: Speaker (including Q&A)

RSVP: Please register via this Eventbrite site with your real full name and email address and you'll be sent the online event link. If you're an (ISC)2 Member, this will help us ‘bulk bill’ your Continuing Professional Education (CPE) credits.

Please RSVP by noon Friday 22nd Sep '20. 

FAQs

How can I join the (ISC)2 Melbourne chapter? May I attend even if I am not a member?

There are many benefits to joining the (ISC)2 Melbourne chapter, and it is free and easy to join: simply join our LinkedIn group: https://www.linkedin.com/groups/4415293. You are welcome to attend our meetings without joining, but why not join!

Is my registration/ticket transferrable, can I order multiple tickets and what if I need to cancel?

One ticket per individual, with no transferring of tickets, makes it much more likely that building security will let you into the event and that everyone’s continuing education credits will be recorded correctly. If you register but will not be able to make the meeting, please log into Eventbrite and cancel your booking. The space can then be freed up for another person, such as your delegate.

Is the (ISC)2 Melbourne chapter on Facebook?

Please LIKE us: https://www.facebook.com/ISC2MelbourneChapter

Is the (ISC)2 Melbourne chapter on Twitter?

Please LIKE us: https://twitter.com/isc2_melbchap

Any other questions about this meeting or the (ISC)2 Melbourne chapter?

Contact (ISC)2 Melbourne Chapter 




Category Business