HACKING WIRELESS NETWORKS WITH BETTERCAP OFFENSIVE SECURITY Presented by Chantel Sims

Information Security Analyst | Ethical Hacker $~Whoami Hack The Box Chicago Ambassador Bachelor of Science in Psychology Americorps Alumni (Education) Taught in CPS (Chicago Public Schools) Evolve Security Academy & Evolve Penetration Testing Alumni Evolve Security Certified Penetration Tester Chantel Sims

This Demo is for Educational Purposes Only. Do NOT run attacks OUTSIDE of your own home network or within your work/company environment without EXPLICIT permission in writing Reference: Computer Abuse & Fraud Act

COVERED TODAY A BRIEF OUTLINE Assumptions What Is Bettercap Why Bettercap over Ettercap Demo: *Basic Usage *Monitor Mode *Deauth Attacks

Assumptions $~ You have basic networking knowledge $~ You have a good understanding of how wireless networks operate.

What is Bettercap? $ Written in GoLang & is therefore portable and extensible. $ Bluetooth Low Energy devices scanning, characteristics enumeration, reading and writing $ WiFi networks scanning, deauthentication attack, clientless PMKID association attack and automatic WPA/WPA2 client handshakes capture.

Bettercap vs Ettercap vs Aircrack-ng Suite Ettercap is written in C *Airmon-ng - Monitor Mode (RFMON mode, allows a computer with a wireless network interface controller to monitor all traffic received on a wireless channel.) *Aireplay-ng - Run deauth attack *Aircrack-ng - Crack any pre-shared key or handshake captured. Does not work across all OS's and therefore not portable Requires more dependencies and libraries to operate

Demo Time Basic Usage Identify networks & hosts events.ignore Monitor mode wifi.recon on wifi.show Deauth Attacks Set up sniffer: set net.sniff.output handshake.pcap net.sniff on wifi.recon.channel <#> wifi.show wifi.deauth wifi.show

A Few Things... 1. You may be the 'only' in the room for a while 2. Imposter syndrome is real 3. You belong Here @Signed_Chantel “Diligence is the mother of good luck.”