1 / 103

FINFISHER: FinIntrusion Kit 2.2 Product Training

FINFISHER: FinIntrusion Kit 2.2 Product Training. Table of Content. Introduction Update & License Network Intrusion Wireless Intrusion Password Utility Activity Log. Portfolio Overview. FinUSB Suite FinIntrusion Kit FinFireWire. FinSpy FinSpy Mobile

plato-slater
Télécharger la présentation

FINFISHER: FinIntrusion Kit 2.2 Product Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FINFISHER: FinIntrusion Kit 2.2 Product Training

  2. Table of Content • Introduction • Update & License • Network Intrusion • Wireless Intrusion • Password Utility • Activity Log

  3. Portfolio Overview FinUSB Suite FinIntrusion Kit FinFireWire FinSpy FinSpy Mobile FinFly FinTraining FinAdvisory

  4. FinIntrusion Kit / Operational Usage • The FinIntrusion Kit is a portable IT Intrusion kit which can be used for various strategic and tactical attacks by red-teams inside or outside the Headquarters. • Typical Operations: • Wireless Networks: • Break Encryption and record all Traffic • Record Usernames and Passwords even for SSL-encrypted sites (e.g. Facebook, MySpace, Online Banking) • Access remote Systems: • Gain access to remote Infrastructures and Webservers • Get access to E-Mail Accounts

  5. FinIntrusion Kit / Core Features • Discover Wireless LANs (802.11) devices • Recover WEP (64 and 128 bit) Passphrase within 2-5 minutes • Break WPA1 and WPA2 Passphrase using Dictionary Attacks • Emulate Rogue Wireless Access-Point (802.11) • Actively monitor Local Area Network (Wired and Wireless) and extract Usernames and Passwords even for SSL/TLS-encrypted Sessions like GMail, Hotmail, Facebook, etc. • Crawl and extract Words from a webpage and generate a Wordlist.

  6. FinIntrusion Kit / Covert Tactical Unit • Notebook (Backtrack 5 pre-installed) • FinIntrusion Kit Software (pre-installed) • Wireless Intrusion Hardware

  7. FinIntrusion Kit – Main Screen Main Panel Menu Bar

  8. FinIntrusion Kit – Menu Bar • Change Update settings and check for Updates. • Install a new License or display License information. • Choose your Language. • Display FinIntrusion Kit version and EULA. • Visit the FinFisher Support Website.

  9. Table of Content • Introduction • Update & License • Network Intrusion • Wireless Intrusion • Password Utility • Activity Log

  10. FinIntrusion Kit – Menu Bar – Updates

  11. FinIntrusion Kit – Menu Bar – Updates • Change Update settings • Check for Updates now • Import an Updates Package by yourself • No online request will be done. • Update Package could be stored locally or on an external Harddisc.

  12. FinIntrusion Kit – Menu Bar – License

  13. FinIntrusion Kit – Menu Bar – License • No License is installed • Valid License is installed

  14. FinIntrusion Kit – Menu Bar – Language

  15. FinIntrusion Kit – Menu Bar – Language • Choose your Language. Status Messages, Menu Entries, Results are displayed in your selected Language. (Configuration Parameter stored in “FinFisherDate.cfg” file) • Accept changes. • Application must be restarted!

  16. FinIntrusion Kit – Menu Bar – About

  17. FinIntrusion Kit – Menu Bar – About • Display content of FinIntrusion Kit EULA (“End-User Licensing Agreement”)

  18. FinIntrusion Kit – Menu Bar – About

  19. FinIntrusion Kit – Menu Bar – Online Help • Load an after-sales website that gives the customers the following capabilities: • Download product information (latest User Manuals, Specifications, Training Slides) • Access change-log and roadmap for products • Report bugs and submit feature requests • Inspect frequently asked questions (FAQ)

  20. Table of Content • Introduction • Update & License • Network Intrusion • Wireless Intrusion • Password Utility • Activity Log

  21. FinIntrusion Kit – MAIN Panel

  22. Table of Content • Network Intrusion • Adapter Configuration • Refresh • Renew IP • Change MAC Address • Target List • Network Scan • Network Jammer • Network Password Sniffer • Network Password Sniffer • Password Sniffer Modes • PCAP Recorder

  23. FinIntrusion Kit – Network Intrusion Network Intrusion Features: Network Adapter Information & Configuration Search and Identify Target Systems Jam Target Sniffing Credentials

  24. Table of Content • Network Intrusion • Adapter Configuration • Refresh • Renew IP • Change MAC Address • Target List • Network Scan • Network Jammer • Network Password Sniffer • Network Password Sniffer • Password Sniffer Modes • PCAP Recorder

  25. FinIntrusion Kit – Network – Adapter Configuration • Network Adapter Configuration provides: • Network Information • IP – Address • Default Gateway IP Address • IP Address(es) of all defined Nameservers • (actual) MAC Address • Connection Speed • Adapter Status • Refresh Adapter List • Renew IP Address = Get an IP Address via DHCP • Possibility to Change / Spoof MAC Address from selected Network Adapter B D C A

  26. Table of Content • Network Intrusion • Adapter Configuration • Refresh • Renew IP • Change MAC Address • Target List • Network Scan • Network Jammer • Network Password Sniffer • Network Password Sniffer • Password Sniffer Modes • PCAP Recorder

  27. FinIntrusion Kit – Network – Target List After „Scan Network“ Button was pressed all identified Targets inside the Network will be listed.

  28. FinIntrusion Kit – Network – Target List Target List – Column Overview

  29. FinIntrusion Kit – Network – Target List – Submenu Select a column + press „right mouse button“  Pop up a „Menu“, which lists all possible options.

  30. FinIntrusion Kit – Network – Target List – Submenu - Delete „Delete Selected Target“  Remove selected entry from „Target List“ „Delete All...“  Remove any entries from „Target List“

  31. FinIntrusion Kit – Network – Target List – Submenu - Delete Before After

  32. FinIntrusion Kit – Network – Target List – Submenu - Export „Export List...“  Export a tab seperated Target List into an external Textfile. This File could be loaded e.g. with Excel. choose a Filename press „Export“ Button to generate the file

  33. FinIntrusion Kit – Network – Target List – Submenu - Export  Analyse exported file with Microsoft Excel

  34. FinIntrusion Kit – Network – Target List – Submenu - Jammer „Jam Target“  Start a Network Jammer against selected Target IP Address After Before (e.g. „ping“ / ICMP)

  35. FinIntrusion Kit – Network – Target List – Submenu - Jammer Details  Network Jammer initiates a „ARP Cache Poisoning“ Attack against Target PC and overwrite MAC Address from Default Gateway with an invalid value. Before (ARP Cache on Target PC) After (Start „ARP Cache Poisoning“

  36. Table of Content • Network Intrusion • Adapter Configuration • Refresh • Renew IP • Change MAC Address • Target List • Network Scan • Network Jammer • Network Password Sniffer • Network Password Sniffer • Password Sniffer Modes • PCAP Recorder

  37. FinIntrusion Kit – Network – Target List – Submenu - Monitor „Monitor Target“  Initiates a sniffer to capture Hostname / IP-Address / URL, Protocol and Credentials (Username & Password) Examples

  38. FinIntrusion Kit – Network – Target List – Submenu - Monitor „Monitor Modes & Protocols“

  39. FinIntrusion Kit – Network – Target List – Submenu - Monitor „Monitor Modes / Pro & Contra“

  40. FinIntrusion Kit – Network – Target List – Submenu - Monitor „PCAP Recorder Modes “

  41. FinIntrusion Kit – Network – Passwords „Export List“  Export a tab seperated Credential List into an external Textfile.

  42. FinIntrusion Kit – Network – Passwords – Submenu „Select Row  press Mouse Key  Submenu opens“ Open a FTP / HTTP(S) Urls into System Browser

  43. FinIntrusion Kit – Network Intrusion Exercise Hands-On

  44. FinIntrusion Kit – Network Intrusion • Start FinIntrusion Kit and Tests: • Try to find & identify all Systems in the LAN. • Export a list of all Target Systems to a file. • Start a Network Jammer against your Target PC. • Monitor your Target and try to capture: • FTP, HTTP, SMTP, POP3, IMAP Passwords • „HTTPS“ Passwords with „HTTPS Emulation“ • POP3s & IMAPs Passwords • Export captured Passwords into a file. • Open URL and verify captured HTTP(S) Password.

  45. Table of Content • Introduction • Update & License • Network Intrusion • Wireless Intrusion • Password Utility • Activity Log

  46. FinIntrusion Kit – MAIN Panel

  47. Table of Content • Wireless Intrusion • Adapter Configuration • Access Point • Wireless Network Scan • Identify Hidden SSID • Break WEP / WPA • Jam Access Point • Setup „Fake AP“ • Wireless Clients • Wireless Client Scan • Jam Wireless Client • Setup „Fake AP“ • Fake AP • Setup / Config a „Fake AP“

  48. FinIntrusion Kit – Wireless Intrusion Wireless Intrusion Features: Wireless Adapter Information & Configuration Search and Identify Wireless Networks & Clients Jam Wireless Networks & Clients Identify Hidden ESSID Break WEP & WPA Encryption Setup Fake Accesspoint & Redirect Wireless Clients

  49. Table of Content • Wireless Intrusion • Adapter Configuration • Access Point • Wireless Network Scan • Identify Hidden SSID • Break WEP / WPA • Jam Access Point • Setup „Fake AP“ • Wireless Clients • Wireless Client Scan • Jam Wireless Client • Setup „Fake AP“ • Fake AP • Setup / Config a „Fake AP“

  50. FinIntrusion Kit – Wireless – Adapter Configuration II. Wireless Adapter Configuration provides: I.

More Related