Kali Linux: Hacking Networks Part 1

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
- In this video I'm gonna show you how to hack Cisco switches using Kali Linux. In a previous video, I showed you how to get Kali Linux downloaded and installed on a Windows 10 computer. So have a look at the video which I've linked here or below. If you haven't got Kali Linux installed and running, I basically show you how to download a prebuilt version of Kali Linux and import it into VMware Workstation Player, which is free software that allows you to run Kali Linux on your Windows 10 computer. (upbeat music) Now before we get started, please consider subscribing to my YouTube channel. Please like this video, if you enjoy it, and please click on the bell to get notifications when I post a new video. All right, without further ado, let me show you how to hack Cisco networks. In this video I'm gonna demonstrate the use of Yersinia, which is a framework for performing layer 2 attacks. It allows you to attack multiple network protocols, including Spanning Tree, CDP or Cisco Discovery Protocol, DTP or Dynamic Trunking Protocol, DHCP, HSRP, 802.1q, 802.1x, ISL and VLAN Trunking Protocol or VTP. So basically this application, allows you to hack multiple protocols, in Cisco networks. Doesn't just apply to Cisco networks, but some of these protocols such as CDP, DTP, and HSRP are Cisco proprietary protocols. So this application is really geared for hacking Cisco networks. But you could use it for hacking other protocols in, networks that have, other vendor devices in it. Cisco is the biggest networking vendor in the world. So, Cisco switches and Cisco routers will be found in many, many corporate environments around the world. So I'm gonna demonstrate how to hack Cisco devices using Yersinia running in Kali Linux. Now in this basic network, I've got a Cisco switch, this is a Catalyst 2960CG switch. The reason I'm using a small switch like this is it's fan less so it doesn't make a lot of noise. I've got a Windows 10 laptop, that I've connected physically to the ethernet switch on port one. I've got a MacBook connected on port two. These devices are connected via ethernet cables to the switch. I've also connected to the console of the switch using a USB connection. In this example I'm also controlling both of those devices from my local Mac. It just makes it easier to do the recordings. So I've got the connection to the MacBook and I'm controlling that, via VNC, and I'm also controlling the Windows computer via VNC. The Windows computer once again, is running Kali Linux within VMware Workstation Player. Okay, so I'm gonna open up a terminal, and I'm going to type y-e-r-s tab, and you'll notice nothing happens. That's because this application is no longer installed, by default in this latest release of Kali Linux. So I'm gonna type apt-get update to update references, on, this Kali Linux host. And then I'm gonna say, apt get install yersinia. So I'm basically installing this application, on Kali Linux. It used to be installed by default but in this release is no longer installed. The version of Kali Linux that I'm using is 2019.3. You simply need to wait now for the application to install. Okay so it's now installed, so I'll clear the screen, and notice now when I type y-e-r-s tab, the command auto completes, and I can press dash or hyphen h to get help about the application. So we told that we can get to the application version number by using uppercase v, h displays this help screen, G gives us a graphical user interface, I is interactive, upper case d is Daemon mode, lowercase d is Debug mode. We've also got some logging options. So what I'm gonna type is yersinia -G to get a graphical user interface. Now we told that this is an Alpha release, that's fine, for our example. Notice once again that multiple protocols are supported, CDP, DHCP, 802.1q, 802.1x, DTP, HSRP, ISL, MPLS, STP, VTP, and we've got a log here. Now in this video, I'm assuming that you have knowledge of these protocols. To be able to hack networks, you need to have an understanding of the protocols that network devices use. Now if you don't know what those protocols are, have a look at some of the videos that I've linked below, or have a look at my course, in my CCNA course, I teach a lot of these protocols. You don't have to take my course if you don't want to, have a look at other videos on YouTube or, other CCNA courses, but for this video I'm assuming that you have knowledge of these protocols. Now in this example, I'll start Putty. Because what I wanna do is connect to the console of the Cisco switch and show you how the switch has been configured. Before I do that, we need to know which console port to use. So I'm gonna go to device manager, and here I can see that USB Serial Device (COM3) is being used. So I'm gonna specify COM3 in Putty and click Open. And now I'm connected to this switch. This switch has not been configured with best practices and that's a problem. Because with hacking tools like Kali Linux, if you don't configure, a network device properly, hackers can get access to your network very, very easily. So if I typed sh run on this switch, it's got two DHCP pools configured. Port one on the switch is configured in VLAN1 and port two is configured in VLAN2. In other words this laptop is in a different VLAN to that laptop, but we're not going to let that stop us. Scrolling down, you can see that interface gigabit 0/1 is configured with defaults, very bad idea. You don't wanna use default configurations on a switch port on a switch. You should at least shut down, ports on a switch that are not in use, or put them in a separate VLAN. Or stop protocols like DTP being used. So as an example, show int g0/1 switchport. What you'll notice, is negotiation of trunking is on, current administrative mode is dynamic auto. We've got DTP enabled, on this port. That's something we don't wanna do. So this command show interface port number switch port shows us that the port is configured in VLAN1, but DTP is enabled on that port. So again, sh run int g0/1, that's the configuration of port one, here's the configuration of port two. I'll put the switches configuration below the video, if you wanna have a look at the switches configuration offline. But apart from that, this switch also doesn't have routing enabled. That means that there's no routing, from one VLAN to another on this switch. At the moment VLAN1 is down because I haven't plugged in my Kali Linux PC. So let me do that. And what we should notice is the port on the switch comes up and it does. So sh ip int brief. This VLAN is still down, but we can see that, interface gigabit 0/1 has come up. So after a while, that SVI or switched virtual interface should come up. And there you go, it's now come up. So VLAN1 and VLAN2 are configured on the switch. The switch is acting as a DHCP server and allocating IP addresses, to devices, in the relevant VLANs, sh vlan, shows us that, gigabit 0/1 is in VLAN1, gigabit 0/2 is in VLAN2. The MacBook has been allocated to this IP address. 10.1.2.1 by the DHCP server. We can see that on the switch by tapping sh ip dhcp bindings. So that IP address has been allocated to the MacBook. According to the switch this IP address has also been allocated and that's probably my Windows computer. Change the font size here to make it easier to see. So command prompt, ipconfig. This Windows computer, has been allocated this IP address. But the PCs won't be able to ping each other because IP routing is disabled on the switch. There's no routing from one VLAN to another in this topology. So on my MacBook as an example, if the MacBook tries to ping the Windows computer it can't do that, because IP routing is disabled. There's no routing between the VLANs, but that's not gonna stop us once again. Now currently the Kali Linux host, is configured to use NAT. And it's been using, my wireless connection to get access to the internet. This little network here doesn't have any internet access. So what I'm gonna do is I'm going to bridge, the, Kali Linux host, to the Realtek USB Gigabit Ethernet Family Controller. So I'm gonna bridge it to this ethernet connection, and click OK. So in Kali Linux, I'll open up another terminal window, ifconfig will show us the IP address, at the moment no IP address has been allocated. Do that command again, and notice 10.1.1.3 has been allocated. So on the switch, sh ip dhcp bindings, this IP address has been allocated to the Kali Linux host. So that means I've got three devices in this topology, physical Windows PC, MacBook, plus Kali Linux virtual computer. So let's use Kali now to hack the network. Okay so, it's already picked up that it's connected to a switch through CDP. So we already know that we connected to a Cisco switch. On the Cisco switch, sh cdp nei, it doesn't see any neighbors at the moment, but what we could do, is launch an attack, and send a CDP packet and click OK. In the log, we can see that an attack was launched and it's now finished. So back on the switch sh cdp nei, still don't see a neighbor. So let's flood the CDP table of that switch. So as you can see, a lot of CDP packets are being sent out, on the switch sh cdp nei, notice we suddenly have, a huge amount of, CDP neighbors, and you can see the platform here is Yersinia. So, we are flooding the CDP neighbor table on the switch. That isn't really a fantastic attack, but it just shows you, that by a simple attack, I can flood the CDP table of that switch. Notice how many packets are being sent out. After a short while you'll see this has increased dramatically. The CPU on that laptop is going crazy. The lights on that switch are going mad. I am essentially flooding, this switch, with a lot of neighbor relationships. So if I typed sh cdp traffic, you'll notice a lot of input packets are being received by the switch. A lot of attack packets. To stop this, go to Actions, List Attacks, and I'm gonna say stop all attacks. If you wanna shut the program down and stop the attack, click Exit, but you probably wanna go to Actions, List Attacks, and then you can shut down the attacks. Now because this network is small, I mean there's only one switch in this topology, I can't show you large scale attacks, but I'll continue showing you some basic attacks which you can then apply to larger topologies, I'll show you larger topologies in separate videos. Now very basic, attack that can be used is, attacking Spanning Tree. At the moment in this network sh spanning-tree shows me that the switch is the root of the topology. Gigabit 0/1 is forwarding on VLAN1. Switch is the root for VLAN1. For VLAN2, switch is also the root. So VLAN2 switch is the root. Port that's forwarding is gigabit 0/2. I only have two ports currently up in this topology. Port one is in VLAN1, we can see that with the show vlan brief command. So gigabit 0/1 is currently in VLAN1, gigabit 0/2 is configured in VLAN2. I only have two ports, plugged into the switch. And again, port one is in VLAN1, port two is in VLAN2, show spanning-tree root shows us that, the current switch is the root for VLAN1 and VLAN2, we can see the root cost is zero for both those VLANs. And again we can use the show spanning-tree command to see that the switch is the root for VLAN1 and VLAN2. But let's change that. So I'm gonna launch an attack, in this case it's a spanning tree attack. We going to claim root role, and click OK. So Yersinia has picked up that there's a switch in the topology, but we going to claim to be the root. So on the switch, show spanning-tree, notice for VLAN1, the switch is no longer the root, it has a cost of four to get to the root. We can see that gigabit 0/1 is a root port with a cost of four. Previously, the port was a designated port when, the switch was the root. So we've changed the role, to root, this is the port that the physical switch is gonna use to get to the root bridge which is currently Kali Linux. For VLAN2 we can see that the switch is root, notice gigabit 0/2 is a designated port. Now, I won't have time to go through all the protocols. There's a lot of things you can do just with Yersinia within Kali Linux. I'll show you other hacks in subsequent videos, but please if you enjoyed this video, subscribe to my YouTube channel, like the video and click on the bell to get notifications when I post a new video. (upbeat music)
Info
Channel: David Bombal
Views: 2,252,824
Rating: undefined out of 5
Keywords: kali linux, kali linux tutorial, kali linux install, kali linux hacking tutorials playlist, kali linux basics, kali linux tutorial for beginners, kali linux 2019, kali linux 2020, kali linux hacking tutorials, ethical hacking, ethical hacking tutorial, ethical hacking free course, ethical hacking course, how to become a hacker, ccna, ccna 200-301, linux tutorial, ceh, oscp, hacker, hacking, cisco training, ine, cbt nuggets, ccna study, kali, yersinia, whitehat, whitehat hacking
Id: K1bMSPje6pw
Channel Id: undefined
Length: 16min 54sec (1014 seconds)
Published: Mon Oct 28 2019
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.