Welcome to your deep dive.
Oh love that name.
By the way, today we're going to be looking at Collie net Hunter awesome, with the help of a book called Security Testing with Collie net Hunter okay by Daniel W. Dieter.
Loll so similar.
So I'd be wondering, like what even I penetration testing, right, good question, and like, how can my phone be like a hacking tool?
It's a little scary when you think about it.
Yeah, it is a little bit unnerving for sure. Yeah, well, let's bring an expert speaker to help us break this down.
Sounds good. Yeah, so penetration testing okay. It is kind of like a security audit, okay, but with a little more you know, excitement to it. Basically, ethical hackers use the same tools and techniques as you know, the bad guys to find those weaknesses and systems, but with permission. Of course, we got to keep it legal, of course, of course. Collie net Hunter essentially turns your smartphone into a portable hacking lab. Whoa, which makes it so versatile it's incredible.
Okay, I'm with you so far. But wouldn't like a regular computer, right be more powerful? For like all that kind of stuff.
That's a really good question.
Why use a phone?
That's what makes net hunters so unique. It's stealthy. Okay, you could just be walking around a building testing the Wi Fi. Right, you could plug into a computer with like a malicious USB. Oh wow, still do all the stuff you would do on a laptop, you know, traditional testing, but ye on your phone. Yeah. Plus everyone's always on their phones totally, so it's perfect. You blend right in. Yeah, nobody suspects the thing.
That's awesome. Okay, so it's like the ultimate undercover hacking tool.
You got it.
That's so cool. Okay, so let's unpack us this a little bit. Yeah, what exactly is Collie Netthunter.
Well, you can kind of think of it as like a mini super powerful hacking computer running right inside your endroid, phone or tablet. It's based on Kalie Linux gotcha, which is kind of the gold standard for cybersecurity pros. Yeah, but instead of being tied to your desk, net hunter lets you take all that power anywhere.
So I'm kind of picturing like a bunch of complicated hacking tools crammed into my phone.
You would think that, right, Yeah, it's actually got a very user friendly interface. Oh really, tons of penetration testing apps ready to go. Wow. Okay, but if you are a terminal person and you're comfortable with that, yeah, you also have direct access to all those classic Calie Linux tools as well.
Oh that's so cool. So there's something for everyone exactly, And I understand there are also like some special Android based tools too.
Yes, exactly. Net Hunter takes advantage of the Android environment to give you even more tools like ce sploit, which is great for network analysis, gotcha, and drive droid Okay. Drive droid can actually turn your phone into a bootable USB drive.
Wait, hold on, cool, right, my phone can become a bootable USB drive. What would I even use that for?
Well, that is where it gets super interesting. Imagine you need to access like a locked computer okay, yeah, maybe to recover data or troubleshoot something. With drive droid, you can boot that computer huh into a different operating system. Oh wow, directly from your phone. Okay, you could bypass security measures and get in.
That's that's seriously cool and maybe a little bit scary.
Yeah. Powerful stuff.
But before we get too far ahead of ourselves, let's talk about like actually getting net Hunter on my phone. Is it as simple as just like downloading an app?
You wish, right, I wish. No, it is. It's a little bit more involved than that, but it is totally doable if you follow the instructions.
Okay.
The key thing to remember your is you really should only install net Hunter on a dedicated device. You don't want to put this on your everyday phone, your personal phone, not.
The one with all my photos banking apps. Okay, So what's involved in.
So basically you'll need to root your device Okay, install some custom firmware. Okay, it sounds complicated, but the net hunter team has very detailed instructions on their GitHub page. Oh fantastic, follow those carefully and you'll be good.
All right. So this is definitely for someone who's comfortable sinkering with their device.
For sure.
But once it's set up, what can I actually do OK with this net Hunter terminal, that's.
A good question. That terminal is your gateway to the full power of Kelly Linux. Oh, that's where you run commands, you can install additional programs, really get your hands dirty.
So that's like where the concept of comes in.
You got it, That's exactly it.
Crew that sounds. It sounds scary a little intimidating, but it's not.
Basically, just a fancy way of saying. Net Hunter runs as a separate little operating system within Android.
Okay.
Think of it like you have a workshop in your house. Yeah, you can do your messy projects there. Yeah, and it doesn't affect the rest of your house.
Okay. So it's like like a virtual machine.
Yeah, you can think of it that way, but on my phone exactly, exactly. Okay, that's it's a contained environment where you can experiment and explore, gotcha, without messing up your phone's main operating system.
Awesome. Okay, so speaking of exploring, Yeah, net Hunter comes preloaded with some pretty fascinating.
Desktop apps it does.
Have you ever heard of Showdan Showdan.
Yeah, rings a beltings a bell? Yeah? Yeah.
Isn't that the one that's.
Like the Yeah.
Yeah, it's like the Internet for the Internet of things, the hackers Google.
The hacker's Google's yeah. Yeah. But instead of you know, indexing web pages, Showdan is indexing devices. Okay, anything connected to the Internet, like what we're talking, cameras, industrial control systems, servers, routers, you name it. Oh wow, if it's online Showdan probably knows about it.
So potentially I could. I could use showden to find like all the webcams in particular city.
You could. You could showdan can be incredibly powerful, Okay, but you got to use it responsibly ethically.
Right of course.
Understanding these tools, yeah, is the first step to actually defending against them.
Absolutely. Knowledge is power.
That's it. That's it.
Okay. So shden gives us this amazing big picture of the connected world. What if we want to zero in on a specific device on a network and really get into the nitty gritty.
That's where seesploit comes in. Okay, seesploit. It's all about network scanning and vulnerability analysis.
So imagine being able to see every device on a network exactly what ports are open, what services are running.
And even potential weaknesses.
Hold on exploit you could. You're making this sound like I could like hack into things with this app.
You could, Okay, but remember we're talking about ethical hacking here.
Of course.
Sea sploit is meant for testing and research, not for doing anything illegal.
Ethical exploration is the name of the game exactly.
Okay, So ceaseplol's like your magnifying glass. Okay, Yeah, you're looking at those individual devices. Okay, yeah, examining them.
Closely seesploit are magnifying glass. What else can we do with this powerful pocket size we.
Talked about show Dan that big picture, Yeah, sea sploit the close up. But there's another side to net Hunter. It's a little more hands on. Okay, let's talk about hide attacks.
Hide attacks. Okay, now you've really piqued my interest. Tell me more.
So. HID stands for Human Interface device, Okay, and it's how your computer recognizes things like your keyboard and your mouse. What's so cool about net hunter is it can actually emulate a keyboard. Whoa. It can send commands to a connected computer as if you were typing them.
So you're telling me I could plug my phone into a computer and it would start typing things on its own. Yeah, that sounds like something straight out of I know it's a sci fi movie.
It does sound like that, Okay, but it's not science fiction. It's net Hunter.
That's awesome.
It happens incredibly fast too. Wow, you can automate these entire attack sequences. Huh, with just a few taps on your phone.
So the book gives this kind of chilling example is creating a new admin user on a Windows system using these HID commands. So hold on, let me get this straight. Yeah, I could plug my phone into a computer and create a new user with admin privileges without anyone even touching the keyboard.
If the system is vulnerable and you have physical access, right.
Right, Yeah, it's like classic example why physical security is just as important as digital security. Yet it okay, but hid attacks, yes, can go even further. Oh yeah, Okay, there's a technique using PowerShell by.
PowerShell ye, which is like it's a scripting language built into Windows. Right, Okay, they can actually give you a remote shell.
A remote shell, So we're talking about like actually taking control of the computer.
From its distance. That's exactly what we're talking about. Oh wow, So the book describes this scenario, okay, where you've got a penetration tester, part of what's called a red team. They're physically present with their net hunter device. They plug it into a target system, execute the HID attack, force that Windows computer to connect back to their own Calai Linux machine, gotcha, creating that remote Okay, So they've essentially established so it's.
Like establishing like a secret back door into the system all through a harmless looking phone.
That's right.
This is some next level spy stuff.
I know. It's so cooling. And the crazy thing is once that connection is established, Yeah, you can disconnect the net hunder phone, and they still have control.
So they can just unplug and walk away and still.
Have access access files, install malware. Oh my gosh, use that computer to attack other systems on the network.
It's starting to feel like a scene from like a hacking movie. I know, surely there are safeguards. Of course, computers aren't just sitting ducks for this kind of attack.
Of course, you've got things like user account controls, okay, intrusion detection systems. But yeah, their effectiveness really depends on how they're configured, and sometimes there's just sometimes they're not as strong as they should be. The you've always got attackers looking for ways to get in.
So it's like this constant cat and mouse game between attackers and defenders.
It's an arms race, an ongoing arms race, okay, yeah, trying to stay ahead.
And that brings us to this.
Is where it gets really interesting. Another fascinating tool it builds on these HID attacks okay, called duck hunter hid.
Duck Hunter HID Okay.
It's like having the power of Hawk Five's rubber Ducky. Rubber Ducky.
That's an interesting name, right, what is that?
So the rubber Ducky, it's a USB device, looks just like a regular flash drive. Okay, but it's actually a cleverly disguised hid attack tool. So it's not like it's not a toy. A toy, but it's very interesting. It can automatically inject keystrokes into a computer using scripts written in a language called duck Toolkit, a toolkit, and with Duck Hunter, you can run those same scripts right from your phone.
So instead of carrying around.
The story with separate like rubber Ducky device, I can just use my phone.
You got it?
Okay, that's even stealthier.
It is that kind of very things can you do with The possibilities are pretty mind blowing.
You can do things like send simple text strings okay, maybe a prank message or like a fake Aero pop up. But you can get way more advanced, like there's actually a script that can create a reverse shell connection. Oh wow on a Mac computer.
Wait, so you're saying I could like potentially take control of a Mac.
You could just by plugging. If it's vulnerable, then the security settings up properly configured, and.
The books goes even better, goes even further. There's have you seen the show Mister Robot? Oh yeah, so this next example is inspired by mister Robot.
Okay, very cool. It shows you how to use duck Hunter to actually steal passwords from a Windows system using something using a tool called mimic cats mimicts.
Yeah, that doesn't sound good.
No, it's not good if you're on the receiving end of this attack. So mimic cats is a very powerful tool. It can actually extract passwords from the Windows computer's memory. Oh wow. The book shows how to use duck Hunter. Run a script, execute mimicats. Yeah, grab those passwords and send them to a remote server.
So it's basically like digitally pick pocketing a computer. That's both amazing and terrifying.
So it shows you how vulnerable we are even when we think we're secure. We're not done yet. Oh no, ned Hunter has one more trick up its sleeve, the bad USB attack.
Bad us B Yeah.
It does, doesn't It speaks for itself.
What's so bad?
So it all comes down to how Windows interacts with USB devices. There's this protocol called RNDIS stands for Remote Network Driver Interface Specification. It basically allows Windows yeah, to treat a USB device like a network adapter.
Okay, I'm so far, so good, I'm following so far. Yeah, all right, So the bad USB attack takes advantage of this protocol.
Okay.
It redirects all the network traffic from the Windows computer Okay through the net hunter phone.
Okay, so picture this.
You plug your phone into a computer and suddenly all that Internet traffic that would normally go through the router is now going through your phone.
So I become the man in the middle, able to see everything the computer is sending and receiving exactly. Talk about eavesdropping. Yeah, you are in a powerful position. Wow. You can use tools like URL snarf okayeep dump to capture and analyze all that activity.
See what to see it.
You can see what websites they're visiting, what files they're downloading. Maybe even snag some sensitive information, yeah, like passwords if you're not using secure connections. Oh wow, it's pretty scary stuff.
This is a lot to process.
It is. We've covered We've covered a lot, haven't we show? Then se sploy.
Sea sploy drive, droy h Ide Attacks.
Duck Hunter, duck huntert bad USB. It's right, my head is spinning.
That's a lot to take it.
And I'm guessing this is just the tip.
This is really just the tip of the ice when it comes to net it.
Comes to net Hunter's capabilities, there's a whole world of tools and techniques, yeah, that we haven't even touched on yet.
It's mind blowing to think that something is as commonplace as a phone can be used for such advanced penetration testing.
It is amazing what you can do with a smartphone these days.
This deep dive has been a real eye open I'm glad.
I'm glad you're enjoying it. So HID stands for Human interface device, Okay, and it's basically how your computer recognizes things like keyboards and mice.
Okay, yeah.
But the fascinating thing is net hunter can actually emulate a keyboard.
What Yeah, So it can like send command.
It sends commands to a connected computer as if you were typing them.
So you're telling me, I could plug my phone into a computer and it would start typing things.
It would, it would. That's the power of net Hunter. Oh wow, and it happens so fast. Really, you can automate entire attack sequences. Wow, just with a few taps on your phone.
So the book gives this chilling example.
It is a pretty chilling example of.
Creating a new admin user on a Windows system using these HID commands.
That's right, so imagine this.
Hold on, let me get this straight. Yeah, yeah, I could plug my phone into a computer and create a new user with full admin privileges without.
Anyone, without anyone touching the keyboard, even.
Touching the keyboard.
Wow.
If the system's vulnerable and you have physical.
Access, right right, you can do it. Okay.
It's a classic.
Example, it is. It really highlights it does why physical security is just as important for sure as digital You got it. Okay, but hide attacks? Yes, can go even further. Oh yeah, okay, there's a technique using PowerShell.
PowerShell, which is like it's.
A scripting language built into Windows. Yep. They can actually give you a remote shell, a.
Remote shell, So we're talking about actually taking control of the computer from a distance, from a distance.
That's right. Pretty powerful stuff.
That's incredible.
So the book actually describes a scenario where you've got a penetration tester, part of what's called a red team. They're physically present, okay with their net hunter device okay, plug it into the target system, execute the HID attack, force that Windows computer to connect back to their own Kylie Linux machine, creating that remote shell. Okay, so they've essentially established.
It's like establishing like a secret backdoor into the system. That's it, all through a harmless looking phone.
That's right.
This is some next level Spice stuff.
It really is. It's very cool.
That's amazing.
And the crazy thing is once that connection is established, you can disconnect the net hunter phone.
Wait, so they can unplug it and walk away, and walk away and still have access, still have.
Full access, oh my god, access files, install malware, use that computer to attack other systems on the network.
This is starting to feel like, yeah, scene.
From I know, it's very cinematic.
Like a hacking movie.
Right, Yeah, it's pretty wild.
Surely there are safeguards in place, right.
Of course, there are.
Computers aren't just sitting ducks for this kind of attack.
Of Course, you've got things like user account controls, intrusion detection systems, but their effectiveness really depends on how they're configured.
And sometimes they're just and.
Sometimes they're just not as strong as they should be, not as strong unfortunately as they should be.
Determined attackers, they're always looking for a way in, right, they'll find those cracks.
So it's a constant yeah, cat and mouse, it is.
It is between attackers and defenders.
A defender constantly trying to outsmart each other.
An ongoing arms race.
It is. It's an arms race for sure. And that brings us to another fascinating tool that builds on these HID attacks called duck Hunter HID.
Duck Hunter HID.
It's basically like bring in the power of Hawk Five's rubber Ducky.
Rubber Ducky. Yeah, that's an interesting name.
It is a catchy name.
What is that?
So the rubber Ducky Okay? The USB device looks just like a regular flash drive, but it's actually a cleverly disguised HID attack tool.
WHOA. So it's not like it's not.
A toy a toy, no, but it is very interesting. It can automatically inject keystrokes into a computer using scripts written in a language called duck Toolkit. Duck Toolkit okay, and with duck Hunter you can run those same scripts directly.
From your phone, So instead of carrying around this exactly separate, rubber ducky device, Yeah, I can just use my phone. Got Okay, that's even stealthier.
It is much more stealthy kind of things. So many things. The possibilities are really amazing. Yeah. You can send simple text strings, maybe a prank message or like a fake error pop up. You can also get a lot more advanced, like there's actually a script that can create a reverse shell connection on a Mac computer.
Wait, so you're saying I could potentially take control of it just by plugging in my phone and running a script.
If the Mac is vulnerable and the security settings aren't properly configured, you can absolutely do it. Okay, it's amazing, right.
And the book goes even further. Well, yeah, there's this U.
You're familiar with the TV series Mister Robot.
Mister Robot, you have seen it.
Okay, so this next example is actually inspired by mister Robot.
Okay, very cool.
It shows you how to use duck Hunter to actually steal passwords WHOA from a Windows systems using something called using a tool called mimicats.
Mimicat mimicits Okay, Yeah, that doesn't sound good.
It's not good if you're on the receiving end of this, that's for sure.
That is so.
Mimicats is a very powerful tool.
Okay.
It can extract passwords from a Windows computer's memory.
Whoa, right out of the memory.
That's right, while it's running.
Oh wow.
The book shows you how to use duck Hunter yeah, to run a script right, execute mimicats okay, grab those passwords, oh my god, and send them to a remote server.
So it's like digitally pickpocketing. That's it.
That's It's crazy, isn't it Both amazing and terrifying. It is.
It's a good reminder of how vulnerable we are, even when we think our systems are secure.
Yeah.
Absolutely, and we're not even done yet.
Oh no.
Net Hunter has one more trick up its sleeve. Okay, the bad USB attack bad USB. Yeah, okay, the name kind of.
It does for itself, speaks for itself. What's so bad? So it all comes down to how Windows interacts with USB devices.
Okay.
There's this protocol called r NDIS okay, stands for Remote Network Driver Interface Specification.
Okay.
Essentially, it allows Windows to treat a USB device like a network adapter. Okay, you're following so far.
I'm following.
Yeah, all right. So the bad USB attack takes advantage of this protocol. Okay, it redirects all the network traffic from a Windows computer through the net hunter phone. Okay, so picture this. You plug your phone into a computer. Yeah, and suddenly all that Internet traving that would normally go through the router is now flowing through your phone.
So I become like the man in them.
You become man in the middle. That's right.
We're able to see.
You've got everything the computer is sending and receiving. Talk about eavesdropping.
You are in a powerful position.
Wow.
You can use tools like you are all snarf and TCP dump to capture and analyze all that activity.
You can see what websites they're visiting, what files they're downloading. You can even snag sensitive information like passwords if they're not using secure connections. Oh wow, this is that scary stuff. A lot to process it is.
It is covered showed in.
We've covered so much. Splice drive, droid drive, droid h idea.
Tack each idea, tax.
Duck hunter, bad USB, bad USB. That's right.
My head is spinning.
It's a lot to take in, and.
I'm guessing this is just the tip.
It really is just the tip of the ice iceberg when it comes to net Hunter.
When it comes to net Hunter's capability.
There's so much more we haven't even touched on.
It's mind blowing to think that something as commonplace as a phone it can be used for such advanced It really is penetration testing.
It's incredible what you can do with a smartphone these days.
This deep dive has been a real eye opener.
I'm glad to hear that.
So we've seen how net Hunter can be used to simulate these real world attacks. Yeah, and expose you know, vulnerabilities, right, but what does it.
All mean for That's the big question, right, Yeah.
For like someone like me who's not like a cybersecurity expert, you know, but.
Really shows you that security is multifaceted. Okay, we tend to focus on you know, strong passwords, yeah, keeping our software updated, right, the basics. Yeah, but net Hunter shows us, Yeah, the physical security, understanding those hack factors. That's just as important.
Easy to forget that, Yeah, it is that someone could get access to our data just by having physical access to our devices. It's a good reminder to be it is careful about who we let touch our computers and phones.
Absolutely, and it's not just about protecting ourselves, right, think about businesses, organizations. Manhunter really shows us the importance of penetration testing. You got to find those weaknesses before the bad guys do.
Be proactive, exactly, be proactive. So it's a reminder that it is even in our increasingly like digital world, physical access, physical access is huge, can be a major security risk. It's a big way, and it makes you realize he does that seemingly harmless devices like our smartphones can be incredibly.
Powerful, powerful tools.
Ye in the wrong hand, that's right.
Yea, And we've really only scratched the surface of what's possible that Hunter. Yeah, this has given you a little taste of mobile pen testing. Yeah, but there's a whole universe out there.
Right waiting to be explored.
Exactly.
I am definitely feeling inspired to that's great, learn more. This has been an incredible journey.
I'm glad you enjoyed it.
Yeah, I feel like I've gained a whole new perspective good on cybersecurity.
Knowledge is power and understanding these tools the tactics used. Yeah, that's the first step to building stronger defenses.
So to wrap things up, what's like the one, what's the key takeaway? Key takeaway? You hope our listeners right, they realize walk away with today.
Security is an ongoing process. It's not a destination. There's always something new to learn, new threats to consider, ways to improve our defenses.
So stay curious, stay in form and curious, stay in form, head of the game. That's it, well said, Thank you and for our listeners. If this deep dive has sparked your interest in cyber security, don't stop.
Here, keep going.
There are so many resources available online, everything from my line beginner friendly guides to like books, courses, advanced training courses, aloring, keep learning.
Keep learning, and stay safe out there.
Stay safe,