CIRCO: Cisco Implant Raspberry Controlled Operations === :::info - **Date:** Oct.29th 17:50-18:20 - **Speaker:** Emilio_Couto - **Category:** Bluebox - 1F HALL > Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of “Sec/Net/Dev/Ops” enterprise tools to capture network credentials in a stealth mode. Using a low-profile hardware & electronics camouflaged as simple network outlet box to be sitting under/over a desk. CIRCO include different techniques for network data exfiltration to avoid detection from IDS/IPS or monitoring systems. This tool gathers information and use a combination of honeypots to trick Automation Systems to give us their network credentials! We will build a physical network & infrastructure lab to show how CIRCO works (live demo) Major features for release v1.5:<br><br>- Allow existing IP-Phone to co-exist with CIRCO<br>- Eliminate template files (craft all packets)<br>- Support NTP exfiltration<br>- Software encrypted via Bluetooth (prevent forensic)<br>- Self destroy and alarm switch<br>- Bypass active & passive fingerprinting (NAC)<br>- Credentials integration into Faraday ::: ###### tags: `CODEBLUE2019`,`CODEBLUE`