This series of posts is about keystroke injection tools disguised as generic USB memory sticks and in particular, the BadUSB Beetle, which cost under £10 and is based on an Arduino Leonardo chip.
They can be used to create easily repeatable demonstrations that illustrate why basic security precautions are so important. For example, they can be programmed to grab stored Wi-Fi credentials and send them to a Google email account within seconds of being plugged in. These demonstrations aim to be real-world examples (i.e. with AV and firewalls running on an up to date Windows 10 PC) and show how an attacker or pen tester might exploit a vulnerability or lapse in security.
This demonstration of cracking WPA or WPA2 passwords using Aircrack-ng is based on the many YouTube tutorials and blogs.
Its purpose is to quickly demonstrate to users how poor passwords are vulnerable. One of the great benefits of using Aircrack-ng in a demonstration is that the user-interface looks just like a scene from a movie.
It is important to note that a number of the steps can be completed before the demonstration starts.
It is generally accepted that a strong password is better than a weak password, where strength is a function of password length, complexity, and unpredictability. In theory a well educated user should be able to easily create secure passwords.
Through a series of workshops, games and discussions the local Beaver and Cub Scouts developed an acceptable behaviour policy. And when written up it was the definition of a policy – a course of action adopted or proposed by a group, organisation or individual.