IT Security is hard. You have to keep hacking away.

BringLaptopStudent

Bring your own Laptop

tl;dr

For the event, you will be using our “special” version of Kali on your own laptop.  You will receive a copy of our Kali VM on a USB drive when you arrive.  It will be in 7zip format.

For it to work on your laptop:

1.) You must bring a laptop with VMware Workstation Pro or Player (or Fusion) installed.  (NOTE: Jan/2019 – If you have MS Windows *build 1709* on your laptop, you need *at least* version 12.5 of Workstation Player.)

2.) Your laptop must have an RJ45 network jack.  <–  Important!

3.) You should arrive 30 minutes early to copy and unpack the Kalirat VM from USB.

4.) You must configure KaliRat VM on VMware Workstation to connect to you RJ45 network adapter.

Note:  Step 4 sometimes works first try, and always works eventually.  But for 1 student out of 10 it is a pain in the butt and causes lots of confusion right before the event. We strongly recommend you test your VMware Workstation configuration using any Kali or Linux VM before you come to the event.  Be *sure* your RJ45 connectivity to a VM is working!

Details

For student events you will be asked to bring your own laptop – Windows or Mac – which you will use to attack our simulated target network. To do that you need to install VMware Workstation software, which is free.   At the event we will give you a copy of our KaliRat Linux VM (on a USB stick) to give you all the hacker tools you need. (No worms or viruses or any danger to your own machine.)

All your attacks will be from the Kali VM running on VMware Workstation from your laptop towards the target company’s routers, servers and workstations.

1.) Where do I get VMware Workstation Pro or Player?

You can download the 32- or 64-bit version of VMware Workstation Player for free here:  https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_workstation_player/12_0|PLAYER-1259|product_downloads

VMware Workstation Pro is just as good, or better then VMware Workstation Player. If you have Pro, you’re all set. Or you can get a 30-day trial of VMware Workstation Pro for free. But VMware Workstation Player is good enough, and it has no expiry date.

Other virtualization software (like Virtualbox) might work. Or it might not. I don’t trust it personally, but if you can get a Kali-Linux VM going, and configure your network connectors properly without support, then you might be OK. Maybe.  Or you can download VMware Workstation Player for free from the link above.

Can I use my Mac instead?

Sure. Just install the free 30-day trial of VMware Fusion. Or buy a copy for $100. Download the free version from here: https://www.vmware.com/products/fusion/fusion-evaluation.html

Or buy at academic prices:  https://store.vmware.com/store?Action=html&Locale=en_US&SiteID=vmware&pbPage=AcademicLandingPage

We’ll provide the same Kali VM that we provide the Windows/VMware Player users.

2.) How do I set up an RJ45 network adapter?

Your laptop must join the network through a standard Ethernet RJ45 wired connector. Wireless is not reliable and secure enough in a concentrated hacking environment. Larger laptops all have one. But for Ultrabooks or Macs with no RJ45 port, a USB-to-Ethernet 10/100 connector costs under $15 on Amazon.ca. (Thunderbolt to Ethernet is $35 at apple.com/ca.) We might have a spare one available at the event, but don’t count on it.

3.) What is a Kali VM?

We’ll also have some copies on thumb drives at the event – but for that be sure to arrive a half-hour early because it can take 30 minutes to copy and unzip!

Kali is a special version of Linux which is managed by a company called Offensive Security. They take Debian Linux and add all sorts of hacker tools – including a very well known and elaborate tool called Metasploit. It is used by tens of thousands of IT pros around the world, and considered perfectly safe: it will not introduce worms, viruses or malware on its own. Nor will we be doing that in our sessions.

Can I bring my own Kali?

Sure. But it won’t work. 🙂 We’ve changed a few files in Kali so it’s tuned to meet the exact requirements for this event. Nothing very noticeable, but enough that off-the-shelf Kali won’t always work.

4.) How do I configure the RJ45 network adapter?

NOTE:  Usually, in VMware Workstation the network adapter tries to bind to *all* network interfaces, including ethernet wired, wireless, Bluetooth, etc.  If you do not change this, your adapter will not communicate with any network.

In VMware Workstation Player use menu: Player / Manage / Virtual Machine Settings.

a – Highlight the *second* network adapter, which must be Bridged. This is the default and rarely needs to be changed.

b – On the right side of the panel, click “Configure Adapters”. Make sure *only* your wired adapter is checked. This is not the default and almost always needs to be changed.

In VMware Workstation Pro use menu: Edit / Virtual Network Editor…

a – Notice in the pop-up window that there is no “Bridged” adapter type, just “Host Only” and “NAT”. This is a bug.

b – Choose “Change Settings” button, accept changes, and on next screen just exit right away.  This fixes the bug.  Your Bridged adapter will now be in the list with the other two.

c – Highlight the Bridged adapter, and a few lines down notice the “Bridged to:” drop-down-menu.  Choose your *wired* network adapter from the drop-down list (be sure!) then click “Apply” and “OK”.

To test, plug your laptop into a home router’s RJ45 port. Then run a Kali or Linux VM and log in. (Username: root / Password: toor). In a terminal window in Kali, ping your home router’s IP address by typing: ping 192.168.1.1 <– your home router’s IP address may be different!
If the ping responds (0% packet loss), then you’re good to go! If there is an error (Host Unreachable, for instance), then check the steps above carefully.

Open Events

Open Events are open to anyone who wants to improve their IT Security skills, meet others, and have fun!  We get great feedback from sys admins, network admins, web programmers, and IT-Sec consultants and practitioners - of all skill levels.

Corporate/Departmental

Corporate/Department Events are for groups who want to have a fun and challenging team-building event.  There's no better, faster, or more effective way to build IT Security skills, than to put the team into a competitive environment.  We can do this on- or off-site.  Great pricing if we combine your team event with others.

Student Events

Student Events started at Algonquin College in June 2012.  Since then, we've done similar events at McGill University for Electrical, Computer and Software engineering students, Carleton U "Learn to Win" program, and La Cité Collégiale.  If you are interested in having an event at your school then let us know.

Groups & Associations

Group and Association Events can be an exciting and engaging addition to your calendar.  A hands-on, fun-filled and challenging activity that your members will really look forward to.  They'll improve their IT Security skills, and earn CPE and other professional credits.