Hack a Cisco Switch with a Raspberry Pi - CCNA Security - CCNP Security - Network+
Key Takeaways
This video demonstrates how to hack a Cisco Switch using a Raspberry Pi, covering topics relevant to Security+, CCNA Security, and CCNP Security certifications.
Full Transcript
hey guys welcome back to network chuck well welcome to my network closet this is sorry my kids are going crazy this is the best I can do in an apartment right now so excuse my mess and kind of a slob to be honest I just like to make things work I was never one of those like super clean cable guys you know so I posted earlier or actually last week about this guy here and if you don't already know who he is this is my good buddy Malcolm he is my Raspberry Pi now Malcolm he's kind of a bad guy he's a bad dude he's running Kali Linux and that's a flavor of Linux that has a bunch of tools for networking attacks so while I've been playing with this and it's super fun and I wanted to show you guys a few of the attacks I like and kind of walk through those so I got them powered up I can remotely accessing via SSH and also B and C via Auto logs in so that's good so now I'm gonna plug him up to the switch here I want to show you a really awesome attack it's called a VLAN hopping attack and you're basically hacking into a switch it's amazing so um I'm gonna plug him in and I'm gonna I'm gonna go somewhere else he's gonna walk away and and try to hack into my own network just give it a try alright I'll like you Malcolm in let's get this thing going looking Malcolm to the port 14 remember that alright let's do this let's do this okay so I am in a public area attempting to attack or hack into my own and network my own switch now yeah I'm connected to my own VPN connection so that's one thing first things first remember I plugged my Raspberry Pi into my switch on port 14 so let's go and just take a look at things so before I actually do the attack what is a VLAN hopping attack you may not know what it is well well let's start with what is a VLAN you mean I even know what a VLAN is so in networking a VLAN is stands for a virtual and local area network and what VLANs allow us to do is partition or separate off networks in a switch basically where we're creating a little virtual switches inside of a switch and these break up what's called broadcast domains let's say you're connected to a switch in a port that's on be land one you can access computers in VLAN two unless you go to a router that can then route you to be Atlanta two so those VLANs are kind of like an extra layer of security they separate the traffic on the switch you cannot get to a host from VLAN one to VLAN two unless you go to a router or some kind of layer 3 device now that layer 3 could the device could also be the switch itself but it still has to go through the routing process to get back to that VLAN so it's an extra layer of security now what a VLAN hopping attack will do is it will attempt to pack that security now there are a couple ways to actually implement a beeline hopping attack I'm going to demonstrate today with my good old buddy Malcolm how to do it with the most popular method and it's called switch spoofing now when you have a port on a switch it's going to be one of two kinds it'll either be an access port which is you know typically what you plug your your computer into your your your printers and everything else or it'll be a trunk port and the trunk ports are usually connected to other switches whereas an access port you'll have one VLAN configured that's it when you plug your computer into that one access port you only have access to one VLAN so if you if that access port is configured for VLAN 1 you can only communicate with devices and via one unless you go to a router so you only have layer 2 access to devices in the in VLAN 1 and then you have your trunks your trunks I always pick your tree trunks these are your multi VLAN ports and they usually connect the switches and they'll pass traffic for multiple VLANs that's what they're designed for and they'll do this with a technology called 802 dot1q which is standard for trunking and it will tag these frames with a VLAN tag so the switch will know what what VLAN to send the frame to so using malcolm our Raspberry Pi with Kali Linux we will try to turn this room harmless access port that only gives people access to one VLAN into a trunk port giving us access to all of the VLANs opening up the door for a number of amazing attacks so let's keep going on this so first let's verify the state of the access port we're connected to so this was interface 14 so let's do a show interface status we'll do show interface FA 1 0 14 status we see right now is connected VLAN 1 now what you would typically see right here that where a trunk is it would say trunk so like let's look at one of my drawings let's do show interface trunk and spoken amongst air show interface FA 1 0 24 status and yeah so right here under VLAN assess Trump we want our interface sport team that look like that so let's uh let's power up our Raspberry Pi let's wake up Malcolm wake up the Beast alright here he is we're gonna launch an application called Yersinia alright so you can see that we can do a ton of attacks but in particular we're gonna do a DTP attack the dynamic trunking protocol which is what switches will use to negotiate if the report is going to be a trunk or an access port now again it's normally used by switches right but we're going to impersonally it switch with our mr. Malcolm here and try to hack into it so we'll use that attack dzp and then we'll select our attack type now this is kind of cool it's really stinking easy this is all I'm doing I'm selecting one for enabled trunking and that was it so let's go to our switch and see if it actually worked so let's go show interface fa1 0 14 status oh that's you believe that we just changed our look back up our uh our status here so before not moments ago it was just in an access port VLAN 1 now it's a stinkin trunk port show interface trunk there he is right there you know what he has access to all VLANs that's crazy now what we can do is sit ourselves and our your seniya malcolm attack here to 802 dot1q mode and listen for all the broadcast on the VLANs [Music] now you see what I'm seeing here so not only did I convert this accessport it's harmless access port into a trunk I been and I'm now able to see what IP addresses they have and the VLANs now at this point I could just assign myself an IP address and the VLAN of my choosing and access that network no problem so if I were a malicious hacker trying to do this pretty easy right now if you're studying for your CCNA or CCNA security or CCMP security you might know wolf chuck default security practices is to do something this one thing that will prevent this what is that so that's a really cool attack we change an access port into a trunk port with a really simple ill and took us a few seconds well guys that's about it if you like this type of video like security stuff hacking into things let me know I'll make more of these I love security and if you want to try this yourself look in the links below I'm gonna list the Raspberry Pi I bought everything you might need to get this started so links below check that out and what's amazing is the first time I actually did this attack was not with the Raspberry Pi it was actually in gns3 you can run the entire attack in gns3 not even kidding I let me know if you want to see that too whoo anyways I'm tired all that attacking right well if you haven't already subscribe hit that like button and I'll catch you guys later
Original Description
Hack a Cisco Switch with a Raspberry Pi - CCNA Security - CCNP Security - Network+
Network attacks are scary....but FUN!! I walk through a hacking technique that you would NEED TO KNOW for Security+, CCNA Security, CCNP Security.
READY TO ATTACK? - Get a Raspberry Pi -
https://amzn.to/2H8R7mo
LEARN HOW TO ATTACK!! - Raspberry Pi Hacking Course: http://bit.ly/2JQu3Gx
ℹ Official Website: https://NetworkChuck.com
CHECKOUT CBT NUGGETS: http://bit.ly/2m6wM3E
🤝🤝🤝JOIN THE CCNA R/S FACEBOOK STUDY GROUP: http://bit.ly/2A3vah0
🤝🤝🤝JOIN THE CCNA/CCNP Collaboration FACEBOOK STUDY GROUP: http://bit.ly/2FEE9aH
💵💵💵CHEAP CCENT/CCNA VIDEO TRAINING (CHRIS BRYANT): http://bit.ly/2zTC87B 💵💵💵💵
---💡💡💡CCENT TRAINING RESOURCES💡💡💡---
📚📚📚Books:
CCENT/CCNA ICND1 100-105 Official Cert Guide - http://amzn.to/2zTB9UR
CCENT ICND1 100-105 Exam Cram (3rd Edition) - http://amzn.to/2zSubzB
📹📹📹 Videos:
CLN On-Demand E-Learning Courses – ICND1 v3.0 - http://bit.ly/2A3EHow
Cisco CCENT/ICND1 + Bonus: The Complete Course (Udemy) - http://bit.ly/2gQUej8
CCNA 2017 200-125 Video Boot Camp With Chris Bryant - http://bit.ly/2zTC87B
🔬🔬🔬Labs:
Cisco Learning Labs for ICND1 v3.0 60-hour 180-day labs - http://bit.ly/2z7UEvO
CISCO CCNA, CCNP LAB 300-101, 300-115, 300-135 v2.0 Routing Switching - http://amzn.to/2z1KGtI
CCENT Practice and Study Guide: Exercises, Activities and Scenarios to Prepare for the ICND1 100-101 Certification Exam (Lab Companion) - http://amzn.to/2zTEwLv
—💡💡💡CCNA TRAINING RESOURCES💡💡💡—
📚📚📚Books:
CCNA Routing and Switching 200-125 Official Cert Guide Library - http://amzn.to/2hr8vna
CCNA Routing and Switching ICND2 200-105 Official Cert Guide - http://amzn.to/2xEECGf
📹📹📹Videos:
CLN On-Demand E-Learning Courses – ICND2 v3.0 - http://bit.ly/2yij7ze
CCNA 2017 200-125 Video Boot Camp With Chris Bryant - http://bit.ly/2zTC87B
🔬🔬🔬Labs:
Cisco Learning Labs for ICND2 v3.0 70-hour 180-day labs - http://bit.ly/2hs7nzT
Cisco Certifica
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from NetworkChuck · NetworkChuck · 25 of 60
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
▶
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Network Chuck
NetworkChuck
Should I Use a Brain Dump on my CCNA/CCNP/MCSA Exam?
NetworkChuck
7 CCNA CCNP Study Tips for the New Year - 2017!!
NetworkChuck
CUCM Calling Search Spaces and Partitions: Explained with Star Wars
NetworkChuck
CCNA or COLLEGE? - Become a Network Engineer
NetworkChuck
How to Stop Procrastinating and Study for Your CCNA CCNP
NetworkChuck
Am I Smart Enough to Be a Network Engineer? - CCNA | CCNP Study
NetworkChuck
CCNA or Python? | Should I Become a Network Engineer or a Programmer?
NetworkChuck
CompTIA or Cisco? - Should I get the CompTIA A+/Network+ OR the Cisco CCNA/CCENT - Microsoft MCSA?
NetworkChuck
CBT Nuggets GIVEAWAY!! - Get Your CCNA, MCSA, VCP, Security+
NetworkChuck
3 Cisco CLI (Command-line) Hacks (CCNA) + CBT Nuggets WINNER ANNOUNCEMENT!!
NetworkChuck
Programmers Becoming Network Engineers? - Collab with SimpleProgrammer
NetworkChuck
Learning Python is HARD!! - CCNA | CCNP Network Engineer
NetworkChuck
You CAN Learn Python - 10 WINNERS!! - CCNA | CCNP Network Engineer
NetworkChuck
Is it still WORTH IT to become a Network Engineer? | CCNA CCNP
NetworkChuck
Should I Learn LINUX with the CCNA | CCNP? - Network Engineer
NetworkChuck
Am I Too OLD to Become a Network Engineer? Study for CCNA | CCNP?
NetworkChuck
How Much Money Do Network Engineers Make? - CCNA | CCNP
NetworkChuck
How Long Does It Take to Become a Network Engineer? - CCNA | CCNP
NetworkChuck
Network Engineer or Systems Engineer? CCNA or MCSA? VCA?
NetworkChuck
CCNA Exam: 2 Exams or 1? - ICND1 (CCENT) + ICND2 or CCNA Composite?
NetworkChuck
I am officially a CBT Nuggets Trainer!! - NetworkChuck
NetworkChuck
7 CCNA CCNP Study Tips for the New Year - 2018!! w/ Keith Barker CCIE
NetworkChuck
Is NetworkChuck Over!?!?!
NetworkChuck
Hack a Cisco Switch with a Raspberry Pi - CCNA Security - CCNP Security - Network+
NetworkChuck
STOP Buying IT Certification Books - CCNA | CCNP | A+ | Network+
NetworkChuck
I'm going to Cisco Live!!! - CiscoLIVE 2018 Orlando
NetworkChuck
How to become a DEVOPS Engineer feat. Shawn Powers | Linux+ | LPIC-1
NetworkChuck
Moving my HOME NETWORK to a DATA CENTER w/ DMVPN - CCNA | CCNP
NetworkChuck
The FUTURE of Information Security Engineers - Cisco Security Automation (DNA CENTER)
NetworkChuck
Network Engineers and AWS (Amazon Web Services) FEAT. Anthony Sequeira | CCNA | CCENT
NetworkChuck
Do You Need IT Certifications to Get Started in IT? ft. Jeremy Cioara
NetworkChuck
What's next for NetworkChuck? *UPDATE* | CCNA | CCNP | Network Automation
NetworkChuck
HOW to Start Coding (RIGHT NOW!) as a Network Engineer - ICND1 | CCNA CCNP & Intent-Based Networking
NetworkChuck
6 STEPS to IT CAREER SUCCESS!! - ft. Kevin Wallace | CCNA | CCNP | CCIE | Network+
NetworkChuck
What is SD-WAN? say GOODBYE to MPLS, DMVPN, iWAN... w/ SDN, Cisco and Viptela
NetworkChuck
What if you forgot EVERYTHING? - Re-Learning IT after MEMORY LOSS w/ Shawn Powers | Linux | CCNA
NetworkChuck
I (FINALLY!) Scheduled Cisco CCNP Certification Exam TSHOOT | 300-135
NetworkChuck
NetworkChuck 10 Days of Christmas 2018 - CBT Nuggets | David Bombal | Kevin Wallace (and more!!)
NetworkChuck
How To get a JOB with a CCNA (Network Engineer) | CCNA Routing and Switching
NetworkChuck
The ONE Skill You NEED in IT - Information Technology
NetworkChuck
Should I start Learning AWS?? - NetworkChuck AMA - Ask Me Anything
NetworkChuck
Using Arduino, Raspberry Pi and Python to Monitor Cisco Router - #DEVNET CCNA
NetworkChuck
Fighting IMPOSTER SYNDROME in Information Technology - Network Engineer | System Engineer | CCNA
NetworkChuck
Planning for 2019 - Information Technology Goals - CCNA | AWS | MCSA
NetworkChuck
CompTIA or Cisco? - Revisiting CCENT vs Network+ in 2019 | CCNA | MTA | MCSA
NetworkChuck
5 Reasons You Shouldn't Become a Network Engineer | CCNA | Information Technology
NetworkChuck
No Future for Network Engineers? - CCNA | CCNP
NetworkChuck
What is a VMware Engineer? | VMware Certified Professional - VCP | MCSA | CCNA
NetworkChuck
you didn't win...
NetworkChuck
Let's QoS My Home Network - LIVE NUGGET (Quality of Service) - CCNA - CCNP Collaboration
NetworkChuck
I PASSED THE TSHOOT EXAM!! - CCNP TSHOOT (I also failed)
NetworkChuck
David Bombal and NetworkChuck - This is IT! EP 1 | Azure, CiscoLIVE, Devnet
NetworkChuck
CCNA Lab in the Azure Cloud for FREE! - GNS3 Setup in Microsoft Azure
NetworkChuck
Get your CCNA in 2019
NetworkChuck
CCNA Cyber Ops vs CCNA Security
NetworkChuck
WI-FI 6, Why it's the BIGGEST update to Wi-Fi EVER! - 802.11ax
NetworkChuck
2 Steps to Getting Started in Networking (and IT!) | CCENT | CompTIA A+
NetworkChuck
HACK your IT Study Habits - CCENT - CCNA - A+ | Atomic Habits
NetworkChuck
Is MPLS DEAD?!? w/ Keith Barker and Jason Gooley | CCNA CCNP CCIE
NetworkChuck
More on: Network Security
View skill →Related AI Lessons
⚡
⚡
⚡
⚡
Nobody Is Coming to Save Your Privacy. Build the Tools Yourself
Dev.to · v. Splicer
The Billion Dollar Business of Making You Forget Passwords
Medium · Cybersecurity
Your ChatGPT History Is a Liability. I Fixed That With a $80 Chip and a Pi5.
Medium · Cybersecurity
Aikido buys Root to patch open source in place, without the upgrade dance
Dev.to · Leo
🎓
Tutor Explanation
DeepCamp AI