I think security is fun because I like Irony and unexpected outcomes.
I’m excited about TCP/IP networking, because it makes communication possible that has never been possible in human history.
I also think I’m a bit weird- but I know that there are other weirdos out there like me. I want to make this career probable for other weirdos like myself. I create cybersecurity labs with the hope that it will help others like me find a successful, inspiring & meaningful career.
On Saturday, we launched our first Wi-Fi hacking cybersecurity lab and the results were pretty ok.
Our session saw the participation of eight eager learners—seven 12-year-old boys and one 14-year-old girl—guided by myself and Emily, a former colleague from Amazon who is super awesome. The lab revolved around using a Raspberry Pi to create a vulnerable Wi-Fi access point, allowing participants to practice hacking in a controlled environment.
Although we had planned to cover an extensive list of topics within the three-hour session, we found that we could only manage the following:
- What is Wi-Fi
- Finding Wi-Fi networks
- Wi-Fi network security via passwords
- Password complexity
- Bruteforcing Wi-Fi credentials
- Networking basics: IP, DNS, default gateways
- Scanning for daemons
Despite the challenges we faced, the experience provided valuable insights to improve future sessions:
- Time management: Limit sessions to a maximum of three hours to maintain focus and engagement, especially for younger participants.
- Simplify SSIDs: Avoid using emojis in SSIDs to minimize confusion and technical issues. Network name should be something easy to copy and paste. e.g. “HackThisNetwork”
- Enhance bruteforcing script: Improve the script to make it more user-friendly and informative about successful password attempts. The attempted password should be shown first- and the field with the IP address (which indicates successful attachment to the network) should be highlighted in advance of the cracking attempts.
- Optimize Nmap scans: Test and fine-tune scans to ensure compatibility across different operating systems. Make sure the scans report hostnames, IP addresses, Mac addresses & discovered services.
- Pre-session preparation: Communicate with parents about necessary software installations before the session to save time. Specifically: homebrew requires Xcode command line tools are installed, which are approximately a gig in size and a long wait for downloads.
- Windows instructions: Develop a comprehensive command line guide for Windows users, emphasizing the use of PowerShell over Command Prompt.
- Default gateway on PC: Get-NetIPConfiguration | Foreach IPvADefaultGateWay
- Kid-friendly password list: Create a dedicated file server Wi-Fi access point hosting an appropriate password list for participants.
- Clear instructions: Provide better guidance for saving password files locally after they’re attached to the setup Wifi network.
- Validate Nmap scans: Aim for an ideal output that includes IP address, MAC address, hostname, and any listening daemons of target systems.
Overall, I thought it was a positive first run. The kids expressed interest in a follow up lab. I want to make major corrections of this first run 1st- mainly make it cleaner and better for windows kids, but the nmap scans failing is also inexcusable. I think I can make this better in a couple of weeks. Next we can work on brute forcing SSH and providing some basic Linux Introductions.