NAC to the Future Bypassing Network Access Controls and Improving Red Team Implants - Rick Console

Описание: Network Access Control (NAC) systems are supposed to be the gatekeepers of enterprise networks, but the reality is they're not as bulletproof as organizations think. Red teams have successfully used tactics like MAC spoofing for years, and these techniques still work great against many implementations. But when you're up against more advanced NAC solutions like 802.1x, you need to change your approach.

This talk takes inspiration from real-world tools to demonstrate practical and modern NAC evasion techniques. We'll walk through the basics of NAC and its different flavors, classic bypass methods, commercial devices versus custom builds, and how to level up these techniques for advanced operations like hidden drop boxes. Key takeaways for attendees include NAC solution types, bypass techniques, and how to add NAC bypass technology to red team implants.

Outline:
1. Talk overview
2. NAC basics: Quick rundown on common types like 802.1x, MAC-based, and agent-based controls.
3. Traditional bypass methods: Discuss spoofing, bridging, and other standard evasion tactics.
4. Buy or build: Compare commercial devices with custom setups
5. Extending capabilities: How to enhance devices for persistence, remote access, and integration with drop boxes for covert deployment.
6. Recap & closing