The goal of this project was to demonstrate the exfiltration of data from an air-gapped network through the utilization of emission from Ethernet cables to encode and transmit the data to be exfiltrated. To achieve this, I used a Cat 6 Ethernet cable along with an SDR to read the transmitted signals. The method I used to generate emission from an Ethernet cable was toggling the Ethernet adapter’s speed, and while I did test how well raw UDP packet transmission generated emissions, I found that it generated a weaker signal than the network adapter speed toggling. This project successfully encoded the message “hello” into Morse code, used the adapter speed toggling to transmit the signal, and read and decoded the received signal back from Morse code to the original message “hello”.
Below is a successful demonstration of exfiltrating data from an air-gapped network by reading the emissions generated from toggling the speed of an Ethernet adapter.
Repository: https://github.com/0xfruitsnack/lantenna
A special thanks to Mordechai Guri of the Ben-Gurion University of the Negev, Israel for the inspiration behind this project.
M. Guri, “LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables Emission,” 2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC), Madrid, Spain, 2021, pp. 745-754, doi: 10.1109/COMPSAC51774.2021.00106.
Leave a Reply