Rick Console

NAC to the Future - Bypassing Network Access Controls and Improving Red Team Implants

Network Access Control (NAC) systems are supposed to be the gatekeepers of enterprise networks, but they're not as bulletproof as organizations think. Red teams have successfully used tactics like MAC spoofing for years, and these techniques still work against many implementations. But when facing more advanced NAC solutions like 802.1x, you need to change your approach. This talk takes inspiration from real-world tools to demonstrate practical and modern NAC evasion techniques. We'll walk through the basics of NAC and its different flavors, classic bypass methods like spoofing and bridging, commercial devices versus custom builds, and how to level up these techniques for advanced operations like hidden drop boxes. Attendees will learn about NAC solution types including 802.1x, MAC-based, and agent-based controls, bypass techniques, and how to add NAC bypass technology to red team implants. The session will also cover how to enhance devices for persistence, remote access, and integration with drop boxes for covert deployment.