Hacker VPN
A DEF CON 33 Workshop by Eijah & Cave Twink
Abstract
The Internet is a dangerous place. Fortunately, hackers have created tools to make it safer. VPNs anonymize traffic but still expose IP addresses. Companies claim not to log, but how quickly will they hand over our data when they receive a warrant? Tor networks reroute traffic, but performance suffers as a result. Can we trust these distributed networks? Who owns the exit nodes? Finally, apps like Signal offer E2EE secure comms but in a proprietary and siloed way. Open source means very little if an app operates in a Walled Garden. Are there back doors? Is our data really safe?
In this workshop we'll create a Hacker VPN that combines the best of VPNs, Tor, and E2EE secure comms apps. We'll use modern-day PQC encryption to implement a secure protocol. We'll support packet sharding, random noise injection, multi-hop routing, and 100% anonymity between network endpoints. We'll do all this on Linux with standard C++, CMake & OpenSSL. At the end of this workshop you'll have all the tools you need to take the Hacker VPN to the next level. Why trust outdated software from shady companies when you can build your own modern day, kick-ass implementation?
Yes, the Internet is a dangerous place. But it's much safer when we take control.
Prerequisites
Please come prepared to maximize your workshop time. Your machine must meet the following requirements:
Host System Hardware
- A laptop with a multi-core 64-bit processor (4+ cores recommended).
- 8 GB of RAM (minimum).
- At least 20 GB of free disk space.
- A functional wireless network adapter.
Host System Software
- VirtualBox (latest version) installed and running. Administrator rights are required to install and run VirtualBox.
Setup Instructions
Step 1: Download Required Files
All workshop downloads will be available starting **Monday, August 4th**. To save time, you must download the Virtual Machine (VM) before arriving. The workshop files and presentation slides are optional downloads for your reference, as the necessary files are already inside the VM.
Download VM (Required) - Live Aug 4th Download Workshop Files (Optional) - Live Aug 4th Download Presentation (Optional) - Live Aug 4thStep 2: Prepare the Virtual Machine
- Extract the
vm.ziparchive. This will produce a file namedhacker_vpn.ova. - The OVA is a pre-configured Debian VM with an XFCE desktop environment and all necessary development tools (
build-essential,gdb,cmake,ninja-build,VS Code, etc.).
Step 3: Import the VM into VirtualBox
- Open VirtualBox.
- Go to
File > Import Appliance...in the menu. - Select the
hacker_vpn.ovafile you extracted. - Follow the on-screen instructions to import the appliance. You can leave the default settings.
- Verify that your wireless adapter is selected and you are using bridged.
- Start the VM to ensure it boots correctly.
Step 4: Final Prep
- The most important step is to have the Virtual Machine downloaded and imported into VirtualBox before arriving at the workshop.
- All necessary workshop files are pre-loaded into the VM for your convenience. The other downloads are optional.
- The VM username/password and the workshop wireless network details will be provided at the beginning of our session.