You can thank reader [Alexandre Novello]‘s laziness for generating this hack. Actually, as a self-proclaimed “software guy” he would have never approached this project if it wasn’t for the situation he was in: having to walk across the room to open the door for people, a door which has an electric opener right next to it. He’s got a thorough write-up on how he built the client and server portions of his software in Delphi. He also covers the hardware switch which is attached to the server via parallel port.
Continue reading “Client/server door opener”
David Hulton (h1kari) talked about the implications of cardbus bus-mastering. It goes pretty much hand-in-hand with David Maynor’s USB direct memory access work. The idea is using bus-mastering to take over other PCI devices, download passwords and keys from memory, unlock screensavers, and plant memory-based or firmware-based trojans. So, what kind of device could do all this? David works for Pico Computing which is developing cardbus based FPGAs. They’re pretty cool little devices and for dedicated tasks like brute force cracking they’re really efficient. Check out OpenCiphers for details on using FPGAs with modern cryptography. Unfortunately h1kari didn’t have a demo, but David Maynor was there to talk about his USB stuff. An interesting tidbit was what USB device he used for his exploration: a Motorola MPx200. It was released before the USB 2.0 spec was finalized so the phone was designed to have its USB firmware upgraded, handy for hacking.
Continue reading “Shmoocon 2006: Cardbus Bus-Mastering: 0wning the Laptop”