Lifehacker wrote a guide for cracking a WiFi network’s WEP password using BackTrack. BackTrack is a Linux live CD used for security testing and comes with the tools needed to break WEP. Not just any wireless card will work for this; you need one that supports packet injection. The crack works by collecting legitimate packets then replaying them several times in order to generate data. They point out that this method can be hit-or-miss, especially if there are few other users on the network, as the crack requires authenticated packets. We covered cracking WEP before, but using BackTrack should smooth out compatibility issues.
[Hunter, Kyle, and Dylan] sent us some information on their Barbie Web Rover. It’s an old barbie power wheels jeep that’s been converted to a web enabled remote control car. They ripped out the old drive train and tore out the steering system. The rear tires are now independently driven for steering. It’s using an Arduino to control the motors and an Acer Aspire loaded with linux for the higher functions. It’s cool that they mention the farthest test being over 1600 miles away, but when it’s web enabled, does distance really matter?
Reader, [Andres Leon], has two adorable cats with very specific dietary needs. Instead of altering his schedule, he donned his hacking hat and designed a very solid cat food dispenser. The dispenser consists of a rotating drum with a slot in it and a PVC pipe Y-fitting to distribute the food evenly. The brains of the machine is an Arduino Deumillanove and an XBee module. The unit can be controlled by a web interface or it can run completely standalone. [Andres] ran into a problem where the drum’s resistance to turning varied based on how much food was inside. He solved this with a clever laser position indicator. A piece of plywood is lined up with the slot at the top so that whenever the slot is facing up it keeps the laser from shining on a photoresistor. The cats were afraid of the servo noise at first, but now they run to their bowls whenever they hear it.
The term ‘warwalking’ isn’t used very often, but the Ekahau HeatMapper adds a new tool to the pod bound hacker’s arsenal. The tool maps out wireless access points as well as their signal strength within a facility. A test of the HeatMapper on a map made with AutoDesk Dragonfly accurately determined the location of a router within 3 feet and helped tune the angle it needed to be at for maximum range. Ekahau made a fantastically cheesy promotional video for their product, which is viewable after the jump. The program is free of charge, but unfortunately only runs on windows, so mac and *nix users are out of luck, though it might run under wine.
Remote-Exploit.org is releasing Keykeriki, a wireless keyboard sniffer. The project is both open source hardware and software. you can download the files on their site. Right now you can’t get a pre made board, but they plan on releasing one soon. The system can be upgraded with “backpacks” or add on modules. One of these is going to be an LCD that displays the keystrokes of the keyboard you are sniffing. Another is supposed to serve as an interface to your iPhone. Right now it has the ability to decode Microsoft wireless keyboards, but the Logitech pieces should be added soon.
Liquidware has put together an interesting kit called the WiNet. It has a battery powered touchscreen controlled by an Arduino. Using an XBee shield, it can send commands to a paired XBee and Arduino attached to a computer. The computer can also update the touchscreen display. This is demoed in the video below. It’s a unique interface, but the TouchShield alone costs $174 so we’re guessing you’re going to be pretty damn confident in your project before you go this route.
[Pete] has put together a fairly simple writeup on building a wireless USB tether for your DSLR. He’s basically using a pair of USB wireless adapters and a battery pack. In his original version, he did some slight modification to the dock that powers the USB dongle, adding his own battery pack too. He notes that this whole project can be done without the effort he put into it, at a little more expense. The only improvement we think would be nice would be a better way to package it to keep it out of the way while you shoot.
We reported last week that D-Link was adding captchas to their routers to prevent automated login by malware. Unsurprisingly, it doesn’t work all time. The team from SourceSec grabbed the new firmware and began poking at it. They found that certain pages don’t require the authentication to be passed for access. One of these is WPS activation. WPS lets you do push button WPA configuration. Once activated, any nearby client can request the WPA key using a tool like WPSpy. Only user level credentials are needed to pull this off, so changing just the admin password won’t prevent it.
[NRP] sent us a few of his projects. The most notable of the bunch was a school project funded by Disney. They were to make some kind of interactive entertainment for people waiting in line for rides. They decided on a wand style interface. Each wand has an accelerometer, an IR LED for tracking, an XBee unit, and a few buttons for interaction. They wrote some custom games and a multi person white board to test it all out. You can see those in action, along with a space themed pong game in the video after the break. Even though this was funded by Disney, you can still find all the source code and schematics, available for free.
D-Link is adding captcha support to its line of home routers. While default password lists have been abundant for many years, it was only recently that we started seeing the them implemented in malware. Last year, zlob variants started logging into routers and changing their DNS settings. It’s an interesting situation since the people who need the captcha feature are the ones who will never see it, since they won’t log in to change the default password.
[Matthew] sent us his group’s final project, where they built a nice GPS logging system. Not only can it simply log the GPS coordinates on a predetermined interval, it can also be triggered to make an entry by a wireless device. In this example, they use a camera. This allows them to then upload all the GPS information and pictures to places like Google Earth.
They are using an ATmega644, with an LCD, SD card, and GPS unit. They had to do a little hacking on their camera to add the wireless transmitter, which triggers the logger. You can see not only the cost break down and source code for the project, but also a map with lots of geotagged photos. This is the kind of thing we can almost see as a standard item in the future.
[dunk] sent his home made Radio Control system. It is constructed from a Playstation 2 controller, an Atmega 2561, microcontroller, some RF modules and various servos and motors. It seems to work pretty well. You can get all the schematics and source code on his site. Several people have submitted a similar project which involves an iPhone and a helicopter, but that one is a bit dubious, mainly due to it’s lack of detail.
Host of the Soldersmoke podcast, [Bill Meara], contributed this guest post.
WSPR is a new communications protocol written by radio amateur and Nobel Prize winner [Joe Taylor]. Like the very slow QRSS system described in a previous post, WSPR (Weak Signal Propagation Reporter) trades speed for bandwidth and allows for the reception of signals that are far below the level of radio noise. WSPR takes “low and slow” communications several important steps ahead, featuring strong error correction, high reliability, and (and this is really fun part) the automatic uploading (via the net) of reception reports — [Taylor]’s WSPR web page constantly gathers reports and produces near real-time Google maps of showing who is hearing who. The WSPR mode is very hack-able: [Bill Meara] is running a 20 milliwatt homebrew transmitter from Rome, Italy that features an audio amplifier from a defunct computer speaker pictured below. This contraption recently crossed the Atlantic and was picked up by the Princeton, New Jersey receiving station of WSPR’s esteemed creator, [Joe Taylor]. Read the rest of this entry »
GNUCITIZEN has posted information on linksys wireless IP camera hacking. It turns out that some models send the administrator user name and password to the computer when the setup wizard requests a connection. In theory, someone could send the request and harvest your passwords wirelessly. This seems like a pretty careless oversight. We would think that linksys will probably remedy this before too long.
