Hands-On DEFCON 22 Badge

It took a measly 2-hours in line to score myself entry to DEFCON and this nifty badge. I spent the rest of the afternoon running into people, and I took in the RFIDler talk. But now I’m back in my room with a USB cord to see what might be done with this badge.

First the hardware; I need a magnifying glass but I’ll tell you what I can. Tere are huge images available after the break.

  • Parallax P8X32A-Q44
  • Crystal marked A050D4C
  • Looks like an EEPROM to the upper right of the processor? (412W8 K411)
  • Something interesting to the left. It’s a 4-pin package with a shiny black top that has a slightly smaller iridesent square to it. Light sensor?
  • Tiny dfn8 package next to that has numbers (3336 412)
  • Bottom left there is an FTDI chip (can’t read numbers)
  • The DEFCON letters are capacitive touch. They affect the four LEDs above the central letters.

I fired up minicom and played around with the settings. When I hit on 57600 8N1 I get “COME AND PLAY A GAME WITH ME”.

Not sure where I’m going from here. I don’t have a programmer with me so not sure how I can make a firmware dump. If you have suggestions please let me know in the comments!

Continue reading “Hands-On DEFCON 22 Badge”

Hit the Polls Before Friday

astronot Don’t forget to vote in the newest round of Astronaut or Not. In addition to deciding which projects should be recognized as “Too Cool for Kickstarter”, you will be eligible for the voter lottery.

What is this voter lottery we speak of? On Friday we’ll draw a random number and see if that hacker profile on Hackaday.io has voted at least once in this round, which started on Monday.

If they voted they’ll received a prize package packed with all kinds of prototyping hardware. This cycle offers several breakout boards, a bunch of programmers and debuggers, as well as a digital multimeter and a bench power supply (full list here). For the hackers who haven’t registered a vote? Nothing!

We’ll be drawing the number from a hotel room in Vegas since we’ll be there for DEFCON. If you’re also attending the conference track us down to show off your own hardware or just to grab some stickers.

DEFCON Shenanigans: Hack the Hackaday Hat

We don’t want to call it a challenge because we fear the regulars at DEFCON can turn our piece of hardware into a smoking pile of slag, but we are planning to bring a bit of fun along with us. I’ll be wearing this classy headgear and I invite you to hack your way into the WiFi enabled Hackaday Hat.

I’ll be wearing the hat-of-many-scrolling-colors around all weekend for DEFCON 22, August 7-10th in Las Vegas. You may also find [Brian Benchoff] sporting the accessory at times. Either way, come up and say hello. We want to see any hardware you have to show us, and we’ll shower you with a bit of swag.

Don’t let it end there. Whip out your favorite pen-testing distro and hack into the hat’s access point. From there the router will serve up more information on how to hack into one of the shell accounts. Own an account and you can leave your alias for the scoreboard as well as push your own custom message to the hat’s 32×7 RGB LED marquee.

You can learn a bit more about the hat’s hardware on this project page. But as usual I’ve built this with a tight deadline and am still trying to populate all the details of the project.

Hackaday at DEF CON 21

DEF CON 21 Badge

I’ve arrived at the Rio Casino in Las Vegas, Nevada for DEF CON 21. Over the next couple of days, I’ll be talking about what I get up to here.

The main event today is registration, which means getting a neat badge. This year’s badge was designed by [Ryan Clarke]. According to the DEF CON booklet, they are “non-electronic-electronic” badges this year, and DEF CON will be alternating between electronic badges every other year.

The playing card design is printed on a PCB, and uses the silkscreen, solder mask, and copper layers to provide three colors for the artwork. The badge is a crypto challenge, featuring some cryptic characters, numbers, and an XOR gate. I don’t have any ideas about it yet, but some people are already working hard on cracking the code.

Tomorrow, I’ll be heading to a few talks including one on hacking cars that we discussed earlier, and one on decapping chips. I’ll also be checking out some of the villages. The Tamper Evident Village is premiering this year, and they’ll be showing off a variety of tamper proofing tech. I’ll also try to get to the Beverage Cooling Contraption Contest, where competitors build devices to cool beverages (ie, beer) as quickly as possible.

If you have any DEF CON tips, let me know in the comments.

Hackaday is going to DEF CON!

EricEvenchick

This is Hackaday writer [Eric Evenchick]. He’s headed off to DEF CON, the annual hacking conference held every year at this time in Las Vegas. He’s hoping to see some cool stuff and make some networking connections that lead to a real job. If you’re not attending the conference here’s your chance to live vicariously. He’ll be writing on Thursday, Friday, and Saturday of next week (August 1-3) about all the stuff he encounters at the event.

If you are attending, keep your eyes open for him. We’re sorry that we didn’t manage to get any swag to him for handing out to loyal readers (not his fault, we’ve been a bit preoccupied). If you know of something he just shouldn’t miss email him: eric at hackaday.com. This includes invites to any awesome parties you’ve got planned.

Oh, and don’t be shy about making him pose with you for pictures…. just make sure to Tweet it to @hackaday if you do.

Defcon presenters preview hack that takes Prius out of driver’s control

hacking-control-of-a-prius

This one’s a treasure trove of CAN bus hacks that will scare the crap out of an unsuspecting driver — or worse. [Charlie Miller] and [Chris Valasek] are getting ready to present their findings, which were underwritten by DARPA, at this year’s Defcon. They gave a Forbes reporter a turn in the driver’s seat in order to show off.

You’ve got to see the video on this one. We haven’t had this much fun looking at potentially deadly car hacking since Waterloo Labs decided to go surfing on an Olds. The hacks shown off start as seemingly innocent data tweaks, like misrepresenting your fuel level or displaying 199 mph on the speedometer while the car is standing still. But things start to get interesting when they take that speed readout from 199 down to zero instantly, which has the effect of telling the car you’ve been in a crash (don’t worry, the airbags don’t fire). Other devilish tricks include yanking the steering wheel to one side by issuing a command telling the car to park itself when driving down the road. Worst of all is the ability to disable the brakes while the vehicle is in motion. Oh the pedal still moves, but the brake calipers don’t respond.

The purpose of the work is to highlight areas where auto manufacturers need to tighten up security. It certainly gives us an idea of what we’ll see in the next Bond film.

Continue reading “Defcon presenters preview hack that takes Prius out of driver’s control”

[Jason Scott] throws down a preview of his DEFCON documentary

defcon-the-documentary

Let’s face it, we all love DEFCON. Even if you’ve never been there before, we think it would be a huge struggle to find a reader who hadn’t been enchanted by at least one of the many hacks and talks that come out of the conference every year. We’ll prove it to you in a second, but first let’s get to the business at hand. Internet historian and all around good-guy [Jason Scott] has set his documentarian skills on DEFCON and just published a nearly twenty minute preview of the film which will leave you with more questions than answers (that’s the point of a teaser, right?). He’s not new to this kind of work. We loved his film BBS: The Documentary and can’t wait to see what he’s managed to do when this is released in the new year.

Oh yeah… we were going to prove a point. Some things that came out of the yearly hacker conference which you probably drooled over after the fact include:

This is just a sliver of what this event offers. Should be fun to see all the stuff [Jason] got into that we never even knew about.