Apparently Verizon customers are expected to pay for a second data plan if they want to be allowed to use a cellphone as a mobile hotspot. This means one data plan for the phone, and a second for the tethering. [DroidBionicRoot] thinks this is a little silly since there is already a data cap on the phone’s plan. But he’s found a way around it if you don’t mind rooting the phone to enable free tethering.
Not surprisingly it’s a very simple alteration. The phone is already capable of tethering, to enable the feature without Verizon’s permission just edit one database value. In the video after the break, [DroidBionicRoot] starts the process with a rooted Droid Bionic handset. He purchases an app for $2.99 which allows him to edit SQL databases on the handset. From there he navigates to the ‘Settings Storage’ database and changes the ‘entitlement_check’ key value to 0. Reboot the phone and tethering is now unlocked.
Whenever someone manages to expose vulnerabilities in everyday devices, we love to root for them. [Adrian] over at Irongeek has been inspired to exploit barcodes as a means to attack a POS database. Based on an idea from a Pauldotcom episode, he set out to make a rapid attack device, using an LED to spoof the signals that would be received by scanning a barcode. By exposing the POS to a set of generic database attacks, including XSS, SQL Injection, and other errors easily solved by input sanitation, he has created the first version of an automated system penetration device. In this case the hardware is simple, but the concept is impressive.
With the hardware explained and the source code provided, as well as a basic un-sanitized input cheat sheet, the would-be barcode hackers have a great place to start if they feel compelled to provide a revision two.
With the weather getting colder, [Daniel] decided it would be a good idea to monitor how much energy his gas heating was using in real time. He used a Nokia 6680 cameraphone to monitor the heater’s flame through the sight glass. PyS60, a Symbian implementation of Python, checks the image sent by the camera and measures how much blue flame is visible. These values are stored in a SQL DB on the phone that can be polled over Bluetooth. At the end of the billing cycle, he’ll be able to correlate the amount of gas used with what the phone reported.
Scrawlr is the latest tool to come out of HP’s Web Security Research Group. It was built in response to the massive number of SQL injection attacks happening on the web this year. Most of these vulnerable sites are found through googling, so Scrawlr works the same way. Point it at your web server and it will crawl all of the pages and evaluate the URL parameters to see if they’re vulnerable to verbose injection. It reports the SQL server and table names if it comes across anything.
It only supports 1500 pages right now and can’t do authentication or blind injection. It’s still a free tool and a great way to identify if your site is vulnerable to automated tools finding you website via search engines.
One of the best tools we saw at LayerOne was the Exploit-Me series presented by [Dan Sinclair]. Security Compass created these tools to help developers easily identify cross site scripting (XSS) and SQL injection vulnerabilities.
