Automated Protocol Analysis

January 13, 2009 by 4 Comments

wireshark

[I)ruid] from BreakingPoint Labs has been doing quite a bit of protocol reverse engineering as part of his work. He put together a post covering some of the tools that have been useful for this task. Text-based protocols have a lot of human readable characters that can help you identify fields. Binary protocols don’t have this luxury though. He recommends the Protocol Informatics Project for tackling these situations. It applies bioinformatics algorithms to network traffic. You give it a packet dump of the protocol and it compares them to find similarities the same way genetic sequences are compared. It can be confused by protocols that waste a lot of space, but it’s still a very clever approach to reversing.

[photo: slashcrisis]

This Week In Security: Anthropic, Coinbase, And Oops Hunting

July 7, 2025 by 7 Comments

Anthropic has had an eventful couple weeks, and we have two separate write-ups to cover. The first is a vulnerability in the Antropic MCP Inspector, CVE-2025-49596. We’ve talked a bit about the Module Context Protocol (MCP), the framework that provides a structure for AI agents to discover and make use of software tools. MCP Inspector is an Open Source tool that proxies MCP connections, and provides debugging information for developers.

MCP Inspector is one of those tools that is intended to be run only on secure networks, and doesn’t implement any security or authentication controls. If you can make a network connection to the tool, you can control it. and MCP Inspector has the /sse endpoint, which allows running shell commands as a feature. This would all be fine, so long as everyone using the tool understands that it is not to be exposed to the open Internet. Except there’s another security quirk that intersects with this one. The 0.0.0.0 localhost bypass.

The “0.0.0.0 day exploit” is a bypass in essentially all the modern browsers, where localhost can be accessed on MacOS and Linux machines by making requests to 0.0.0.0. Browsers and security programs already block access to localhost itself, and 127.0.0.1, but this bypass means that websites can either request 0.0.0.0 directly, or rebind a domain name to 0.0.0.0, and then make requests.

Continue reading “This Week In Security: Anthropic, Coinbase, And Oops Hunting”

Back To The Future, 40 Years Old, Looks Like The Past

July 3, 2025 by 78 Comments

Great Scott! If my calculations are correct, when this baby hits 88 miles per hour, you’re gonna see some serious shit. — Doc Brown

On this day, forty years ago, July 3rd, 1985 the movie Back to the Future was released. While not as fundamental as Hackers or realistic as Sneakers, this movie worked its way into our pantheon. We thought it would be appropriate to commemorate this element of hacker culture on this day, its forty year anniversary.

If you just never got around to watching it, or if it has been a few decades since you did, then you might not recall that the movie is set in two periods. It opens in 1985 and then goes back to 1955. Most of the movie is set in 1955 with Marty trying to get back to 1985 — “back to the future”. The movie celebrates the advanced technology and fashions of 1985 and is all about how silly the technology and fashions of 1955 are as compared with the advancements of 1985. But now it’s the far future, the year 2025, and we thought we might take a look at some of the technology that was enchanting in 1985 but that turned out to be obsolete in “the future”, forty years on. Continue reading “Back To The Future, 40 Years Old, Looks Like The Past”

Phone Keyboard Reverse Engineered

June 30, 2025 by 3 Comments

Who knows what you’ll find in a second-hand shop? [Zeal] found some old keyboards made to fit early Alcatel phones from the year 2000 or so. They looked good but, of course, had no documentation. He’s made two videos about his adventure, and you can see them below.

The connector was a cellphone-style phone jack that must carry power and some sort of serial data. Inside, there wasn’t much other than a major chip and a membrane keyboard. There were a few small support chips and components, too.

Continue reading “Phone Keyboard Reverse Engineered”

Data Visualization And Aggregation: Time Series Databases, Grafana And More

June 30, 2025 by 12 Comments

If there’s one thing that characterizes the Information Age that we find ourselves in today, it is streams of data. However, without proper ways to aggregate and transform this data into information, it’ll either vanish into the ether or become binary blobs gathering virtual dust on a storage device somewhere. Dealing with these streams of data is thus essential, whether it’s in business (e.g. stock markets), IT (e.g. services status), weather forecasting, or simply keeping tracking of the climate and status of devices inside a domicile.

The first step of aggregating data seems simple, but rather than just writing it to a storage device until it runs out of space like a poorly managed system log, the goal here isn’t merely to record, but also to make it searchable. After all, for information transformation we need to be able to efficiently search and annotate this data, which requires keeping track of context and using data structures that lend themselves to this.

For such data aggregation and subsequent visualization of information on flashy dashboards that people like to flaunt, there are a few mainstream options, with among ‘smart home’ users options like InfluxDB and Grafana often popping up, but these are far from the only options, and depending on the environment there are much more relevant solutions.

Continue reading “Data Visualization And Aggregation: Time Series Databases, Grafana And More”

Animal Crossing keyboard banner

Making GameCube Keyboard Controller Work With Animal Crossing

June 26, 2025 by 2 Comments

[Hunter Irving] is a talented hacker with a wicked sense of humor, and he has written in to let us know about his latest project which is to make a GameCube keyboard controller work with Animal Crossing.

This project began simply enough but got very complicated in short order. Initially the goal was to get the GameCube keyboard controller integrated with the game Animal Crossing. The GameCube keyboard controller is a genuine part manufactured and sold by Nintendo but the game Animal Crossing isn’t compatible with this controller. Rather, Animal Crossing has an on-screen keyboard which players can use with a standard controller. [Hunter] found this frustrating to use so he created an adapter which would intercept the keyboard controller protocol and replace it with equivalent “keypresses” from an emulated standard controller.

Continue reading “Making GameCube Keyboard Controller Work With Animal Crossing”

Rust Drives A Linux USB Device

June 26, 2025 by 13 Comments

In theory, writing a Linux device driver shouldn’t be that hard, but it is harder than it looks. However, using libusb, you can easily deal with USB devices from user space, which, for many purposes, is fine.  [Crescentrose] didn’t know anything about writing user-space USB drivers until they wrote one and documented it for us. Oh, the code is in Rust, for which there aren’t as many examples.

The device in question was a USB hub with some extra lights and gadgets. So the real issue, it seems to us, wasn’t the code, but figuring out the protocol and the USB stack. The post covers that, too, explaining configurations, interfaces, and endpoints.

There are other ancillary topics, too, like setting up udev. This lets you load things when a USB device (or something else) plugs in.

Continue reading “Rust Drives A Linux USB Device”