downloads hacks

104 Articles

Automated Protocol Analysis

January 13, 2009 by 4 Comments

wireshark

[I)ruid] from BreakingPoint Labs has been doing quite a bit of protocol reverse engineering as part of his work. He put together a post covering some of the tools that have been useful for this task. Text-based protocols have a lot of human readable characters that can help you identify fields. Binary protocols don’t have this luxury though. He recommends the Protocol Informatics Project for tackling these situations. It applies bioinformatics algorithms to network traffic. You give it a packet dump of the protocol and it compares them to find similarities the same way genetic sequences are compared. It can be confused by protocols that waste a lot of space, but it’s still a very clever approach to reversing.

[photo: slashcrisis]

Windows Drivers For PS3 Controllers

January 11, 2009 by 38 Comments

Recently, a Japanese coder on the DCEmu Forums released Windows drivers for DualShock 3 controllers. While the drivers only support using the controllers over USB and not bluetooth, they do include force feedback and Sixaxis support. Included with the drivers is a configuration tool, and though it appears to be in Japanese there is some explanation of how to use it included in the forum post. We have not tested these personally, but you can try out the drivers for yourself  by downloading them from the forum here.

[photo: William Hook]

Twitter IRC Server, Tircd

January 5, 2009 by 22 Comments

tircd

tircd is an ircd proxy for talking to the Twitter API. It should work with any standard IRC client. After running the Perl script, you authenticate to the IRC server using your Twitter username as your /nick. Join the room #twitter and the /topic will be set to your last update. Any message you type will update Twitter and the room’s topic. All of the people you are following show up in the room as users and post messages as they tweet. If you private message one of them, it will become a direct message on Twitter. Other commands work too: /whois to get a person’s bio, /invite to start following, and /kick to unfollow. The project is brand new and will be added new features in the future like Search API support. Follow @tircd for updates.

Laughing Man In Processing

December 31, 2008 by 50 Comments

laughing_man

The Laughing Man is the antagonist from the anime series Ghost in the Shell: Stand Alone Complex. During each of his public appearances in the series he manages to hack all video feeds/cyborg eyes in the vicinity to obscure his face with the logo above.

[Ben Kurtz] had been watching the series recently and realized he could put together a similar effect using Processing. The interesting bit, and what makes this more fun than a simple demo, is that he’s using the OpenCV library. OpenCV is a open source computer vision library. [Ben] uses it to handle the facial recognition in Processing and then apply the image.

It’s only 100 lines and we wonder what other fun tricks could be employed. Here’s a Hack a Day skull you can swap in for the logo.

[thanks dakami]

Surviving A Hacker Conference

December 25, 2008 by 14 Comments

concrowd

With another hacker conference looming in front of us, it’s time to start thinking about hardware security. Hacker conventions have the most hostile network you’ll ever encounter. [Security4all] points out that 25C3 already has an extensive page on securing your hardware. It starts from the ground up with physical security, BIOS passwords, and locking down bootloaders. There’s a section on securing your actual OS and session. Finally, they cover network usage. It mentions using SSH for dynamic forwarding, which we feel is a skill everyone should have. We’ve used it not just for security, but for bypassing brainless bandwidth restrictions too. There’s also the more trick transparent version. Every piece of data you bring with you, you risk losing, so they actually recommend just wiping your iPhone and other devices before attending. It’s important to remember that it’s not just your own data at risk, but everyone/thing you communicate with as well.

NYC CCTV Scouting

December 25, 2008 by 18 Comments

nypd

On a recent trip to New York City, [sherri] noticed the abundant “NYPD Security Camera” signage. She Ò on her little sousveillance tour and did some digging to learn more about the system. According to a recent NY Post article, the city intends to have 2,000 cameras installed by 2009. Each unit has at least two cameras, an onboard DVR, battery backup, a webserver, and wireless connection. The CrimeEye product line is manufactured by Total Recall—the people who brought you BABYWATCH. While the company site doesn’t list any specs, we found a price list that was provided to New York State. Each unit lists for $28-39K. They can have image sensors up to 2 megapixels, hold 30fps video for 5-15days, and transmit wirelessly on the 4.9GHz public safety band.

[sherri] wonders what systems are in place to guarantee the security of the camera network and to make sure the data is handled properly. We’ve seen bad implementations of cameras with webservers
 in the past. She suggests a third-party system to verify security, operation, and storage. Right now there’s no reason the government won’t use footage for invasive data mining. As a publicly funded system monitoring public areas, we see no reason why the video streams from these devices shouldn’t be widely available.

[Thanks Tendency]