Security Hacks

1528 Articles

Cloning An Infrared Disarming Remote Of A $8 Home Security System

September 15, 2013 by 4 Comments

5

[Sylvio] decided to buy one of the cheap alarm systems you can find on the internet to have a look at its insides. The kit he bought was composed of one main motion sensor and two remote controls to arm/disarm it.

Communication between the remotes and the sensor is done by using infrared, requiring a direct line of sight for a signal to be received. Modern alarm systems typically use RF remotes with a typical frequency of 434MHz or 868MHz.  In his write-up, [Sylvio] first tries to replicate the IR signal with one of his ‘learning remote controls’ without success and then proceed to reverse engineering the remote circuit shown in the above picture. Hackaday readers may figure out just by looking at it that it is a simple astable multivibrator (read ‘oscillator’). Its main frequency is 38.5kHz, which is typical for IR applications. Therefore, if one of your neighbours had this ‘security system’ one could just disarm it with any of the same remotes…

[Sylvio] then explains different ways to replicate the simple IR signal, first with an Arduino then with a frequency generator and finally using the USB Infrared Toy from Dangerous Prototypes. We agree with his conclusion: “you get what you pay for”.

Using Google Authenticator With An Arduino

September 14, 2013 by 5 Comments

Google Authenticator is an app that generates one time passwords (OTPs). These passwords are often used as a second factor of authentication, along with your normal password. OTPs work by having a shared secret and a synchronized clock on two devices. When you generate the password, a hash based on the secret and timestamp is created. This proves that you have access to the secret, and can only be used once.

To secure his Lego mini-figures, [Luca] built an authentication system using Google Authenticator and Arduino. A web app is used to generate a secret that can be configured into the Arduino using an array, and into Google Authenticator using a QR code. The Arduino is using a library that implements Time-based One Time Password authentication (TOTP).

There are some challenges, including keeping a good clock source on the Arduino, but this look like an interesting way to do authentication. After the break, watch a quick video overview of the project (for English captions, hit the CC button).

Continue reading “Using Google Authenticator With An Arduino”

Stripping Kindle DRM With Lego

September 9, 2013 by 75 Comments

DRM

Consider a book sitting on a shelf. You can lend it out to a friend, you don’t need a special device to read it, and if you are so inclined, you can photocopy it. This isn’t true with Kindle eBooks that place severe restrictions on what you can do with a book via DRM. Although it is possible to strip eBook DRM with a few programs on your computer, [Peter] came up with a fool-proof way that’s an amateur engineering marvel. He’s turning Kindle eBooks into plain text using Lego.

[Peter] is using a few bits of a Lego NTX system to press the, ‘next page’ button on his Kindle, then smash the space bar on his Mac to take a picture. These pictures are then sent to a cloud-based text recognition service. After a few hours of listening to plastic gears grinding, [Peter] has a copy of his eBook in plain text format sitting in his computer.

As impractical as it looks, using a robot, camera, and OCR is actually a really, really good way to turn eBooks plagued with DRM into a text file. Even if Amazon updates their DRM to make the current software cracking methods break, [Peter] will always have his Lego robot ready to scan a few hundred pages of text at a time.

Continue reading “Stripping Kindle DRM With Lego”

Hidden RFID Reader Locks Workstation Unless Keys Are Present

September 7, 2013 by 39 Comments

We don’t know how [Kristoffer Marshall] found himself with free time at work, but he used it to beef up his computer security. Above is the finished project. There is literally nothing to see here. He’s rigged up a hidden RFID reader which locks and unlocks his workstation.

The security of the system depends on xscreensaver, which has a password protected lock feature already built into it. When the tag is removed from the reader’s field it fires up the screensaver using a Perl script.

But waking up from the screensaver is a bit more tricky. The package doesn’t allow you to wake it from the command line — most likely for security. He found the xdotool to be of great use here. It is a command line tool which simulates keyboard and mouse entry. His script detects when the xscreensaver password prompt is on the screen and uses the xdotool to fill in [Kristoffer’s] password. Since the script knows what has focus it won’t give away your password by accident.

See the complete setup in the clip after the break.

Continue reading “Hidden RFID Reader Locks Workstation Unless Keys Are Present”

Spoofing WiFi AP Based Geolocation

August 27, 2013 by 39 Comments

[Pierre Dandumont] just finished up a little project that will give Google Maps’ location feature a run for its money. It’s a technique that spoofs WiFi networks in order to relocate the positional data reported via WiFi networks.

He starts with an explanation of the different ways modern devices acquire location data. GPS is the obvious, and mobile network triangulation is pretty well know. But using WiFi networks may be a new trick for you. We’re not 100% certain but we think Google is able to look up location data based on known IP addresses for WiFi access points (this would be a good comments discussion). To trick the system all you have to do is feed some captured AP data into the computer before Google Maps tried to lock onto a location. The video after the break shows Maps with the legit location displayed. After running a quick script whose output is shown above the map position is changed to the spoofed location.

Continue reading “Spoofing WiFi AP Based Geolocation”

Hacking Coin Collection

August 20, 2013 by 36 Comments

Coin Acceptor

Devices that collect coins for payment typically use standardized coin acceptors like the one shown here. These devices use a protocol called ccTalk to let the system know what coins were inserted. [Balda] has built tools for implementing the ccTalk protocol to let you play around with the devices. He also gave a talk at DEF CON (PDF) about the protocol.

[Balda] got started with ccTalk because he wanted to add a coin acceptor to a MAME cabinet, and had a coin acceptor. His latest project converts ccTalk to standard keyboard keystrokes using a Teensy. The MAME cabinet can then interpret these and add to the player’s credits.

There’s two interesting sides to this project. By providing tools to work with ccTalk, it’s much easier to take a used coin acceptor off eBay and integrate it into your own projects. On the other hand, these acceptors are used everywhere, and the tools could allow you to spoof coins, or even change settings on the acceptor.

Just Swipe Your Card And Enter The Pin… What Could Go Wrong?

August 13, 2013 by 48 Comments

We do hope this project makes you shiver.

“Financial risks” is an audiovisual installation that reacts when you swipe your credit card and prints an odd looking receipt if you type in your pin-code. Even though the website contains few technical details (read none) about the build, we chose to feature the project as we find his intent interesting:

‘Financial Risks’ installation is a project designed to present an ironical viewpoint on encoded wallets, as a data input interface invites to overcome fear of impossibility to control spread of confidential information for the sake of curiosity of interaction with an object of art.

The piece consists of 6 bank card readers, a hardware system of sound and video synthesis, a keyboard for pin code entering, a 2-channel sound system and a cash register printer configured to print images. Up to 6 cards simultaneously may be used for playing.

We do hope that nothing is stored in the platform’s memory… but is the installation monitored?