PS2 To USB Keyboard Converter Also Logs Your Keystrokes

August 16, 2011 by Mike Szczys 15 Comments

[Shawn McCombs] is up to no good with his first Teensy project. The board you see above takes the input from a PS2 keyboard and converts it to a USB connection. Oh, and did we mention that it also keeps track of everything you type as well?

From the beginning the project was intended to be a keylogger. It’s a man-in-the-middle device that could be hidden inside the case of a keyboard, making it appear to be a stock USB keyboard. Data is stored to an SD card so an attacker would need to gain access to the hardware after the data he’s targeting has been typed.

It works mostly as [Shawn] expected. He is, however, having trouble handling the CTRL, ALT, Windows, and Caps Lock keys. If this were actually being used maliciously it would be a dead giveaway. Many secure Windows machine require a CRTL-ALT-DELETE keystroke to access the login screen.

Hacking QR Codes For Fun And Profit

August 9, 2011 by Brian Benchoff 45 Comments

QR codes are everywhere these days, from being printed onto receipts to chiseled into granite tombstones. [Will] came up with a way to modify existing QR codes, and his hack has the potential to cause quite a bit of harmless mischief.

[Will]’s hack involves a little photo editing, transparency film, and some white-out/Liquid Paper/Tippex. After the ‘target’ and ‘destination’ QR codes have been imported into Gimp, the differences are found and the result printed out on a transparency sheet. After that, hang the transparency over the original and the QR code now goes to the URL of your choice.

Continue reading “Hacking QR Codes For Fun And Profit” →

Home Automation Systems Easily Hacked Via The Power Grid

August 8, 2011 by Mike Nathan 40 Comments

x10_home_automation_hacked

As home automation becomes more and more popular, hackers and security experts alike are turning their attention to these systems, to see just how (in)secure they are.

This week at DefCon, a pair of researchers demonstrated just how vulnerable home automation systems can be. Carrying out their research independently, [Kennedy] and [Rob Simon] came to the same conclusion – that manufacturers of this immature technology have barely spent any time or resources properly securing their wares.

The researchers built tools that focus on the X10 line of home automation products, but they also looked at ZWave, another commonly used protocol for home automation communications. They found that ZWare-based devices encrypted their conversations, but that the initial key exchange was done in the open, allowing any interested 3rd party to intercept the keys and decrypt the communications.

While you might initially assume that attacks are limited to the power lines within a single house, [Kennedy] says that the signals leak well beyond the confines of your home, and that he was able to intercept communications from 15 distinct systems in his neighborhood without leaving his house.

WASP UAV Gets Some New Toys, Now Intercepts Your Phone Calls Too

August 1, 2011 by Mike Nathan 34 Comments

wasp_drone

If you had the pleasure of attending last year’s DEFCON conference, you are no doubt familiar with [Mike Tassey] and [Richard Perkins]. There, the pair showed off a work in progress DIY aerial drone named WASP. Short for Wireless Aerial Surveillance Platform, WASP was impressive when we brought it to your attention last year, but the duo has spent some time completing their project, adding a few extra features in the process.

The drone still packs the same pico-ITX computer which now runs Backtrack5, and utilizes a 340 million word dictionary for cracking WiFi networks (pardon the pun) on the fly. While updated pen testing tools are well and good, the most impressive update is that the drone can now act as a standalone GSM tower. This allows the pair to trick nearby phones into routing calls through WASP before being relayed to their carrier’s network.

Once WASP is launched, the plane flies autonomously along a preset route, sniffing, hacking, cracking and gathering data until [Tassey and Perkins] summon it back to Earth. The drone is as impressive as it is scary, and we can’t wait to hear what the pair has to say about it this time around.

Continue reading to watch a video demo of WASP taking to the skies and doing its thing.

[via PopSci]

[Thanks, DainBramage1991]

Continue reading “WASP UAV Gets Some New Toys, Now Intercepts Your Phone Calls Too” →

London’s 44Con Is Looking For A Few Good Hackers

July 27, 2011 by Mike Nathan 5 Comments

44con_banner

While we see plenty of security-related conferences here in the US, our friends across the pond were apparently anxious to hold a large-scale security conference of their own. At the helm of the first ever 44Con are DEF CON Goon [Adrian] and Penetration Tester [Steve Lord]. The pair are quite involved in London’s security community and are looking to bring like-minded individuals together over four days of security talks and workshops.

While 44Con’s list of speakers has been wrapped up, they are still looking for people to help run workshops on the 1st and 2nd of September. They are requesting that any hackers in the area drop them a line if interested.

Taking a look at their site, you can see that they have a nice selection of talks lined up catering to those on the business side of Information Security as well as deep technical discussions about threats and vulnerabilities. If you plan on hitting up the conference, be sure to let us know in the comments section.

Apple Laptop Batteries Vulnerable To Firmware Hack

July 23, 2011 by Mike Nathan 45 Comments

dead_and_busted_macbook_batteries

When you think about hacking laptops, it’s highly unlikely that you would ever consider the battery as a viable attack vector. Security researcher [Charlie Miller] however, has been hard at work showing just how big a vulnerability they can be.

As we have been discussing recently, the care and feeding of many batteries, big and small, is handled by some sort of microcontroller. [Charlie] found that a 2009 update issued by Apple to fix some lingering MacBook power issues used one of two passwords to write data to the battery controllers. From what he has seen, it seems these same passwords have been used on all batteries manufactured since that time as well. Using this data, he was subsequently able to gain access to the chips, allowing him to remotely brick the batteries, falsify data sent to the OS, and completely replace the stock firmware with that of his own.

He says that it would be possible for an attacker to inject malware into the battery itself, which would covertly re-infect the machine, despite all traditional removal attempts. Of course, replacing the battery would rectify the issue in these situations, but he says that it would likely be the last thing anyone would suspect as the source of infection. While using the battery to proliferate malware or cause irreversible damage to the computer would take quite a bit of work, [Charlie] claims that either scenario is completely plausible.

He plans on presenting his research at this year’s Black Hat security conference in August, but in the meantime he has created a utility that generates a completely random password for your Mac’s battery. He says that he has already contacted Apple to in order to help them construct a permanent fix for the issue, so an official patch may be available in the near future.

[Thanks, Sergio]

Building A Single-button Combination Lock

July 14, 2011 by Mike Nathan 15 Comments

single_button_arduino_combination_lock

[John Boxall] of Little Bird Electronics was thinking about combination locks, and how one might improve or at least change the way these locks work. Traditional combo locks can be implemented in a variety of ways, most of which we are all familiar with. Standard rotary padlock and keypad-based electronic safes work just fine, but he was interested to see how one might implement a single button combination lock.

[John] determined that the best, if not only way, to build this sort of lock would require him to measure button press intervals. In his case he decided to monitor the intervals between his button presses instead, but the concept is the same. He first tested himself to see how accurately he could press and release the button, leaving a one-second space between presses. After looking at the results he determined that he would need to incorporate at least a 10% margin for error into his code in order to compensate for human error.

He then created an Arduino sketch to test his idea, defining a set of key press intervals that could be used to ‘unlock’ his imaginary vault. It worked quite well, as you can see in the video demo below.

Now we’re not suggesting that you lock up your mint condition My Little Pony collection or your illegal arms stash with this type of lock, but it could be useful as an extra failsafe for certain projects/gadgets that you want to keep all to yourself.

Continue reading “Building A Single-button Combination Lock” →