DIY Wireless Keylogger Makes You Feel Like James Bond (In Your Own Little World)

March 9, 2011 by Mike Nathan 15 Comments

wireless_keylogger

Do you need to keep tabs on the kids while they browse the Internet? How about your husband/wife – do you suspect they are dabbling in extra-curriculars on the side? Hey, you’ve got your ~~insecurities~~ reasons, we won’t judge. We will however, show you what [Jerry] over at Keelog has been working on lately.

While the company sells hardware keylogger kits online, [Jerry] has relied on, and understands the importance of open source. Since we all benefit from things being open, he is giving away all of the details for one of his most recent projects, a wireless keylogger. The keylogger plugs in to a PC’s PS/2 port, and wirelessly sends data to a nearby USB dongle up to 20 yards away, all in real-time.

A detailed parts list is provided, as are schematics, PCB masks, firmware, and assembly instructions. However, if you prefer the easier route, you can always buy the completed product or a DIY kit.

This isn’t the first open source keylogger he has released, so be sure to check out his previous work if you prefer a wired keylogging solution.

Automatic Lock Cracker Makes Breaking And Entering A Breeze

March 9, 2011 by Mike Nathan 43 Comments

automatic_lockcracker

For most people, forgetting the combination on a lock means breaking out the bolt cutters and chopping off the lock. Some students at the [Olin College of Engineering] decided there was a far more elegant way to do the job, so they built an automated lock-cracking machine.

The machine consists of a clamp to hold the lock, a solenoid to pull the lock open, and a stepper motor to run through the combinations. Most of the processing is done on the attached computer, using software they created. The application will brute-force all of the possible combinations if you request it, but it also allows you to enter the first, second, or third numbers of the combination if you happen to remember them.

Once the machine is started, the motor begins spinning the lock and the solenoid yanks on the latch until the combination is discovered, which takes a maximum of about two hours to complete. The opening of the latch trips a limit switch and causes the mechanism to stop. A simple button press then returns the lock’s combination to the user.

Be sure to check out the video embedded below of the lock cracker in action.

[via Wired]

Continue reading “Automatic Lock Cracker Makes Breaking And Entering A Breeze” →

Laptop BIOS Password Recovery Using A Simple Dongle

March 8, 2011 by Mike Nathan 49 Comments

laptop_bios_reset

In his line of work, Instructables user [Harrymatic] sees a lot of Toshiba laptops come across his desk, some of which are protected with a BIOS password. Typically, in order to make it past the BIOS lockout and get access to the computer, he would have to open the laptop case and short the CMOS reset pins or pull the CMOS battery. The process is quite tedious, so he prefers to use a simpler method, a parallel loopback plug.

The plug itself is pretty easy to build. After soldering a handful of wires to the back of a standard male D-sub 25 connector in the arrangement shown in his tutorial, he was good to go. When a laptop is powered on with the plug inserted, the BIOS password is cleared, and the computer can be used as normal.

It should be said that he is only positive that this works with the specific Toshiba laptop models he lists in his writeup. It would be interesting to see this tried with other laptop brands to see if they respond in the same way.
Since no laptops are manufactured with parallel ports these days, do you have some tips or tricks for recovering laptop BIOS passwords? Be sure to share them with us in the comments.

ICE Uses Wide Set Of Tools To Hunt For Media Pirates

March 5, 2011 by Mike Szczys 51 Comments

If you’re rebroadcasting copyrighted video streams how will the authorities ever track you down? Well it looks like you don’t even need to be the content originator, and they’ll track you down because you didn’t really cover your tracks in the first place. [Brian McCarthy] found this out the hard way when his domain name was seized by Immigrations and Customs Enforcement earlier this year.

So how did they find him? They started by getting the records from the domain name registrar. He had used an alias instead of his real name so the next step in the investigation was to get a name from Comcast to go with the IP which had logged into the name registrar’s interface. They matched the Comcast account holder’s home address with the one given during domain registration, then matched the Gmail account registration infor from the registrar to the same person. The final piece of the puzzle was to stake out his house (no kidding) to confirm that [Brian] lived at the address uncovered by investigators.

ICE really went the whole nine yards. Especially if consider that the website they seized provided links to copyrighted media but didn’t actually host any of it. Nonetheless, [Brian] could find himself spending five years in the clink… ouch.

Remote Operated Security Gate Lets You Phone It In

March 2, 2011 by Mike Nathan 20 Comments

ring_detection_circuit

[Itay] has a friend who works in a rented office where the parking lot is secured by a remote-controlled gate. Unfortunately, while his friend shares an office with several people, they only received a single remote. To help his friends out, he built a small device that triggers the remote control whenever a phone call is received.

The remote modification was rather straightforward. He simply opened the device, adding a single wire to each button terminal. Rather than connect to the remote using wires, he decided to fit it with what looks like a scavenged DC power jack. The ring detector circuitry was constructed and stuffed in a small phone box, which is connected to the remote using a DC power plug. It’s a great solution to the problem, but let’s just hope no one gets a hold of the phone number they used for the trigger!

There are plenty of pictures on his site, as well as video of the ring detector being tested. Unfortunately [Itay] lost the original schematics for the circuit, so you will have to flesh that part out on your own if you wish to build a similar device.

Keep reading to see a few videos of the remote in testing and in use.

Continue reading “Remote Operated Security Gate Lets You Phone It In” →

Reverse Engineering Shopping Cart Security

February 28, 2011 by Mike Szczys 30 Comments

All this talk about 555 timers is causing projects to pop out of the woodwork like this one that reverse engineers a shopping cart security mechanism. The wheel seen above listens for a particular magnetic signal and when encountered it locks down the yellow cowl, preventing the wheel from touching the ground and making the cart very hard to move.

[Nolan Blender] acquired one of these wheels for testing purposes and he’s posted some details about the hardware inside. But the first thing he did was to put together some test equipment to help find out details about the signal that trips the mechanism. He connected a coil to an audio amplifier and walked around the market looking for strong signals. Once he found a few strong bursts with that equipment he grabbed an oscilloscope, hooked it to the coil, and made some measurements. He found an 8 kHz signal at a 50% duty cycle at 30 ms intervals (it would be hard to make a better case for why you need an oscilloscope).

With the specs in hand, [Nolan] grabbed two 555 timers, an audio amplifier, and a 200 turn antenna around a ferrite core to build his own locking mechanism. If you’re ever stopped short in the middle of the market, just look for the hacker at the end of the aisle holding the homemade electronics.

[Photo source]

[Thanks Colin]

Google Two-factor Authentication In A Wristwatch

February 27, 2011 by Mike Nathan 13 Comments

The Chronos watch from Texas Instruments is a handy little piece of hardware if placed in the right hands. If you are not familiar with the platform, it is marketed as a “wearable wireless development system that comes in a sports watch”. In plain English, it’s a wearable wireless MCU mated with a 96 segment LCD, that boasts an integrated pressure sensor and 3-axis accelerometer. It is capable of running custom firmware, which allows it to do just about anything you would like.

[Huan Trong] wanted to take advantage of Google’s new two-factor authentication, and decided his Chronos would make a great fob, since he would likely be wearing the watch most of the time anyhow. He put together some custom firmware that allows the watch to function as an authentication fob, providing the user with a valid Google passcode on command.

He does warn that the software is alpha code at best, stating that it doesn’t even allow the watch to keep time at the moment. We are definitely looking forward to seeing more code in the near future, keep up the great work!

Be sure to stick around to see a video of his watch in action.

Continue reading “Google Two-factor Authentication In A Wristwatch” →