Exploit Bait And Switch

November 7, 2010 by James Munns 31 Comments

When a new virus or other piece of malware is identified, security researchers attempt to get a hold of the infection toolkit used by malicious users, and then apply this infection into a specially controlled environment in order to study how the virus spreads and communicates. Normally, these toolkits also include some sort of management console commonly used to evaluate successfulness of infection and other factors of the malware application. In the case of the EFTPS Malware campaign however, the admin console had a special trick.

This console was actually a fake, accepting a number of generic passwords and user accounts, and provide fake statistics to whoever looked in to it. All the while, the console would “call home” with as much data about the researcher as possible. By tricking the researchers in this way, the crooks would be able to stay one step ahead of anti-virus tools that would limit the effectiveness of any exploit. Thankfully though, the researchers managed to come out on top this time.

[via boingboing]

Software Security Courtesy Of Child Labor

October 28, 2010 by Mike Szczys 34 Comments

We couldn’t help but poke a little fun in the headline. This is [Alex Miller], a twelve year old who claimed a $3000 bounty from Mozilla. See, [Alex] is a self-taught security guru. When Mozilla upped the reward for discovering and reporting critical security flaws in their software he went to work searching for one. He estimates that he spent an hour and a half a day for ten days to find the hole. Fifteen hours of work for $3000? That’s pretty good!

Is it good or bad to pay for these kind of submissions? The real question: Is the bounty high enough to get blackhats to report vulnerabilities, rather than selling software that exploits them? Let us know what you think in the comments.

[via Zero Day]

Firesheep: Promoting Privacy In A Scary Way

October 25, 2010 by James Munns 50 Comments

Often, software hackers are the activists that push software giants towards updating vulnerable applications. In todays example, [Eric Butler] is pushing Facebook, Twitter, Flickr, and more all at the same time. By creating a user script-kiddie friendly extension for Firefox, he has allowed just about anyone to sniff unsecured connections on public Wi-Fi access points and log into these unprotected accounts.

Right now the extension is available for Windows and Mac, with a Linux port coming soon. Temporarily, the best way for a user to avoid getting taken advantage of would be to not use these social networking sites on a public connection, or to implement a secure proxy for these connections that would keep your data safe. Hopefully these websites will have a quick rebuttal that allows for security without workarounds. With all of the bad press they are recieving, they certainly have incentive to.

Are there any software or security buffs out there? We would love to see someone port this to an iPhone or Android app that could check and log open Wi-Fi points. We’ll leave the foot work to the experts out there, but do be sure to give us a heads up if anyone manages to make it happen, okay?

Embedded RFID For Online Passwords

October 11, 2010 by Mike Szczys 33 Comments

[Jair2K4] is using his unique RFID tag address as an online password. We’d bet that if you went far enough to get an implant in your hand you’d continually search for a reason to use it. Wanting to do more than just start his car with a wave of the hand, he built an interface module out of an Arduino and a Parallax RFID reader. Using a program called AAC Keys on Windows 7 he emulates a keyboard using the input from the Arduino. When it comes time to login he types his username and parks the cursor in the password box. By holding the RFID implant next the reader, the ID is dumped as the password, along with a newline (might be a carriage return, we’re not certain) character which submits the login. Take a look for yourself after the break.

On the one hand, nobody will be able to steal his tag as easily as they could steal one that is on a key ring. But we know RFID is rather notorious for a false sense of security. As long as you’re not using it for state secrets we think it’s a nice solution.

Update: After reading the comments on this feature, [Jair2K4] made some changes to his code. It now reads the tag and verifies it with stored data, then spits out whatever password you wish (making it easy to change passwords from time-to-time). He also added servo control to the sketch.

Continue reading “Embedded RFID For Online Passwords” →

BIOS Password Cracking

October 7, 2010 by Mike Szczys 45 Comments

[Dogbert] took a look at the security that goes into BIOS passwords on many laptops. He starts off with a little background about how the systems work. People are bound to forget their passwords, so when you enter a wrong one three times in a row you get a message similar to the one above that locks you out until all power is removed from the system (then you get three more tries). But check out that five-digit number in the picture. That’s a checksum of the password. Some BIOS versions display it automatically, some require you to hold down a certain key during POST, but it’s the pivotal data needed to crack the password.

[Dogbert’s] post doesn’t go into verbose detail about the algorithms he uses to brute force the passwords. But he has posted the Python scripts he uses to do so. Learning how to generate the passwords based on the checksum is as simple as studying the code, which is often the best way to learn.

Arduino, RFID, And You

October 7, 2010 by Jakob Griffith 13 Comments

[Matt] has mixed up a batch of two RFID reading door lock systems. While the “door lock” part of the setup has yet to come into existence, the “RFID reading” section is up and running. By using the Parallax RFID readers (for cheap, remember?) and an Arduino, [Matt] is able to parse an RFID tag, look its number up in a database, and then have a computer announce “Access Denied” in a creamy “Douglas Adam’s sliding door of Hitchiker’s Guide” kind of way with Python.

Good books aside, catch a not as exciting as you’re thinking video after the jump.

Continue reading “Arduino, RFID, And You” →

Cheap(er) Biometric Gun Safe

October 5, 2010 by Jakob Griffith 30 Comments

[Greg] sent in his biometric pistol safe lock. He keeps his guide light on details so not every Joe can crack the system (there is a thread to sift through if you really wanted to), but the idea runs fairly simple anyway. [Greg] took an old garage door opening fingerprint scanner and wired it into a half broken keypad based pistol safe. While he did have some issues finding a signal that only fired when the correct fingerprint is scanned, a little magic with a CMOS HEX inverter fixed that problem quick.

This does bring one question to our minds, are fingerprint scanners as easy to crack as fingerprint readers?