Open source GSM cracking software called “Kraken” has been released into the wild. You may recognize some of the information from back in December when we announced that they had cracked GSM encryption. Well, now you can participate as well. You’ll need a pretty beefy Linux machine and some patience. They say that an easier GUI and support for GPU processing is coming in the near future.
While hacking a wireless presenter doesn’t sound like something worthwhile or interesting, [Niels Teusink] demonstrates that these little devices often are a lot more powerful than we give them credit.
With an Arduino, plenty of research, and some heavy sniffing of a wireless presenter’s SPI and then wireless interface [Niels] is able to emulate an entire keyboard. Sending commands as harmless as “next slide” to the devastating “[Win+R] Format C:”. Hopefully anyone planning such a project at the next Apple or Microsoft keynote just intends some gentle fun.
Related: Wireless keyboards easily cracked.
[Thanks Dan Ransom]
[youtube=http://www.youtube.com/watch?v=jhfF2Et77aw]
[Wolf] emailed us to show us his Self destructing Hard Drive tutorial. He’s using thermite, like we did, but he’s put a little more effort into the delivery system. In the video, you can see a huge spray molten iron. This is because his “jet”, the block of wood hollowed out to focus the thermite on to the hard drive didn’t hold a seal at the top. Not too bad for try #1. He could probably build this to be more contained, but even then it will most likely turn into “entire self destructing office” if it were to actually be used. A little common sense goes a long way here folks, this is molten metal and is extremely hot and dangerous.
[Koala] was worried his pseudo smart card trick wouldn’t be considered a HackaDay worthy. We’re more worried the internet police will find this article and have us all tarred and feathered.
Jokes aside, it seems Laundromat owners sure aren’t learning. Long story short, using a Bus Pirate and a few techniques we’ve seen before for smart card hacking [Koala] is able to write whatever amount he needs onto his pseudo smart card; thus giving him a free load of laundry.
Straight out of Ghost in the Shell, the Laughing Man makes his appearance in these security camera shots. [William Riggins] wrote us to let us know about his teams Famicam scripts. After taking a screen shot, faces are detected and counted, ‘anonymized’, and the final image is uploaded to Twitter.
The process is rather simple, and sure beats wearing a bunch of white reflective camouflage. All that’s left is detecting specific faces to make anonymous, and of course uploading the script to every camera in the world. Easy, right?
[_coreDump] was doing some database vulnerability testing using SQLmap to automate the process. To his dismay, the package was unable to test using the Simple Object Access Protocol. Faced with having to manually test all of the SOAP vulnerabilities he decided to work some Python magic and add support. His solution allows SQLmap 0.8 to parses XML data from the SOAP protocol by modifying three files from the package. He’s made the diff filesĀ availableĀ if you need this functionality for your own security testing.
Do not put anything in this box that you will need in a rush. You’ll have to successfully guess the word in a game of hangman to gain entry. He’s using an Atmega328 as the brains of this project with a rotary dial and an LCD for input and display. If you win, the box is unlocked and you can open it up to get whatever is inside. There are links to various tutorials along the way to help with each step, including the Arduino source code he used to build it. We think he should bump it up a notch and have the box destroy the contents if you fail. Sounds like fun, right?
