Keykeriki: Wireless Keyboard Sniffer

June 4, 2009 by Caleb Kraft 27 Comments

[vimeo = 4990390]

Remote-Exploit.org is releasing Keykeriki, a wireless keyboard sniffer. The project is both open source hardware and software. you can download the files on their site. Right now you can’t get a pre made board, but they plan on releasing one soon. The system can be upgraded with “backpacks” or add on modules. One of these is going to be an LCD that displays the keystrokes of the keyboard you are sniffing. Another is supposed to serve as an interface to your iPhone. Right now it has the ability to decode Microsoft wireless keyboards, but the Logitech pieces should be added soon.

Simple Motion Detector And Alarm

May 25, 2009 by Caleb Kraft 21 Comments

MOTION

[John] sent us this nice little project. He shows us how to create a motion activated alarm that plays the Mario Brothers theme and flashes some lights. He’s using an ATTiny13a for the brains, and a cool mario mushroom candy tin for the body. You can see it in action after the break.

Continue reading “Simple Motion Detector And Alarm” →

Marc Weber Tobias Vs Medeco

May 22, 2009 by Eliot 20 Comments

tobias

This month’s Wired magazine has an extensive profile of [Marc Weber Tobias]. He’s a professional lock picker that delights in coming up with new techniques for taking on high security locks. In recent years, he’s run afoul of the US’s premier high security lock manufacturer, Medeco, by publishing Open in Thirty Seconds with [Tobias Bluzmanis]. Medeco still denies that this is even possible. Wired decided to to test the team by purchasing six new cylinders and timing them. Each one was open in under nine minutes. You can see a video of this on Wired’s site.

Last fall we covered a decoding attack against Medeco locks by [Jon King].

[via blackbag]

IFob: Keyless Entry

May 22, 2009 by Caleb Kraft 25 Comments

iFOB-11-M (Custom)

[Nate] hates keys. He’s gone through a lot of effort to remove them wherever possible. He has a keypad at home and a keypad at work, but he still has to carry car keys. His solution is to build a device he can carry in his pocket that will unlock the car via RF. To do this, he’s utilizing the guts of a Nike iPod puck along with an Arduino and an iPod serial board. He has managed to get this all working, but still has to carry his key to actually start the car. We know what his next project will be.

D-Link Router Captcha Broken

May 19, 2009 by Eliot 24 Comments

d-link

We reported last week that D-Link was adding captchas to their routers to prevent automated login by malware. Unsurprisingly, it doesn’t work all time. The team from SourceSec grabbed the new firmware and began poking at it. They found that certain pages don’t require the authentication to be passed for access. One of these is WPS activation. WPS lets you do push button WPA configuration. Once activated, any nearby client can request the WPA key using a tool like WPSpy. Only user level credentials are needed to pull this off, so changing just the admin password won’t prevent it.

[photo: schoschie]

D-Link Adds Captcha To Routers

May 12, 2009 by Eliot 30 Comments

D-Link is adding captcha support to its line of home routers. While default password lists have been abundant for many years, it was only recently that we started seeing the them implemented in malware. Last year, zlob variants started logging into routers and changing their DNS settings. It’s an interesting situation since the people who need the captcha feature are the ones who will never see it, since they won’t log in to change the default password.

[photo: fbz]

LayerOne Coming Soon

May 1, 2009 by Eliot 15 Comments

layerone

Annual hacker conference LayerOne will be held May 23-24th in Anaheim, CA. They’ve completed the speaker lineup and have quite a few interesting talks. [David Bryan] Will be focusing on practical hacking with the GNU Radio. It’s a software defined radio that we’ve covered in the past for GSM cracking. [Datagram] will present lockpicking forensics. While lockingpicking isn’t as obvious as brute force entry, it still leaves behind evidence. He’s launched lockpickingforensics.com as a companion to this talk. LayerOne is definitely worth checking out if you’re in the Los Angeles area.