Security Hacks

1498 Articles

Ekahau HeatMapper Maps Out WiFi Signals

June 16, 2009 by 36 Comments

see_wireless_configs_large

The term ‘warwalking’ isn’t used very often, but the Ekahau HeatMapper adds a new tool to the pod bound hacker’s arsenal. The tool maps out wireless access points as well as their signal strength within a facility. A test of the HeatMapper on a map made with AutoDesk Dragonfly accurately determined the location of a router within 3 feet and helped tune the angle it needed to be at for maximum range. Ekahau made a fantastically cheesy promotional video for their product, which is viewable after the jump. The program is free of charge, but unfortunately only runs on windows, so mac and *nix users are out of luck, though it might run under wine.

Continue reading “Ekahau HeatMapper Maps Out WiFi Signals”

Bucky’s Animal Spirit

June 4, 2009 by 18 Comments

[vimeo = 4570300]

When an unsuspecting person walks up to [Rob Ray’s] ATM machine, they are greeted with a surprise that doesn’t involve giving them their money. When they insert their card, the video above plays followed by a game where you control a beaver trying to save money during a recession. Surprisingly, people usually found it humorous and didn’t immediately freak out that their card was in a machine that wasn’t their ATM. His site has all kinds of pictures of various users as well as the construction of the project.

[via Wooster Collective]

Keykeriki: Wireless Keyboard Sniffer

June 4, 2009 by 27 Comments

[vimeo = 4990390]

Remote-Exploit.org is releasing Keykeriki, a wireless keyboard sniffer. The project is both open source hardware and software. you can download the files on their site. Right now you can’t get a pre made board, but they plan on releasing one soon. The system can be upgraded with “backpacks” or add on modules. One of these is going to be an LCD that displays the keystrokes of the keyboard you are sniffing. Another is supposed to serve as an interface to your iPhone.  Right now it has the ability to decode Microsoft wireless keyboards, but the Logitech pieces should be added soon.

Marc Weber Tobias Vs Medeco

May 22, 2009 by 20 Comments

tobias

This month’s Wired magazine has an extensive profile of [Marc Weber Tobias]. He’s a professional lock picker that delights in coming up with new techniques for taking on high security locks. In recent years, he’s run afoul of the US’s premier high security lock manufacturer, Medeco, by publishing Open in Thirty Seconds with [Tobias Bluzmanis]. Medeco still denies that this is even possible. Wired decided to to test the team by purchasing six new cylinders and timing them. Each one was open in under nine minutes. You can see a video of this on Wired’s site.

Last fall we covered a decoding attack against Medeco locks by [Jon King].

[via blackbag]

IFob: Keyless Entry

May 22, 2009 by 25 Comments

iFOB-11-M (Custom)

[Nate] hates keys. He’s gone through a lot of effort to remove them wherever possible. He has a keypad at home and a keypad at work, but he still has to carry car keys. His solution is to build a device he can carry in his pocket that will unlock the car via RF. To do this, he’s utilizing the guts of a Nike iPod puck along with an Arduino and an iPod serial board. He has managed to get this all working, but still has to carry his key to actually start the car. We know what his next project will be.

D-Link Router Captcha Broken

May 19, 2009 by 24 Comments

d-link

We reported last week that D-Link was adding captchas to their routers to prevent automated login by malware. Unsurprisingly, it doesn’t work all time. The team from SourceSec grabbed the new firmware and began poking at it. They found that certain pages don’t require the authentication to be passed for access. One of these is WPS activation. WPS lets you do push button WPA configuration. Once activated, any nearby client can request the WPA key using a tool like WPSpy. Only user level credentials are needed to pull this off, so changing just the admin password won’t prevent it.

[photo: schoschie]