Finally We Can Watch The Deere Cracking Def Con Talk

A few weeks ago, some tantalizing social media posts emerged from a Def Con talk, in which [Sick Codes] broke into the screen control unit for a John Deere tractor live on stage, and proceeded to play a special Deere-themed DOOM level upon it. At the time there was nothing more to go on, but we’re pleased to find out that the whole talk has been put online.

The talk starts with an introduction to the topic, to the basics of the control units within the machine and to the various different ages of Deere screen unit. We find that the earlier machines, which are still at work on farms worldwide, rely on outdated Windows CE versions, though the very latest screens run a Linux variant.

It’s one of these last screens to which he turns his attention, and we’re treated to an in-depth look at some of its secrets. After a lot of dead ends and learning exercises the final result is distilled into a pogo pin adapter for the hardware part, and a simple enough cron job to bypass one of Deere’s defenses by keeping the filesystem writable so a file can be updated. There’s a bit more detail about the special DOOM level too, as a special bonus.

You can see our original mention of this talk, or read some of our past Deere coverage.

Continue reading “Finally We Can Watch The Deere Cracking Def Con Talk”

Did You See A John Deere Tractor Cracked At DEF CON?

The Internet, or at least our corner of it,  has been abuzz over the last few days with the news of a DEF CON talk by [Sick.Codes] in which he demonstrated the jailbreaking of the console computer from a John Deere tractor. Sadly we are left to wait the lengthy time until the talk is made public, and for now the most substantive information we have comes from a couple of Tweets. The first comes from [Sick.Codes] himself and shows a game of DOOM with a suitably agricultural theme, while the second is by [Kyle Wiens] and reveals the tractor underpinnings relying on outdated and un-patched operating systems.

You might ask why this is important and more than just another “Will it run DOOM” moment. The answer will probably be clear to long-term readers, and is that Deere have become the poster child for improper use of DRM to lock owners into their servicing and deny farmers the right to repair. Thus any breaches in their armor are of great interest, because they have the potential to free farmers world-wide from this unjust situation. As we’ve reported before the efforts to circumvent this have relied on cracked versions of the programming software, so this potential jailbreak of the tractor itself could represent a new avenue.

As far as we’re aware, this has so far taken place on the console modules in the lab and not in the field on a real tractor. So we’re unsure as to whether the door has been opened into the tractor’s brain, or merely into its interface. But the knowledge of which outdated software can be found on the devices will we hope lead further to what known vulnerabilities may be present, and in turn to greater insights into the machinery.

Were you in the audience at DEF CON for this talk? We’d be curious to know more. Meanwhile the Tweet is embedded below the break, for a little bit of agricultural DOOM action.

Continue reading “Did You See A John Deere Tractor Cracked At DEF CON?”

Hands On: DEF CON 29 Badge Embraces The New Normal

To say that 2020 was a transformative year would be something of an understatement. The COVID-19 pandemic completely changed the way we worked, learned, and lived. Despite all those jokes about how much time people spend on their devices rather than interacting face-to-face with other humans, it turns out that when you can’t get more than a few people together in the same room, it throws our entire society into disarray.

Our community had to rethink how we congregated, and major events like HOPE, DEF CON, and even our own Hackaday Supercon, had to be quickly converted into virtual events that tried with varying degrees of success to capture the experience of hundreds or thousands of hackers meeting up in real life. While few would argue that a virtual hacker convention can ever truly replace a physical one, we learned there are undeniable benefits to embracing the advantages offered by cyberspace. If nothing else, the virtual hacker meetups of 2020 saw a far larger and more diverse array of attendees and presenters than ever before.

As we begin seeing the first rays of light at the end of the long, dark, tunnel we’ve been stuck in, it’s clear that some of the changes that COVID-19 forced on our community are here to stay. As eager as we all are to get back to the epic hackfests of old, nobody wants to close the door on all those who would be unable to attend physically now that they’ve gotten to peek behind the curtain.

With this in mind, this year’s DEF CON is being presented in both physical and virtual forms simultaneously. If you made to Las Vegas, great. If not, you can follow along through chat rooms and video streams from the comfort of your own home. Following the theme, the DC29 badge is not only a practical tool for virtual attendees, but an electronic puzzle for those who are able to bring a few of them together physically. Let’s take a closer look at this socially distanced badge and the tech that went into it.

Continue reading “Hands On: DEF CON 29 Badge Embraces The New Normal”

AND!XOR’s DEF CON 29 Electronic Badge Is An Assembly Puzzle

For years I’ve looked forward to seeing each new unofficial hardware badge that comes out of the #Badgelife powerhouse known as AND!XOR. A mix of new and interesting components, alternate-reality game, and memes, you never know what they’re going to throw down.

A bubble pack landed on my desk on Thursday with the newest offering, the AND!XOR electronic badge built for DEF CON 29, happening this weekend as a hybrid in-person and online conference. While each previous year upped the ante on complexity and manufacturing magic tricks, it’s no surprise considering the uncertainty of both the global pandemic and global chip shortage that they took a different tack. What we have here is a badge hacking puzzle that challenges you to just figure out how to put the thing together!

Continue reading “AND!XOR’s DEF CON 29 Electronic Badge Is An Assembly Puzzle”

Breaking Smartphone NFC Firmware: The Gory Details

Near-field Communication (NFC) has been around a while and is used for example in access control, small data exchange, and of course in mobile payment systems. With such sensitive application areas, security is naturally a crucial element of the protocol, and therefore any lower-level access is usually heavily restricted and guarded.

This hardware is especially well-guarded in phones, and rooting your Android device won’t be of much help here. Well, that was of course only until [Christopher Wade] took a deep look into that subject, which he presented in his NFC firmware hacking talk at for this year’s DEF CON.

But before you cry out “duplicate!” in the comments now, [Jonathan Bennett] has indeed mentioned the talk in a recent This Week In Security article, but [Christopher] has since written up the content of his talk in a blog post that we thought deserves some additional attention.

To recap: [Christopher] took a rooted Samsung S6 and searched for vulnerabilities in the NFC chip’s safe firmware update process, in hopes to run a custom firmware image on it. Obviously, this wouldn’t be worth mentioning twice if he hadn’t succeeded, and he goes at serious length into describing how he got there. Picking a brain like his by reading up on the process he went through — from reverse engineering the firmware to actually exploiting a weakness that let him run his own code — is always fascinating and downright fun. And if you’re someone who prefers the code to do the talking, the exploits are on GitHub.

Naturally, [Christopher] disclosed his findings to Samsung, but the exploited vulnerability — and therefore the ability to reproduce this — has of course been out there for a long time already. Sure, you can use a Proxmark device to attack NFC, or the hardware we saw a few DEF CONs back, but a regular-looking phone will certainly raise a lot less suspicion at the checkout counter, and might open whole new possibilities for penetration testers. But then again, sometimes a regular app will be enough, as we’ve seen in this NFC vending machine hack.

Continue reading “Breaking Smartphone NFC Firmware: The Gory Details”

Eavesdropping On Satellites For Fun And Profit

Geosynchronous satellites, girdling the Earth from their perches 36,000 km above the equator, are remarkably useful devices. Depending on where they’re parked, they command views of perhaps a third of the globe at a time, making them perfect communications relays. But as [James Pavur] points out in his DEF CON Safe Mode talk, “Whispers Among the Stars”, geosynchronous satellite communication links are often far from secure.

[James], a D. Phil. student in Systems Security at Oxford University, relates that his exploits rely on the wide areas covered by the downlink signals from the satellites, coupled with security as an afterthought, if it was even thought of at all by satellite service providers. This lackadaisical approach let him use little more than a regular digital satellite TV dish and a tuner card for a PC — off-the-shelf stuff that you’d really have to try hard to spend more than $300 on — to tap into sensitive information.

While decoding the digital signals from satellites into something parseable can be done with commercial applications, [James] and his colleagues built a custom tool, GSExtract, to pull data from the often noisy signals coming down from on high. The setup returned an amazing bounty of information, like maritime operators relaying the passport information of crew members from ship to shore, point-of-sale terminal information from cruise ships in the Mediterranean, and in-flight entertainment systems in jet airliners. The last example proved particularly alarming, as it revealed an exploitable connection between the systems dedicated to keeping passengers content and those in the cockpit, which clearly should not be the case.

We found [James’] insights on these weaknesses in satellite communications fascinating, and it’s well worth the 45 minutes to watch the video below and perhaps try these exploits, which amount to side-channel attacks, for yourself.

Continue reading “Eavesdropping On Satellites For Fun And Profit”

This Week In Security: DEF CON, Intel Leaks, Snapdragon, And A Robot Possessed

Last weekend, DEF CON held their “SAFE MODE” conference: instead of meeting at a physical venue, the entire conference was held online. All the presentations are available on the official DEF CON YouTube channel. We’ll cover a few of the presentations here, and watch out for other articles on HaD with details on the other talks that we found interesting.
Continue reading “This Week In Security: DEF CON, Intel Leaks, Snapdragon, And A Robot Possessed”