D-Link Router Captcha Broken

May 19, 2009 by Eliot 24 Comments

d-link

We reported last week that D-Link was adding captchas to their routers to prevent automated login by malware. Unsurprisingly, it doesn’t work all time. The team from SourceSec grabbed the new firmware and began poking at it. They found that certain pages don’t require the authentication to be passed for access. One of these is WPS activation. WPS lets you do push button WPA configuration. Once activated, any nearby client can request the WPA key using a tool like WPSpy. Only user level credentials are needed to pull this off, so changing just the admin password won’t prevent it.

[photo: schoschie]

GPS Logger With Wireless Trigger

May 10, 2009 by Caleb Kraft 7 Comments

gpslog

[Matthew] sent us his group’s final project, where they built a nice GPS logging system. Not only can it simply log the GPS coordinates on a predetermined interval, it can also be triggered to make an entry by a wireless device. In this example, they use a camera. This allows them to then upload all the GPS information and pictures to places like Google Earth.

They are using an ATmega644, with an LCD, SD card, and GPS unit. They had to do a little hacking on their camera to add the wireless transmitter, which triggers the logger. You can see not only the cost break down and source code for the project, but also a map with lots of geotagged photos. This is the kind of thing we can almost see as a standard item in the future.

Weather Monitoring

May 5, 2009 by Caleb Kraft 18 Comments

weather

This weather monitor can track pressure, temperature, and humidity and last several months on a pack of AA batteries. It has a PIC18f452 to control all the bits, as well as some fancy power management to get the most out of the batteries as possible. The screen displays the highest and lowest temperatures of the last 42 hours as well as having options to display all other sensor input, updated every minute or so. You can get the full schematic and parts list on the project site.

[via YourITronics]

Linksys IP Cam Hacking

April 20, 2009 by Caleb Kraft 28 Comments

admin_password_extraction_2-300x216

GNUCITIZEN has posted information on linksys wireless IP camera hacking. It turns out that some models send the administrator user name and password to the computer when the setup wizard requests a connection. In theory, someone could send the request and harvest your passwords wirelessly. This seems like a pretty careless oversight. We would think that linksys will probably remedy this before too long.

Update: Part 2 has been posted.

Update: Part 3 has been posted.

RF Modem + 250mW Amplifier

April 2, 2009 by Caleb Kraft 37 Comments

[Trax] sent in his writeup on this RF modem with built in 250mW amplifier. The original power of the RF transceiver was around 10mW, his final results after testing were nearly 250mW. He was able to to easily transmit data over 1000 meters using his test setup. He states that he was actually able to achieve this without an antenna on the receiving side. That’s pretty impressive performance. It’s also worth noting that he soldered all of the components in place using a home clothing iron and some soldering paste. That must have been fairly tedious.

Ultra Mouse Modification

March 16, 2009 by Caleb Kraft 75 Comments

mouse

When traveling with a laptop, we often find that the list of peripherals that we have to attach can get pretty long. Especially if it is an older laptop without wireless built in. [Dawning] has taken steps to consolidate some of his peripherals(registration required)by cramming a USB hub and a wireless card into his mouse.

He started by dismantling a USB hub. After placing the board in the mouse to see how it fit, he realized that he was going to have to reduce the size. To do this, he removed the USB slots themselves. This forces him to wire things directly to the board, but saves a ton of space. Next, he took the guts from a USB wireless adapter and wired them up. The decorative LED in the mouse was then moved to the wireless card. This way he could see light flicker with his network traffic. At this point, that’s all he’s added, though there’s still plenty of space for other items. He notes that he’ll probably add some storage or a CF reader. The only problem he has encountered is that his mouse tends to get warm during use. What peripherals would you put in there?

Update: [Dawning] let us know that he didn’t actually remove the LED from its original location. He connected a wire from the wireless adapter that causes the LED to short when traffic is going through. Also, there’s a video which you can now see after the break.

Continue reading “Ultra Mouse Modification” →

Zigbee AES Key Sniffing

March 15, 2009 by Eliot 8 Comments

zigbeesniffing

[Travis Goodspeed] posted a preview of what he’s working on for this Summer’s conferences. Last weekend he gave a quick demo of sniffing AES128 keys on Zigbee hardware at SOURCE Boston. The CC2420 radio module is used in many Zigbee/802.15.4 sensor networks and the keys have to be transferred over an SPI bus to the module. [Travis] used two syringe probes to monitor the clock line and the data on a TelosB mote, which uses the CC2420. Now that he has the capture, he’s planning on creating a script to automate finding the key.