Howdy! I’m pleased to announce that THIS Thursday (June 25) at 6:30 PM,
Midnight Research Labs Boston will have a special guest speaker: Mr.
James Atkinson, who will be giving (if memory serves me correctly) his
“Kill Your Cordless Phone” talk.

***This talk will be announced and open to the general public, and WILL
REQUIRE AN RSVP as space is limited. Given the size and layout of MRLB,
we’ll be doing a bit of re-arranging to accommodate attendees.***

Please RSVP to rsvp001 @ n0where.org

We hope to see you there!

Here’s a brief bio on Mr. Atkinson (more at http://tscm.com/biojma.html):

“”"
James M. Atkinson is the President and Senior Engineer of Granite Island
Group - a prestigous veteran-owned company started in 1987 that
specializes in the electronics engineering field. Assuring the
protection of classified, confidential, privileged, or private
information against technical attack, eavesdropping, or exploitation,
Mr. Atkinson has earned the respect of the of the most public and
private global client base in the industry. Prior to 1987, Mr. Atkinson
served in the military, and had a nationally recognized background as a
computer hardware and software developer.

He is a counter-surveillance expert, communications engineer, security
consultant, and instructor with a reputation for designing and
installing some of the most powerful secure communications systems used
by both government agencies and major corporations. He has designed over
130 electronic and tactical products such as GPS devices, test
instruments, radio equipment, audio products, modified bouchons, HRT
devices, cryptographic equipment, surveillance devices, SIGINT/COMINT
products, and various other devices and systems.
“”"

This opensource hardware and software project enables every person to verify the security level of their own keyboard transmissions, and/or demonstrate the sniffing attacks (for educational purpose only). The hardware itself is designed to be small and versatile, it can be extended to currently undetected/unknown keyboard traffic, and/or hardware extensions, for example, a repeating module or amplifier

Here’s a video that they posted of the sniffer in use:

You can download the latest version of SEAT here. Detailed documentation is available in documentation.pdf. Also, if you are a big fan of Backtrack like me, you can get SEAT preinstalled with the upcoming final release of Backtrack 4.

Here’s an abbreviated example:

$ ./tacacs-passwd-dump.py
usage: ./tacacs-passwd-dump.py <input tacacs file> <output passwd file>

$ ./tacacs-passwd-dump.py tac_plus.cfg tacacs.passwd
[*] Got user [john] [john smith]
[*] Got user [fred] [fred smith]
[*] Imported [2] accounts
[*] Done.

$ john tacacs.passwd
Loaded 2 password hashes with 2 different salts (Traditional DES [128/128 BS SSE2])
lamepassword (foo1)

– Hack in the box - Malaysia videos. Day1 — Day 2. Even though it’s a pirate bay link, the videos were linked from the main HITB page, so I’m assuming it’s legit, :).

– Microsoft’s BlueHat 8 videos. Day 1 — Day 2.

– Dojosec videos.

– (edited to add) 25C3 videos are also now online. Awesome.

Happy torrenting.

Here’s an example of a theremin:


So what does this have to do with anything? I wrote up a script that has the same functionality that uses a wifi device and its signal strength to control the frequency and volume. Yeah, pretty useless, but yet here it is. We actually did this a couple years ago at MRL, but that version was even more of a hack. This version will actually interpolate the pitch as the signal strength jumps around and is threaded so the sound is a little smoother. This version also allows for a second control (wifi interface) that corresponds with the volume so it is a little bit more like a real theremin. There’s still a decent amount of latency though, so you can’t really use it to create useful music.

Here’s a short sample of what it sounds like when you run it from my system. Now isn’t that a beautiful sound, .

I started creating this on my mac book pro, but after realizing the embedded antenna is pretty difficult to control the signal strength from, I added support for linux. It’s not doing anything fancy for reading signal strength (just parsing CLI utils), so I’m not sure how portable it really is. Also, it does have a couple dependencies on audio libraries, but they’re pretty easy to install (in case you really care).

Anyway, Have fun!

From the announcement:

WANTED:
An evil large multinational corporation, or…
An nefarious group of genius autonomous hackers, or…
A shadowy government organization from somewhere in the world
TO:
Host, recreate, and innovate the worlds most (in)famous hacking contest.

Kenshoto has always done an amazing job at both the pre-qualification rounds as well as the main competition. They really stepped up the game as more of an art than just a competition. Their efforts will be missed as we look forward to who will carry the torch next.

Via www.offensivecomputing.net

From the advisory text:

Unfortunately, Rovio’s access control mechanisms (username/password) are not
completely utilized across the platform even when enabled. Certain URLs and
RTSP Streaming capabilities of the device are accessible with no
authentication. Furthermore, deployment of the device in the default
configuration attempts to use UPnP to automatically configure your firewall to
allow external access to the mobile webcam platform.