November 24th, 2014

Keyboard Sniffing

We talked about this before, and since it’s a pretty interesting project I thought it would be good to follow up on. The guys (responsible for backtrack) released a how-to along with source-code and parts list, etc, for their wireless keyboard sniffing project. They don’t have fabricated boards yet, but they’re looking at some options for the future. The hardware is based on a Texas Instruments TRF7900 chip controlled by an ATMEL ATMEGA microcontroller. Here’s the blurb they have on the site:

This opensource hardware and software project enables every person to verify the security level of their own keyboard transmissions, and/or demonstrate the sniffing attacks (for educational purpose only). The hardware itself is designed to be small and versatile, it can be extended to currently undetected/unknown keyboard traffic, and/or hardware extensions, for example, a repeating module or amplifier

Here’s a video that they posted of the sniffer in use:

Keyboard Sniffer Keykeriki from Max Moser on Vimeo.

We know what you typed last summer

An interesting advisory comes from guys at remote-exploit and dreamlab technologies dealing with (in)security of common non-bluetooth wireless keyboards sold by Microsoft (Wireless Optical Desktop 1000 and 2000). According to the white paper released on the subject (available here) only the actual key pressed is transmitted in encrypted form, all other communication such as keyboard identification, metakeys (Shift, Alt, etc.), and other data are all transmitted in clear text. Furthermore, the encryption scheme used for keystroke data consists of “a simple XOR mechanism with a single byte of random data generated during the association procedure”. What this means is that not only can you quickly brute force entire key space (256 combinations), but you can actually obtain the encryption key by intercepting the initial association of keyboard and receiver (as was demonstrated in this video ). Authors did not release the PoC tool to the public citing an ongoing research (meaning more goodies coming soon ;). As such we can only applaud at this effort and look forward to seeing this tool in the upcoming Backtrack 3.

Microsoft Optical Desktop 1000

Steam Powered R2D2

Ok, this one is is for hackers of a different sort. My inner geek wouldn’t let me pass this one by without posting it. It is a steam powered R2D2 (R2 Steam too) !. Very cool stuff — gotta love steampunk. You might recognize other work by crabfu steamworks, like the R/C Steam LocoCentipede, or one of the many other fascinating creations.

Thanks Hackaday.

Linksys WRT revision HW documentation (and pictures)

As seen on #pauldotcom — here is a link that covers technical information for many different hardware revisions of the Linksys WRT. It has information on what general features it has as well as pictures of the internals for each. If you’re trying to determine which version to buy for your project, this might help you out. At the bottom there is a very useful table that has all kinds of information for each model including the number or ports, the antenna connector, whether it has serial access, what processor/memory/flash, etc.

Makers Faire

Saturday and Sunday are Maker’s Faire in San Mateo. It should be a good time, there are lots of interesting things going on (electronics hacks, Sci-Fi Rock and roll, robotics, RFID implants (do it yourself implants nonetheless), Exploding Fire Trucks and even a technology fashion show, =)

See you there! (I should have some MRL stickers on me if you’re interested, let me know)

Now that’s what I call a heat sink

On #mrl last night, we somehow got around to searching google for o_O, and came across this:

Persistence of Vision

Here is an interesting hardware project from ladyada on putting persistence of vision devices on the spokes of a bicycle wheel. The project has pretty good instructions complete with parts lists and pictures, etc. (via MAKE)

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS