security hacks

Fairly simple hack makes Samsung TVs reboot forever

May 3, 2012 By caleb Leave a Comment

[Luigi Auriemma] almost rendered his brother’s TV useless attempting to play a simple practical joke. In the process, he uncovered a bug that could potentially upset a lot of people. His idea was to connect a computer to the system via WiFi, masquerading as a remote control. [Luigi] found that by altering the packet being sent to the TV by adding a line feed and some other characters to the name, it would begin an endless reboot loop.

He also discovered that he could easily crash the devices by setting the MAC address string too long. We’re not sure if he’s modifying the remote, or the television on this one though.

These bugs affect the Samsung TVs and Blu Ray players that utilize the same chip. The crazy part is that despite his attempts, he has been unable to contact anyone at Samsung to let them know!

[via BoingBoing]

Filed Under: security hacks Tagged With: blu-ray, samsung, tv

Signal sniffing some laundry pay cards

April 30, 2012 By admin Leave a Comment

It seems that [Limpkin] was up to no good this weekend. He decided to snoop around inside a smart-card laundry machine. He posted about his ~~larceny~~ adventure and shared the details about how card security works with this machine.

We’re shocked that the control hardware is not under lock and key. Two screws are all that secures the panel to which this PCB is mounted. We know that machines using coins have a key lock, but perhaps there isn’t much need for that if there’s no currency to steal. [Limpkin] made a pass-through connector for the ribbon cable coming in from the card reader. That’s the rainbow cable you can see above and it’s being fed to his logic sniffer. He used the ‘card detect’ signal as a trigger and captured enough data to take back to his lair for analysis. Using what he found and a Bus Pirate to test the smart card he laid bare all the data that’s being sent and received by the controller.

Filed Under: security hacks Tagged With: laundry, smart card, sniffing

Time to get serious about going to LayerOne

April 26, 2012 By admin Leave a Comment

This year’s LayerOne Hacking and Security Conference is right around the corner. But it’s not too late to attend. You can still get a block-rate hotel room if you register by the end of April, and registration for the two-day event only costs a hundred bucks. It’s scheduled for May 26th and 27th in Anaheim California.

As usual, the Speaker lineup is quite impressive. Everything from Android Malware to embedded exploits and botnet adventures will be discussed. And then there’s the perennial favorite lock picking and hardware hacking villages. Did we mention badges? We’d bet it was this pick-and-place machine which helped assemble this year’s pile of badges. We haven’t seen any word on what they might include, but there’s a hacking contest so plan to pack your tools.

Filed Under: cons, security hacks Tagged With: badge hacking, layerone, lock picking

Hacking the Chronos and exploring the ISM bands

April 24, 2012 By caleb Leave a Comment

Take a few minutes and watch [atlas of d00m], at Shmoocon 2012, presenting information about using the RF dongle from the Chronos to explore ISM bands. Admittedly, I’m not very familiar with many of the things he discusses, but the words make sense. The bits and pieces I am familiar enough with to comprehend are truly fascinating. He covers typical methods of RF modulation as well as some hardware specific information to that dongle.

If you have a few minutes, or want more security related stuff, check out all the coverage from Shmoocon 2012. Tons of great videos here.

[Read more…]

Filed Under: security hacks Tagged With: chronos, shmoocon

Poking at the femtocell hardware in an AT&T Microcell

April 12, 2012 By admin Leave a Comment

Here’s a picture of the internals of an AT&T Microcell. This hardware extends the cellular network by acting as its own cell tower and connecting to the network via a broadband connection. So if you don’t get service in your home, you can get one of these and hook it up to your cable modem or DSL and poof, you’re cellphone works again. [C1de0x] decided to crack one open and see what secrets it holds.

On the board there are two System-0n-Chips, an FPGA, the radio chip, and a GPS module. There is some tamper detection circuitry which [C1de0x] got around, but he’s saving that info for a future post. In poking and prodding at the hardware he found the UART connections which let him tap into each of the SoCs which dump data as they boot. It’s running a Linux kernel with BusyBox and there are SSH and ROOT accounts which share the same password. About five days of automated cracking and the password was discovered.

But things really start to get interesting when he stumbles upon something he calls the “wizard”. It’s a backdoor which allow full access to the device. Now it looks like the developers must have missed something, because this is just sitting out there on the WAN waiting for someone to monkey with it. Responses are sent to a hard-coded IP address, but a bit of work with the iptables will fix that. Wondering what kind of mischief can be caused by this security flaw? Take a look at the Vodafone femtocell hacking to find out.

Filed Under: cellphones hacks, security hacks Tagged With: att, femtocell, microcell, SoC

Adding an electronic lock to a DIY book safe

April 11, 2012 By admin Leave a Comment

electronic-book-safe

DIY book safes are well and good, but if you give someone enough time to peruse your book collection, the 3-inch thick “Case study on Animal Husbandry Techniques during the 14th Century” is likely to stand out among your collection of hand-bound “Twilight” fan fiction. In an attempt to teach his friend a bit about microcontrollers and circuits, [Jonathan] spent some time adding a bit more security to your run of the mill book safe.

The pair started out with the time-consuming process of gluing the book’s pages together and creating enough hollow space for both storage and the electronics. With that out of the way, they installed a latch and servo motor inside the cavity, the latter of which is controlled using an Atmega328p with the Arduino bootloader. To gain access to the goodies stashed away inside, Jonathan hooks up a small PS/2 keypad and enters a passcode. This triggers the servo motor, opening the latch.

While the latch likely only adds a nominal bit of security to the book safe, it’s a fun enough learning exercise to justify the time spent putting it together.

Continue reading to see a short video of [Jonathan’s] electronic latching book safe in action.

[Read more…]

Filed Under: arduino hacks, news, security hacks Tagged With: arduino, book safe, latch, lock, servo

Fairly simple hack makes Samsung TVs reboot forever

Signal sniffing some laundry pay cards

Time to get serious about going to LayerOne

Hacking the Chronos and exploring the ISM bands

Poking at the femtocell hardware in an AT&T Microcell

Adding an electronic lock to a DIY book safe

Never Miss a Hack

In case you missed it

One more for good luck

another so it looks pretty

Testing thumb creation with genesis featured

DIY Science – Acid/Base Natural Indicators

Categories

Most commented on

Simple proximity sensor

Building the mind of a robot overlord

DIY Science – Acid/Base Natural Indicators

Controlling blinkenlights with modern computers

Hello world!

One more for good luck

Hackaday Links: February 1, 2012

Flexible web interface makes the universal remote nearly perfect

Recent Comments