Played with PoisonTap network hijacking tool

Poison Tap in Action

@SamyKamkar made an impressive and terrifying tool.  This simple USB device steals your cookies, poisons your cache, and even persists a web backdoor.  On a locked machine no less!  It depends much on the trust that our computers take for granted.  Trusting a USB device is not up to no good.  Trusting the local network not trying to confuse. We must reexamine this trust going forward.  It didn’t take long to get it up and running, however once you do, you can spend hours tinkering.  (i was working to combine it with @mubix‘s work here)

I am also delighted to have my first Raspberry Pi as a USB device rather then host.  it is certainly exciting to created some new doodads using this dangerous toolkit.

UPDATE

I have since made a version without the cache attack.  I completely failed to steal the poisontap visuals, but TheCodePlayer offers a delightful matrix animation.  next step is to man in the middle ssl too.  I’m turning it into a device that logs everything while connected, but doesn’t persist.

Mac Pro takes a dive. There went my Sunday.

I return to my computer after letting it idle to this maelstrom. Pinwheel of death to 11!  Luckily I was left with at least one tool in my belt. Initial signs point to Disk I/O but with SSD??  Sometimes I feel like the cobbler with no shoes.  no such thing as a day off.

Mac Pro - Force Quit Window

UPDATE! – It was drive related, but not my boot drive. Apparently all this was caused by file system corruption on an external drive. it’s not that it wasn’t in use, but that drive was certainly not in use by all of these applications.  It was a drive that contains large files that don’t require especially high performance (like my bitcoin blockchain).  I must now give a shout out to DiskWarrior for saving my Sunday.

Does anyone remember how to destroy the Dark Portal?

I was replaying the classic Blizzard game Warcraft II and I couldn’t remember how to win.  It wasn’t this difficult to win the Orc campaign. Great game, I miss the 12+ hour games we’d play on our localtalk network.  It’s just not the same playing the computer.  #lanparty

Warcraft II - Dark Portal

Defcon 2016 photos and videos

Close ups of my much coveted badge.  Some hardware and base stations of the wifi village.  Both Information Society and Berlin played on Saturday night!  Shot a video of an amazing demo from the Car Hacking Village.  A car modified to play games instead of driving.  Also, the best of my flight home.  Some great pictures of Hoover dam and some of the solar farms and mesas as we few home.

defcon 2016 badge closedefcon 2016 badge chipdefcon 2016 wifi villagedefcon 2016 wifi village 2 
Continue reading “Defcon 2016 photos and videos”

End of an era! cydia.be3n.com shuttered after 7+ years!

In truth, I haven’t touched it in years.  I haven’t even touched cydia recently. Sadly, all this work would only be useful for someone with an original or 3g iPhone. Apple certainly doesn’t support those devices anymore.  Does anyone still use them?  Unfortunately, my ISP insists that I remove the content.  After 7 years of hosting it, they realized it violates TOS.  I should check the logs.  I wonder if it will even be missed.  People say the internet never forgets.  Sometimes it is quite the opposite. For nostalgias sake, I left the instructions site up: http://cydia.be3n.com/ (at least that does’t violate Dreamhost TOS).  For the record, much of my work continued support well into iOS 4.

cydia.be3n.com site

. . . Maybe it will rise again on S3?

Dentistry of the future…

A recent mouthpiece fitting exposed me to the latest in dental impressions. I filmed it, the tech was quite impressive. A camera takes pictures of my teeth and software stitches it into a 3D model. I only wish i could take home the model files. sure beat the molding clay in my mouth.  (though it did take a little bit longer)

Playing with screenshots & Snapchat

You think you can beat it? (snapchat screenshot detection) Snapchat is a popular multimedia chat app with an allegedly vanishing history. Users can send pics or videos and set an expiration in seconds. After viewing the content for the prescribed duration… poof, it’s gone.  I was bored and playing with my wife when I noticed that the app sends an alert to the sender when their message is captured using iOS’s screen capture function. I was actually impressed with the forethought. Unfortunately, that impression did not last long.  It took me less then 20 minutes and only 3 messages to take advantage of Snapchat’s prebuffering to capture the message permanently without revealing that I had even viewed it. I did this all with the latest Snapchat on the latest iOS on a stock iPhone 6s+ (no jailbreak).  Honestly I find this kind of thing in a lot in applications not designed specifically for security.  Non authenticated data is sent before the authentication for speed or some other performance reason that negatively impacts security.  Kinda like client side authentication, sure there is a reason for it, but that doesn’t make it a good idea.  I am certainly not the only one to figure this out.  It seems that the basics of this method have been known for at least a year.

UPDATE (6-15-16):  Tested again with newest Snapchat app.  still working.