Ubertooth – Bluetooth Sniffing Updated for 2014!

Earlier I noticed this tweet on my twitter feed: Ubertooth release: https://t.co/cCYHNf34Yc I know it’s been a long time coming, I promise not to leave it so long next time. — Dominic Spill (@dominicgs) February 20, 2014 So I thought I would walk you through the update, which has improved Operating System support, improved Bluetooth Low Energy (BTLE) support, and GitHub integration to make community development easier….

Whitehatsec’s Aviator

A new web browser is brought to us from Whitehatsec called Aviator, built for speed, security and privacy.  Its based on the Open-Source Chromium browser and can utilise many of Chrome’s browser plugins. The browser boasts that with every website you visit, you are potentially vulnerable to malicious hackers out to steal your surfing history, passwords, email access, bank account numbers, medical info, and more. That the “big browsers” don’t do enough…

New WiFi Pineapple; From Britain with Love!

Introduction Since approximately around the time of our posting Blue for the Pineapple (6 months ago). Hak5 Pineapple Team have disappeared underground to produce the new Mark 5 Pineapple. A customised board that is cheaper to produce and more easily affordable. The Mark 5 has 2x WiFi cards (Atheros 9331 & RTL8187 (famously known as an Alfa)), with SMA connectors. Twice the RAM & ROM (16MB & 64MB), with the…

Proxmark3 – Adding Ultralight Support

Introduction The Proxmark3 appeared to be missing Mifare Ultralight support.  The ability to identify Ultralight cards was present within the ‘hf 14a reader‘ command. However the facility to read and write cards was sadly missing. But no worries as the protocol and instruction set is essentially the same as Mifare Classic; the only difference is standard Ultralight cards do not need authentication, and encryption and the Block size is 4…

Gnuradio – OSX Installation Guide

I briefly mentioned previously about using gnu radio on Linux or OSX.  Today I will walkthough the installation process on OSX. First install MacPorts if you have not already done so: http://www.macports.org. First install the rtl-sdr drivers: port install gr-osmosdr Now the latest version of gnuradio uses variants: port info gnuradio Password: gnuradio @3.7.1 (science, comms) Sub-ports: gnuradio-devel, gnuradio-next Variants: debug, docs, full, grc, jack, orc, portaudio, python26, [+]python27, qtgui, sdl, swig,…

Proxmark3 Client Compilation on OSX 10.7+

Recently, I tried to compile the proxmark3 client on OSX using the most recent codebase from the SVN (r756).  I was plagued by errors, regarding the use of QT and missing frameworks.  Consensus on the forums was to strip the QT libraries from the Makefile, and recompile. But the client object files hook a lot of graphical calls useful for researching tag modulation.  Stripping QT is just not an acceptable…

The Return of USB “Auto-Run” Attacks

Background USB Autorun attacks became the rage back in 2005.  Hak5 created a project to increase awareness of this security issue called USB-Hacksaw, originally a U3 device that would auto-run a series of programs.  This could be used from general system administration tasks, or potential malicious tasks; such as installing back-doors and running password collection programs.  Shortly, Vendors like Microsoft started to remove Auto-run capabilities to prevent more serious malware…