Proxmark3 – Adding Ultralight Support

Introduction The Proxmark3 appeared to be missing Mifare Ultralight support.  The ability to identify Ultralight cards was present within the ‘hf 14a reader‘ command. However the facility to read and write cards was sadly missing. But no worries as the protocol and instruction set is essentially the same as Mifare Classic; the only difference is standard Ultralight cards do not need authentication, and encryption and the Block size is 4…

Gamby: Retro Style Gaming on Arduino

What is a GAMBY? Gamby – the Games for Arduino Made By You! When I’m personally not security testing, I like to chill out, play games, play with electronics kits, and usual stuff like family time.  I think its important to remember to leave work behind on the Friday, have some fun over the weekend, and resume the work life on Monday. Today, I received my Gameby kit after seeing…

SDR – ADS-B Decoding: dump1090 (Linux/OSX)

Previously, I covered RTL1090 to observe ADS-B signals on the Microsoft Windows Operating System. In this post post I will walk you through the simple operation of the Linux & OSX equivalent dump1090.  This Open-Source package performs just as good as its Windows counterpart, maybe even better as no additional mapping software is necessary. Source Code git clone https://github.com/antirez/dump1090.git

SNMP – The Missing MIB

Introduction Many users of SNMP Network Management Tools / Penetration Test Tools, may find that recent versions of software including the popular SNMPwalk appear to be missing MIBs, or that previously available information is now mysterious missing.  This is more prominent on Debian or Ubuntu based systems (any system that compiles from source like Gentoo , appear unaffected).  This is additionally important for Penetration Tester Professionals that have an exam…

SDR : Software Defined Radio

Recently, I’ve been busy playing with Software Defined Radio (SDR).  I was able to get my hands on one of these cheap TV dongles with the Realtek 2832U Chipset.  So what’s the big deal? A V4L/DVB kernel developer  Antti Palosaar, discovered that the chip allows transferring the raw I/Q samples to the host, which is officially used for DAB/DAB+/FM demodulation.The RTL2832U outputs 8-bit I/Q-samples, and the highest theoretically possible sample-rate is…

Bluetooth Sniffing | Bluetooth Vulnerabilities | InteliSecure

After the previous post Ubertooth – Open Source Bluetooth Sniffing, many have asked the question why? People can remember some of the original Bluetooth holes back between 2004-2008 but vulnerabilities are simply not common these days. Small list of vulnerabilities on Phones: Stealing Address Books from Nokia Phones. Remote Dialing 090* numbers. Blasting audio down headsets/car stereos. Depending on the Bluetooth implementation sometimes security and/or encryption is not applied.  As…

IR Blue – Cheap Open Source Thermal Imaging

For those that missed it RHWorkshop started a Kickstarter project back in December 2012; to build an Open Source, Cheap and Affordable Thermal Imaging Camera, for use with Apple IOS or Android devices.  Thermal Imaging Cameras typically cost approximately $1,500USD,  this device costs $160USD (just over 10% of the value, compared to a professional piece of kit).