Posts Tagged 'hacking'

Researchers Use PlayStation Cluster to Forge Web Skeleton Keys

• 
• 

Details

Category: Cryptography

Published on Tuesday, 30 December 2008 00:00

Written by Administrator

Hits: 6026

How to create a rogue CA certificate...

We (note Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger) have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.

[..] "A single attempt for constructing a chosen-prefix collision costs about a little more than a day. The first stage consisting of the birthday search is computationally the most expensive. Luckily it is also very suited for the special SPU cores of the Cell Processor that the Sony PlayStation 3 uses. We had about 200 PS3s at our disposal, located at the "PlayStation Lab" of Arjen Lenstra at EPFL, Lausanne, Switzerland (see the picture). The birthdaying takes about 18 hours on the 200 PS3s using 30GB of memory that was equally divided over the PS3s. The second stage computes the 3 collision blocks that eliminate the IHV differences left after the first stage and costs in total about 3 to 10 hours on a high-end quadcore pc." from http://www.win.tue.nl/hashclash/rogue-ca/

Note: only certificate signed with MD5 are forgeable, and it required a lot of knowledge and money at the moment... unfortunately these are things that spammer, thief and zombies network have at disposal. By luck as soon as Verisign switch to a more secure hashing function, the problem will be solved (Verisign will phase MD5 by January out)

Note2: even a geek need 1 week to understand the explanations ;-)

Read more at http://www.win.tue.nl/hashclash/rogue-ca/

Android how to delete system application and remove unwanted MyTaxi on Galaxy S3

• 
• 

Details

Category: Android

Published on Tuesday, 28 August 2012 20:32

Written by Administrator

Hits: 1591

I use the hard way, free but a bit more difficult as it require a rooted device, I personally use “Android Terminal Emulator” with granted root permissions (after typing su a prompt will appear)

Android how to delete system application

su (enter)
mount -o rw,remount /system (enter)
rm -r /system/app/FILE-NAME-HERE.apk (enter)

How to remove this SHIT of myTaxi – Passenger Taxi App on Samsung Galaxy S3

This application got installed without my knowledge by a Samsung update as a System App that CANNOT BE UN INSTALLED!

First before I forgot: Go to hell Samsung and Intelligent Apps GmbH

If either of you continue in that direction, installing software without my prior permission, the next update to my Samsung Galaxy S3 will be CyanogenMod 10

Back to the removal of MyTaxi,  Samsung did hide taxi.android.client_v2.5.1.apk under the name /system/app/samsung_ch.apk

To remove it

su (enter)
mount -o rw,remount /system (enter)
rm -r /system/app/samsung_ch.apk (enter)

Hardware mods links

• 
• 

Details

Category: Hardware mods

Published on Tuesday, 31 August 2004 00:00

Written by Administrator

Hits: 6333

Â

Â

Game Boy + LEGO = Robot

• 
• 

Details

Category: Building Robots

Published on Sunday, 15 May 2005 00:00

Written by Administrator

Hits: 5781

I already saw this at the french robotic cup in 1999, here is Your chance to buy a mature kit: the Xport 2.0. You can now create amazing robot creations with a Game Boy and some LEGOs.... The new Xport 2.0 turns the Game Boy Advance (GBA) into a powerful embedded development system.  4 closed-loop back-EMF motor controllers 16 digital sensor inputs 8 analog sensor inputs In-system NiCd, NiMH battery charger Battery voltage monitor Comprehensive open-source software Optional Bluetooth and other accessories Combine with a game boy advance, you have among other things a system: Programmable in C or C++ PCM sound 240x160 TFT color LCD Powerful 32-bit RISC CPU

Bluetooth in secure mode vulnerable too

• 
• 

Details

Category: Cryptography

Published on Saturday, 04 June 2005 00:00

Written by Administrator

Hits: 8130

A SECURITY flaw could allow hackers to eavesdrop on cellphone conversations made on Bluetooth-based wireless headsets was revealed in april 2004...But at that time an expensive piece of hardware was needed. Now it is even worse a simple brute force while the device are doing keyring exchange... "Whitehouse showed in 2004 that a hacker could arrive at this link key without knowing the PIN using a piece of equipment called a Bluetooth sniffer. This can record the exchanged messages being used to derive the link key and feed the recordings to software that knows the Bluetooth algorithms and can cycle through all 10,000 possibilities of the PIN. Once a hacker knows the link keys, Whitehouse reasoned they could hijack the device." Now the new attack force the  two bluetooth devices to pair, they can work out the link key in just 0.06 seconds on a Pentium IV-enabled computer, and 0.3 seconds on a Pentium-III

 

Convert Your XBOX to NAS

• 
• 

Details

Category: HowTo

Published on Sunday, 29 January 2006 00:00

Written by Administrator

Hits: 18292

Tomshardware has an interesting articles for all XBOX modder which prefer having an original Network attached Storage instead of a game machine.

With the arrival of the Xbox360, there will soon be a buyer's market for its older sibling. Kevin Herring shows how to give an Xbox a new lease on life as a full-featured NAS.

• Part 1, convert Your XBOX to NAS
• Part 2, convert Your XBOX to NAS
• Part 3, convert Your XBOX to NAS
  

{mosgoogle}

Xbox 360 is running Linux?

• 
• 

Details

Category: Microsoft XBOX 360

Published on Thursday, 04 January 2007 21:18

Written by Administrator

Hits: 7695

From XBOX-SCENE forums

" An anonymous person at the German 23C3 Hacker Congress showed what could be an Xbox360 hack/exploit during one of the 'Lightning Talks'. Lightning Talks is a daily event at Chaos Communication Congress (C3/CCC). It consists in one hour of several short (limited to 5mins) talks.

In a very short presentation a masked 'hacker' showed an Xbox 360 booting up King Kong (the game, by ubisoft). After loading the game a screen pops up showing an Xbox 360 logo, a Mac logo and Tux (the Linux Penguin) and the words "coming soon...". I also noticed a small PCB is hanging out of his Xbox360 and he's using a laptop (Apple Macbook pro?), but it's not really clear what he's doing with it.
Those who followed hacking discussions might remember hackers did some research around the vector shaders in the King Kong demo on the Xbox 360 Kiosk Disc (that ran from recordable media). The demo (and final game too) allow to modify the shaders (they are not checked/signed). However no exploit to take control of the machine was found back then ... so either this hacker found something here, or he's just showing us his custom modified shaders ;)
That's all the details we got for now.

If you don't believe the presentation was really given at 23C3, you can download the +560MB WMV video of the complete 'Lightning Talks' Day4 from the CCC mirrors (direct: mirror1, mirror2, mirror3, mirror4, mirror5, mirror6, mirror7). Forward to the 5th presentation and you'll find it there. However note that the video encoding is far from perfect and the audio seems to be broken/missing. The youtube video below shows just the Xbox 360 presentation, with audio:

UPDATE1! Here are some updates from stuff people posted on our forums.
Here's another footage of the presentation filmed by someone in the public.

Some high-res pictures of the presentation. A bit easier to see that small PCB here. Pictures by Darkman at c3f2m.de:

Also interesting is the official description of the presentation on the CCC schedule site:
[QUOTE]
Title: Consolen Hacking Suprise (XBox360)
Language: German
Speaker(s): Anonym
Description: The XBox360 was live hacked in front of the audience - running Linux and Mac OS coming soon. Stay tuned - a Linux kernel is already booting..
[/QUOTE]
"

How to extract content from protected PDF

• 
• 

Details

Category: Hacking

Published on Sunday, 04 July 2010 15:19

Written by Administrator

Hits: 6119

Some PDFs on the internet have a copy protection to make sure you cannot copy-paste any content from the PDF into a document you're writing. Defeating this protection is very easy as you will see in this post.

I will use a combination of Open Source tools to extract the content of a protected PDF..

Read more: How to extract content from protected PDF

Raspberry Pi model B

• 
• 

Details

Category: Linux

Published on Tuesday, 19 February 2013 20:39

Written by Administrator

Hits: 687

Some notes about my experience using the Raspberry Pi model B…and you get it running Linux Debian on it!

The Raspberry Pi is a credit-card sized computer that plugs into your TV and a keyboard. It’s a capable little PC which can be used for many of the things that your desktop PC does, like spreadsheets, word-processing and games. It also plays high-definition video. We want to see it being used by kids all over the world to learn programming.

[…]

We don’t think that the Raspberry Pi is a fix to all of the world’s computing issues; we do believe that we can be a catalyst. We want to see cheap, accessible, programmable computers everywhere; we actively encourage other companies to clone what we’re doing. We want to break the paradigm where without spending hundreds of pounds on a PC, families can’t use the internet. We want owning a truly personal computer to be normal for children. We think that 2012 is going to be a very exciting year. [About Raspberry PI]

Read more: Raspberry Pi model B

How to Install vShare on iPhone & iPad

• 
• 

Details

Category: Cellphones

Published on Monday, 18 March 2013 20:08

Written by Administrator

Hits: 551

Disclaimer: I don’t recommend vShare or any other alternatives to Install .IPA files.  The only reason of this post is to help users try out paid apps before they decide to purchase them. This post do not support piracy or piracy-related apps.

I recommend you to use instead Android since you can test any paid application for 24h and get a refund if you are not satisfied!

You will need:

• Jail broken iPhone/iPad (Use Evasion)
• Cydia installed

Only 2 steps are required

1. Install AppSync
2. Install vShare

AppSync

• Is a package that Cydia asks you to install if you want to install Installous/vShare.
• Allows users to sync and install cracked App Store applications to your iOS device.
• Works by patching the Mobile Installation file on the iOS firmware which is needed to install .ipa files (App Store Apps) without going through iTunes.
• Is only available through an external repository that must be added to Cydia.

Install

1. Open Cydia
2. Go to Manage -> Sources -> Edit -> and tap on Add
3. Type repo.hackyouriphone.org and tap on Add Source to add the repo
4. Now search for “AppSync for iOS 6″  and install it

 

vShare

After you’ve installed AppSync, do the following:

• Open Safari
• Visit http://v.appvv.com/en/
• Click Download/Install vShare to install vShare
• Once installed, vShare will show up as an icon on the home screen

Enjoy!