Dissertation: security analysis of contactless payment cards

Here’s an interesting academic document we found related to hardware hacking. In this published doctoral dissertation, Timo Kasper from the Ruhr-University Bochum, Germany, presents in detail his efforts in analyzing the security of Mifare smart cards. “The tools are first employed for analyzing a contactless payment application, which is based on Mifare Classic technology, with […]

CCC Video: Extracting keys from FPGAs, OTP tokens and door locks

This presentation on extracting keys from FPGAs, OTP Tokens and door locks is from the recent Chaos Communications Conference (CCC) in Hamburg, Germany. In it David briefly introduces implementation attacks and side-channel analysis (SCA) in particular, along with related methods to bypass security mechanisms and extract secret keys. “The main focus is on three case […]

Decoding radio-controlled bus stop displays

Oona Räisänen (a/k/a Windytan) is a self-taught signals and electronics hacker from Helsinki, Finland, who is fascinated by mysteries, codes and ciphers, and vintage tech. She’s previously written regarding the use of digital transmissions carried on FM broadcast subcarriers as a means of supplying data to digital information signs used at bus stops.

EFERGY E2 Classic FSK decoding using RTL-SDR and R-Pi

Nathaniel Elijah has posted the a complete working prototype of an EFERGY E2 CLASSIC Transmission decoder using a Raspberry Pi and RTL-SDR USB Dongle. The EFERGY E2 Classic is an electrical usage monitor which displays information received from associated wireless energy sensors. Nathaniel writes, “It is now possible to capture those 10s to 20s power […]

Video: Multiplexed Wired Attack Surfaces

In this presentation from the recent Toorcon 15 in San Diego, CA, Michael Ossmann and Kyle Osborn detail their efforts in hacking cellphones via multiplexed USB signals. Manufacturers of mobile devices often multiplex several wired interfaces onto a single connector. Some of these interfaces, probably intended for test and development, are still enabled when the […]

Video: Reversing Tire Pressure Monitors with SDR

In this presentation from the recent Toorcon 15 in San Diego, CA, Jared Boone, co-developer of the HackRF SDR detailed his efforts in reversing tire pressure monitors found on most vehicles. Tire Pressure Monitoring Systems (TPMS) are present on all US automobiles sold as of 2008. This talk, given at ToorCon 15 in San Diego, […]

Reversing CedarX and open Allwinner driver

Tsvetan reports some good news for the open source community: a group of hackers (jemk, wingrime, nove) worked on the reverse engineering of CedarX and an open source driver for Allwinner chips is on the way! Details on these efforts and links can be found at Olimex. Via the contact form.

44CON to include HackRF presentation

We understand that Michael Ossmann will deliver a talk entitled ” Reverse Engineering with HackRF” at the 44CON conference. This talk will consist of one long demonstration of how to use HackRF to reverse engineer a proprietary radio system. 44CON is an annual Information Security Conference and Training event taking place in London. Designed to […]

Video: Blackbox JTAG Reverse Engineering

Felix Domke has been working on reverse engineering blackbox devices using the JTAG interface and presented this talk at the 26C3 Chaos Communications Congress conference. JTAG is an industry standard for accessing testmode functionality in almost any complex microchip. While the basics of JTAG are standardized, the exact implementation details are usually undocumented. Nevertheless, JTAG […]

rompar: a tool to analyze masked ROMs

You may have seen those highly magnified photos of decapped chips displaying the hardware architecture and wondered what information is represented by the solder-like designs. Adam “Major Malfunction” Laurie of Aperature Labs has developed a software tool to assist in deciphering the bits represented in these highly magnified chip photos. Known as rompar, its a […]

OISF 2013 video: reverse engineering demystified

Chris Eagle is a Senior Lecturer of Computer Science at the Naval Postgraduate School (NPS) in Monterey, CA and worked as a computer engineer/scientist for 28 years. In this video he gives a step by step introduction to the process of software reversing and vulnerability discovery. Chris is a co-author of Gray Hat Hacking and […]

Hacking wireless radiator valves with GNU Radio

In an effort to better proportion the heating system in his house, Mike Stirling decided to use Conrad FHT8V wireless thermostatic radiator valves (TRVs) to control heat distribution in zones. He decided to analyze the valve’s 868 MHz control signals using his RTL-SDR dongle and GNU Radio. After discovering that the protocol uses simple on-off […]

Reverse engineering a wireless burglar alarm

Cybergibbon has been working on reversing the digital protocol used by a wireless alarm system he recently acquired. He began by observing the alarm sensor’s signal using first an RF Explorer, then using RTL-SDR and SDR# to record the signal, which he analyzed with Audacity. Next, he cracked open the sensor itself to investigate the […]

Free PDF of “Hacking the Xbox” in honor of Aaron Swartz

Our friend Andrew “bunnie” Huang along with No Starch Press have decided to release a free ebook version of Hacking the Xbox in honor of Aaron Swartz. Bunnie writes, “As you read my book, I hope that you’ll be reminded of how important freedom is to the hacking community and that you’ll be inclined to […]

HexBugs dissected and modded

HexBugs are a product of Innovation Labs First, Inc. which retail for about $11 pretty much everywhere electronic gadgets are sold. They are a tiny robotic crawling device with a minimal ability to sense sound and proximity and react in a simplistic preprogrammed manner to avoid obstructions. As purchased, they have no provision for modding […]

Blackhat video: deconstructing a secure processor

This video of Chris Tarnovsky’s 2010 Blackhat Conference was recently posted. Chris is with Flylogic Engineering, LLC, which conducts security analyses of semiconductors. He describes the presentation, “From start to finish, we will walk through how a current generation smartcard was successfully compromised. The talk will discuss everything that was required in the order the […]

OWASP AppSecUSA 2012: reverse engineering .NET applications

Last October the Open Web Application Security Project (OWASP) AppSecUSA 2012 conference was held in Austin, Texas. In this conference video Jon McCoy presents the practical information on reverse engineering .NET Framework Desktop Software. The presentation goes beyond basics to illustrate modification of security areas of apps. The speech is intended to give a security […]

DEFCON 20: Hacking [Redacted] Routers

At last summer’s DEFCON 20 conference, speakers FX and Greg gave this presentation on exploring Huawei routers. These devices are growing in market share in many countries, even used by tier one ISPs. They explore the device’s software platform and security, highlighting the architecture, configurations and services available as well as summarizing their efforts in […]

SkyDogCon 2012 : Cryptanalysis of the enigma

At the recent SkyDogCon conference, Bob Weiss and Benjamin Gatti presented this talk analyzing Enigma, the World War II era Nazi encryption machine. The encryption theory behind Enigma is covered, including a detailed under-the-hood view of a typical device. Finally, a demo is conducted using a laptop in an effort to crack an Enigma message. […]