Wireless keyboard security

Filed under:Hardware — posted by Consultant on April 1, 2008 @ 1:07 pm

Recently a new thread in the pentest mailing list (pen-test@securityfocus.com) related to wireless keyboard security was started. Quite interesting given that several different responses included a wide range of resources. So I thought I would grab them all and store them somewhere (here) for the future in case I ever need it.

The thread can be found online here:

http://www.securityfocus.com/archive/101/490080/30/0/threaded 

The links include:

http://www.wartyping.com/  and http://www.wartyping.com/?page=links

WarTyping is the act of location, and interception of radio signals transmitted by wireless keyboards onto the public airwaves by driving / walking around with the appropriate equipment.”

http://www.symantec.com/enterprise/security_response/weblog/2007/12/why_did_my_nextdoor_neighbor_e.html Why Did My Next Door Neighbor Erect a 50-Foot Radio Antenna? Wireless keyboards have been around for several years. After developing the first series of infrared devices, vendors have developed radio-based keyboards that run at 27 MHz.

http://seclists.org/basics/2005/Mar/0420.html

Security Basics: Wireless Keyboard Security

http://seclists.org/fulldisclosure/2008/Mar/0162.html

Full Disclosure thread: Wireless keyboard insecurity - any secure one available?

http://www.zdnet.com.au/news/security/soa/Microsoft-wireless-keyboard-hacked-from-50-metres/0,130061744,339284328,00.htm

Microsoft wireless keyboard hacked from 50 metres

http://www.dreamlab.net/download/articles/27_Mhz_keyboard_insecurities.pdf

27 MHz Keyboard Insecurities

http://www.remote-exploit.org/advisories/27Mhz_Analyzing.pdf

Analyzing 27 MHz keyboards

Later,

Magnetic card technology - going back to 1992

Filed under:Hardware — posted by Consultant on January 9, 2008 @ 7:28 am

And then again! I suddenly got interested in old technology. I found this excellent article that was published back on Phrack’s magazine #37 in 1992 called “Card-O-Rama: Magnetic Stripe Technology and Beyond” - which really gets you into magnetic card technology.

If you never cared about how the 1 to 3 magnetic stripes on the back of your credit card, supermarket card, .. work, then you better start reading this somewhat old but somewhat up-to-date paper :)

You should use this article along with some other sources of information - I’ll give you some wikipedia links too. Unlike with barcodes, if you want to get the technology you need to start _researching_ around with this, you’re going to get a headache. There are somewhat cheap magnet card readers out there… but I hope you weren’t thinking of using your laser printer to print the 3 stripes on the back of a blank card. In case you want to create your own cards, you need to get a card writer, and that’s where the headache starts.

A dozen of years ago if you wanted to get a writer you would get lots of questions in return. Why? Who are you? With what purpose? Now in 2007 it changed… a little. You can go ahead and find reader/writers on eBay but look at the damn prices! You may not get questions in return but you get high prices to keep you from buying any. But then again, if you REALLY want to start learning, you need to give some cash.

I found a model @ eBay called MSR 206 which is around ~400 bucks in the US and probably turns a lot more expensive anywhere else other than Taiwan :) Here’s the link.

http://search.ebay.com/search/search.dll?sofocus=bs&satitle=MSR206

So getting back to the documents, here’s the Phrack article:

“A Day in the Life of a Flux Reversal”
http://www.phrack.org/issues.html?issue=37&id=6#article

And a wikipedia entry:

“Magnetic stripe card”
http://en.wikipedia.org/wiki/Magnetic_stripe_card

Keep on learning!

Hacking Barcode technology

Filed under:Hardware — posted by Consultant on @ 7:10 am

A few days ago I found the following presentation by FX of Phenoelit @ the Chaos Communication Congress related to Barcode technolgy in 1D and 2D format. The one dimensional format is the typical format you’re most familiar with, mostly used to tag books and originally created to tag Cars. And then the 2D format is the latest one, also called matrix code (rings a bell?) and for both the 1-D and 2-D there are several interesting variations. For instance, “Data Matrix” is a type of 2-D code where using white and black squares you can get data in forms of ASCII art.

Anyhow, once you read the following PDF it gets you thinking. How old and usually vulnerable this technology is and then again how much we use it. And *for experimental, research and educational purposes only* what kind of projects you could start working on.

Along with the PDF I include a couple of links. Getting a barcode reader is very cheap and your local laser printer can most likely print any barcodes you want.

So once in a while it’s nice to leave the web aside and focus your mind on other technology.

The PDF I just mentioned can be found at the following page:

http://events.ccc.de/congress/2007/Fahrplan/events/2273.en.html

Take a look at the following definitions:

http://en.wikipedia.org/wiki/Barcode

http://en.wikipedia.org/wiki/Data_Matrix

http://en.wikipedia.org/wiki/Aztec_Code

You have at wikipedia a whole list of links to the different variations of 1-D and 2-D barcode symbols.



image: detail of installation by Bronwyn Lace