«
Expand/Collapse
113 items tagged "card"
Related tags:
credit [+],
security [+],
Wireless [+],
sql [+],
rfid [+],
network [+],
laptop [+],
chaos communication congress [+],
bt4 [+],
wireless cards [+],
smart card readers [+],
reader [+],
quot [+],
greeting [+],
classic [+],
chaos communication camp [+],
bt3 [+],
working [+],
usb wireless [+],
txt [+],
steven j. murdoch tags [+],
smart [+],
sharj [+],
sd card [+],
problem [+],
potential security vulnerability [+],
microcontrollers [+],
malware [+],
linux [+],
hp procurve [+],
hackers [+],
grering [+],
greeting card [+],
europe [+],
compact flash card [+],
business [+],
bank [+],
authentication [+],
Support [+],
NON [+],
Hardware [+],
General [+],
wpn [+],
wifi [+],
usa [+],
tokens [+],
taiwan [+],
taipei [+],
system [+],
sql injection [+],
smart card reader [+],
smart card chips [+],
smart card [+],
skimming [+],
serial number [+],
remote shell [+],
ralink [+],
radio [+],
public transportation services [+],
protocol [+],
player [+],
pcs [+],
opensc [+],
openct [+],
number [+],
netgear [+],
ndiswrapper [+],
multiple buffer overflow [+],
misc [+],
microcontroller [+],
interface [+],
integer overflow vulnerability [+],
information [+],
hxxp [+],
harald welte [+],
hackaday [+],
failure scenarios [+],
digital [+],
cryptography [+],
cryptographic protocol [+],
cryptographic primitives [+],
credit card hacker [+],
credit card [+],
compaq [+],
chip authentication [+],
ccid [+],
card skimming [+],
capital taipei [+],
buffer overflow vulnerabilities [+],
broadcom [+],
black hat [+],
authentication tokens [+],
audio [+],
atheros [+],
asia [+],
application [+],
api interface [+],
andrew [+],
analysis [+],
alfa [+],
Software [+],
Related [+],
Issues [+],
Howto [+],
hacks [+],
zen [+],
zach charat [+],
wusb [+],
wpa supplicant [+],
wireless network card [+],
wireless lan card [+],
wireless extension [+],
wireless card [+],
wireless 2200bg [+],
will [+],
wiki [+],
wifi card [+],
wep keys [+],
wep key [+],
wep [+],
way [+],
watchdog [+],
vmware [+],
virus [+],
virtualbox [+],
virtual credit card [+],
vinod [+],
video card [+],
video [+],
vga signals [+],
vga [+],
vdi [+],
using linux [+],
usb tv tuner card [+],
usb tv tuner [+],
usb protocol [+],
usb [+],
upload [+],
underground [+],
ubiquity [+],
type [+],
tv tuner card [+],
tv dish [+],
tut [+],
tuner [+],
transplant [+],
traffic [+],
thanks in advance [+],
thailand [+],
support amd [+],
supermarket chain [+],
stripe reader [+],
storage business [+],
storage [+],
ssid [+],
sr 1 [+],
spoofer [+],
sponges [+],
south africa [+],
sony laptop [+],
something simple [+],
someone [+],
snap [+],
smart phones [+],
smart card writer [+],
smart card security [+],
smart card reader writer [+],
smart card payments [+],
slot [+],
slides [+],
slammer [+],
single chip [+],
sim cards [+],
sim card [+],
sim [+],
silk screen [+],
shop [+],
servo motor [+],
servo [+],
server x [+],
security protocols [+],
security authors [+],
sd cards [+],
sd card slot [+],
script sql [+],
screen error [+],
scott [+],
scammer [+],
scam o [+],
roof gutter [+],
roland cr [+],
roland cr [+],
rj 45 [+],
risk [+],
remote [+],
realtek semiconductor [+],
radio type [+],
radio tuner [+],
quick [+],
question [+],
pwm signal [+],
pwm [+],
punch cards [+],
punch card [+],
punch [+],
proximity card [+],
proximity [+],
program settings [+],
presario [+],
practice [+],
pov [+],
post [+],
port [+],
pin [+],
phil [+],
penchant [+],
pcmcia card [+],
pci [+],
pc communication [+],
part [+],
parallel ports [+],
orload [+],
o matic [+],
niggling [+],
network interfaces [+],
netgear wpn111 [+],
netgear inc [+],
necessary connections [+],
navic [+],
national id card [+],
national [+],
nat [+],
nail polish remover [+],
my question [+],
my backtrack [+],
musical greeting cards [+],
musical greeting card [+],
musical [+],
motor [+],
mini [+],
midi input [+],
midi [+],
mid nineties [+],
microsd cards [+],
michael l. davis tags [+],
memory card [+],
memory [+],
memebership [+],
mechanical engineer [+],
matic [+],
mass storage device [+],
mass [+],
marc witteman [+],
magnetic stripe reader [+],
magnetic card reader [+],
magnetic card [+],
machine [+],
mac [+],
m arp [+],
losses [+],
londoners [+],
linux kernel [+],
linux device [+],
linux desktop [+],
links [+],
lee hart [+],
led [+],
lawmakers [+],
laptops [+],
lap [+],
lan card [+],
lan [+],
knopix [+],
kismet [+],
jumper wires [+],
jon [+],
johannesburg south africa [+],
johannesburg [+],
java event [+],
java card [+],
java [+],
ivs [+],
ive [+],
isa connector [+],
isa [+],
ipod touch [+],
ipod [+],
ipadress [+],
invented [+],
internet [+],
intel r pro wireless 2200bg network connection [+],
intel [+],
inspiron [+],
information disclosure vulnerability [+],
hp compaq nc 6220 [+],
hp 510 laptop [+],
hotels [+],
host machine [+],
hope [+],
hey guys [+],
heavy lifting [+],
hardware portion [+],
hallmark store [+],
hallmark [+],
h. p. friedrichs [+],
graphics card [+],
graphic card driver [+],
googled [+],
google search results [+],
google [+],
gigabyte [+],
gigabit network [+],
gigabit ethernet controller [+],
german bank [+],
german [+],
garage [+],
games [+],
gameboy [+],
game boy [+],
game [+],
ftc charges [+],
fraud [+],
frank zhao [+],
fan control [+],
fan [+],
eyeing [+],
extreme air [+],
extradition [+],
exposed [+],
ettercap [+],
ethernet [+],
eth [+],
emv [+],
ebay [+],
dwl g520 [+],
drum sounds [+],
distro [+],
dish antenna [+],
dish [+],
discrete components [+],
digital audio player [+],
different things [+],
details [+],
dell [+],
deduct [+],
debian [+],
dave and buster [+],
dave and [+],
data [+],
darrell [+],
d link [+],
custom business card [+],
custom [+],
credit card terminal [+],
credit card numbers [+],
credit card hackers [+],
credit card details [+],
credit card clearing [+],
craig [+],
cosmac elf [+],
converting [+],
content [+],
compaq presario [+],
compaq laptop [+],
communication protocols [+],
communication [+],
cmos chip [+],
clearing house [+],
chris [+],
chip [+],
charat [+],
cellphones [+],
cellphone battery [+],
catid [+],
card shop [+],
card script [+],
card reader writer [+],
card reader [+],
card data [+],
caper [+],
cant [+],
canada [+],
cabal [+],
buster [+],
business card [+],
buffer space [+],
bruce potter [+],
breach [+],
boy [+],
board fabrication [+],
board [+],
blippy [+],
ben nanonote [+],
banking fraud [+],
banking [+],
bank card [+],
bank accounts [+],
b pci [+],
awus [+],
authors [+],
attiny [+],
attack [+],
ati [+],
atheros wireless [+],
atheros communications inc [+],
arp [+],
approves [+],
anyone [+],
android [+],
ancient computer [+],
amp [+],
amazon [+],
alpha [+],
alex [+],
airo [+],
aireplay [+],
aircrack [+],
agn [+],
act [+],
acetone [+],
Release [+],
Idiots [+],
Corner [+],
029 keypunch [+],
Newbie [+],
Area [+],
BackTrack [+],
vulnerability [+]
-
-
![Permalink for '[Video] Reviving smart card analysis'](/themes/lilina/web//media/mark_off.gif)
21:32
»
SecDocs
Authors:
Karsten Nohl Tags:
smart card Event:
Chaos Communication Camp 2011 Abstract: Smart cards chips – originally invented as a protection for cryptographic keys – are increasingly used to keep protocols secret. This talk challenges the chips' security measures to unlock the protocols for public analysis. Hardened security chips are protecting secret cryptographic keys throughout the virtual and physical worlds. These smart card chips are found in banking cards, authentication tokens, encryption appliances, and master key vaults. The protection capabilities of the chips is increasingly used to also keep secret application code running on the devices. For example, the protocols of modern EMV credit cards are not publicly known. Such obscurity is hindering analysis, hence letting logic and implementation flaws go unnoticed in widely deployed systems, including credit card systems. We demonstrate a method of extracting application code from smart cards with simple equipment to open the application code for further analysis.
-
21:32
»
SecDocs
Authors:
Karsten Nohl Tags:
smart card Event:
Chaos Communication Camp 2011 Abstract: Smart cards chips – originally invented as a protection for cryptographic keys – are increasingly used to keep protocols secret. This talk challenges the chips' security measures to unlock the protocols for public analysis. Hardened security chips are protecting secret cryptographic keys throughout the virtual and physical worlds. These smart card chips are found in banking cards, authentication tokens, encryption appliances, and master key vaults. The protection capabilities of the chips is increasingly used to also keep secret application code running on the devices. For example, the protocols of modern EMV credit cards are not publicly known. Such obscurity is hindering analysis, hence letting logic and implementation flaws go unnoticed in widely deployed systems, including credit card systems. We demonstrate a method of extracting application code from smart cards with simple equipment to open the application code for further analysis.
-
-
15:22
»
SecDocs
Authors:
Torbjörn Lofterud Tags:
credit card PCI DSS compliance Event:
Chaos Communication Camp 2011 Abstract: The PCI DSS standard require strong cryptography or secure hashing as ways to protect cardholder information. But one important factor is missing; detailed instructions for how to correctly apply cryptography to credit card numbers. The primary objective of the Payment Card Industry Data Protection Standard (PCI DSS) is to safeguard cardholder information such as the Primary Account Number (PAN) and the sensitive authentication data (CVV2, Track 1 and 2). Chapter 3.4 deals with the details regarding encryption and key management. > 3.4 Render PAN unreadable anywhere it is stored (including on portable digital media, > backup media, and in logs) by using any of the following approaches: > * One-way hashes based on strong cryptography > * Truncation > * Index tokens and pads > * Strong cryptography with associated key-management processes and procedures What constitutes strong cryptography is further detailed in the glossary and in the PCI SSC FAQ documents as well as in periodic communication to security assessors. But one important factor is missing from the communication; the modes of operation for the cryptographic primitives. The PCI DSS glossary specifically mentions AES, 3DES, RSA, ECC, Elgamal and SHA1 as “industry-tested and accepted standards and algorithms for encryption” but fails to address important issues such as RSA padding and cipher block chaining for 3DES and AES. The requirements are quite clear on the fact that encryption and hashing needs to be implemented properly, but gives little guidance to developers or assessors as to what strong cryptography actually means. There are at least three different scenarios where cardholder information appears to be protected in compliance with the standard but remains vulnerable if disclosed. This presentation describes attacks for common failure scenarios when encrypting credit card information.
-
15:04
»
SecDocs
Authors:
Torbjörn Lofterud Tags:
credit card PCI DSS compliance Event:
Chaos Communication Camp 2011 Abstract: The PCI DSS standard require strong cryptography or secure hashing as ways to protect cardholder information. But one important factor is missing; detailed instructions for how to correctly apply cryptography to credit card numbers. The primary objective of the Payment Card Industry Data Protection Standard (PCI DSS) is to safeguard cardholder information such as the Primary Account Number (PAN) and the sensitive authentication data (CVV2, Track 1 and 2). Chapter 3.4 deals with the details regarding encryption and key management. > 3.4 Render PAN unreadable anywhere it is stored (including on portable digital media, > backup media, and in logs) by using any of the following approaches: > * One-way hashes based on strong cryptography > * Truncation > * Index tokens and pads > * Strong cryptography with associated key-management processes and procedures What constitutes strong cryptography is further detailed in the glossary and in the PCI SSC FAQ documents as well as in periodic communication to security assessors. But one important factor is missing from the communication; the modes of operation for the cryptographic primitives. The PCI DSS glossary specifically mentions AES, 3DES, RSA, ECC, Elgamal and SHA1 as “industry-tested and accepted standards and algorithms for encryption” but fails to address important issues such as RSA padding and cipher block chaining for 3DES and AES. The requirements are quite clear on the fact that encryption and hashing needs to be implemented properly, but gives little guidance to developers or assessors as to what strong cryptography actually means. There are at least three different scenarios where cardholder information appears to be protected in compliance with the standard but remains vulnerable if disclosed. This presentation describes attacks for common failure scenarios when encrypting credit card information.
-
-
13:00
»
Hack a Day
[Vinod] sent in a very cool build he says is somewhat of a ‘mad project’: he mounted an MMC and SD card under Linux using the parallel port on his computer. Even though parallel ports are getting rarer these days, we absolutely love [Vinod]‘s dedication and willingness to dig around the Linux kernel. The hardware portion of the [...]
-
-
21:40
»
SecDocs
Authors:
Harald Welte Tags:
RFID bank Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: How to reverse engineer the data format of a real-world RFID based debit card system. One of Asia’s most popular electronic payment systems uses insecure technology. The EasyCard system, established in 2001, is the most popular stored-valued card in Taiwan. With more than 18 million issued cards, it is the predominant means of paying for public transportation services in the capital Taipei. In 2010, use of the EasyCard was extended beyond transportation. Card holders can now pay in all major convenience stores like 7eleven, coffe shops like Starbucks and and major retail companies like SOGO. Despite the large fraud potential, the EasyCard system uses the MIFARE Classic RFID technology, whose proprietary encryption cipher CRYPTO1 relied on obscurity and was first publicly broken several years ago at 24C3 This presentation analyzes the results of combining the practical attacks on the MIFARE Classic CRYPTO1 system in the context of the EasyCard payment system. It describes the process of reverse- engineering the actual content of the card to discover the public transportation transaction log, the account balance and how the daily spending limit work. Furthermore, the talk will present how fundamentally flawed the system is, and how easy it is to add or subtract monetary value to/from the card. Cards manipulated as described in the talk have been accepted by the payment system.
-
21:40
»
SecDocs
Authors:
Steven J. Murdoch Tags:
bank smart card Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation. Known to bank customers as “Chip and PIN”, it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN. In this paper we describe and demonstrate a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card’s PIN, and to remain undetected even when the merchant has an online connection to the banking network. The fraudster performs a man-in-the-middle attack to trick the terminal into believing the PIN verified correctly, while telling the issuing bank that no PIN was entered at all. The paper considers how the flaws arose, why they remained unknown despite EMV’s wide deployment for the best part of a decade, and how they might be fixed. Because we have found and validated a practical attack against the core functionality of EMV, we conclude that the protocol is broken. This failure is significant in the field of protocol design, and also has important public policy implications, in light of growing reports of fraud on stolen EMV cards. Frequently, banks deny such fraud victims a refund, asserting that a card cannot be used without the correct PIN, and concluding that the customer must be grossly negligent or lying. Our attack can explain a number of these cases, and exposes the need for further research to bridge the gap between the theoretical and practical security of bank payment systems. Smart cards have gradually replaced magnetic strip cards for point-of-sale and ATM transactions in many countries. The leading system, EMV (named after Europay, MasterCard, and Visa), has been deployed throughout most of Europe, and is currently being rolled out in Canada. As of early 2008, there were over 730 million EMV compliant smart cards in circulation worldwide. In EMV, customers authorize a credit or debit card transaction by inserting their card and entering a PIN into a point-of-sale terminal; the PIN is typically verified by the smart card chip, which is in turn authenticated to the terminal by a digital certificate. The transaction details are also authenticated by a cryptographic message authentication code (MAC), using a symmetric key shared between the payment card and the bank that issued the card to the customer (the issuer). EMV was heavily promoted under the “Chip and PIN” brand during its national rollout in the UK. The technology was advertised as a solution to increasing card fraud: a chip to prevent card counterfeiting, and a PIN to prevent abuse of stolen cards. Since its introduction in the UK the fraud landscape has changed significantly: lost and stolen card fraud is down, and counterfeit card fraud experienced a two year lull. But no type of fraud has been eliminated, and the overall fraud levels have actually risen (see Figure 1). The likely explanation for this is that EMV has simply moved fraud, not eliminated it. One goal of EMV was to externalise the costs of dispute from the issuing bank, in that if a disputed transaction has been authorised by a manuscript signature, it would be charged to the merchant, while if it had been authorised by a PIN then it would be charged to the customer. The net effect is that the banking industry, which was responsible for the design of the system, carries less liability for the fraud. The industry describes this as a ‘liability shift’. In the past few years, the UK media have reported numerous cases where cardholders’ complaints have been rejected by their bank and by government-approved mediators such as the Financial Ombudsman Service, using stock excuses such as ‘Your card was CHIP read and a PIN was used so you must have been negligent.’ Interestingly, an increasing number of complaints from believable witnesses indicate that their EMV cards were fraudulently used shortly after being stolen, despite there having been no possibility that the thief could have learned the PIN. In this paper, we describe a potential explanation. We have demonstrated how criminals can use stolen “Chip and PIN” (EMV) smart cards without knowing the PIN. Since “verified by PIN” – the essence of the system – does not work, we declare the Chip and PIN system to be broken.
-
21:40
»
SecDocs
Authors:
Harald Welte Tags:
RFID bank Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: How to reverse engineer the data format of a real-world RFID based debit card system. One of Asia’s most popular electronic payment systems uses insecure technology. The EasyCard system, established in 2001, is the most popular stored-valued card in Taiwan. With more than 18 million issued cards, it is the predominant means of paying for public transportation services in the capital Taipei. In 2010, use of the EasyCard was extended beyond transportation. Card holders can now pay in all major convenience stores like 7eleven, coffe shops like Starbucks and and major retail companies like SOGO. Despite the large fraud potential, the EasyCard system uses the MIFARE Classic RFID technology, whose proprietary encryption cipher CRYPTO1 relied on obscurity and was first publicly broken several years ago at 24C3 This presentation analyzes the results of combining the practical attacks on the MIFARE Classic CRYPTO1 system in the context of the EasyCard payment system. It describes the process of reverse- engineering the actual content of the card to discover the public transportation transaction log, the account balance and how the daily spending limit work. Furthermore, the talk will present how fundamentally flawed the system is, and how easy it is to add or subtract monetary value to/from the card. Cards manipulated as described in the talk have been accepted by the payment system.
-
-
13:33
»
Packet Storm Security Advisories
HP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.
-
13:33
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.
-
13:33
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.
-
-
6:01
»
Hack a Day
[Balint Seeber] just sent in a small yet timely project he’s been working on: a software radio source block for the Realtek RTL2832U. Now with a cheap USB TV tuner card, you can jump right into the world of software-defined radio. [Balint]‘s code comes just a week after hackaday and other outlets posted stories about using a [...]
-
-
7:58
»
Hack a Day
[Navic] added a slew of abilities to his RFID reader. It’s now a full-featured RFID reader and smart card writer with extras. When we looked at it last time the unit was just an RFID and smart card reader in a project enclosure. You could see the RFID code of a tag displayed on the LCD [...]
-
-
15:01
»
Hack a Day
[Andrew] recently got scammed on an SD card purchase and put together a small tool that can help you determine if you’ve had the wool pulled over your eyes as well. You see, he purchased a set of MicroSD cards, all of which had an advertised capacity of 4GiB. When he tried to use them, [...]
-
-
5:01
»
Hack a Day
We’re all familiar with those musical greeting cards. Give the Hallmark store $10, and you have a card with a microcontroller inside that plays one of several songs available. [Jarv] was playing around with translating MIDI tracks to square wave songs with an Arduino earlier, so he decided to see how cheaply he could reproduce [...]
-
-
13:01
»
Hack a Day
Have a penchant for pain? Why not destroy your fingertips with a wire-wrap tool building a video card made entirely out of discrete components. When [Chris] decided to build an entry for the Dangerous Prototypes 7400 logic competition he already had his hands full. The 74xx chips he had on hand had a maximum clock [...]
-
-
11:06
»
Hack a Day
[hedgehoginventions] wrote in to share a little modification he made to his video card in order to keep it from overheating during strenuous 3D tasks. Having swapped out the stock cooler on his Nvidia 9600GT graphics card, he found that it did not need to utilize the fan while doing mundane things like checking email, [...]
-
-
14:01
»
Hack a Day
The usual way send data from a microcontroller is either over RS-232 with MAX232 serial ICs, crystals, and a relatively ancient computer, or by bit-banging the USB protocol and worrying about driver issues. Not content with these solutions, [Scott] came up with sound card μC/PC communication that doesn’t require any extra components. [Scott] bought a [...]
-
-
7:59
»
Hack a Day
[kgsws] just finished his Game Boy upgrade that allows him to load games from an SD card. Loading a game off an SD card has been done before, but [kgsws] decided to not to use a cartridge-based device. In the end, he threw out all the stops and finished his project by having the Game [...]
-
-
12:50
»
Hack a Day
[Navic] wrote in to show us his latest project. This is a portable smart card reader with a nice LCD display. he just happened to have a Basic Stamp 2px, smart card reader, and smart card reader/writer sitting around waiting to be used. What better use than a hand held smart card reader? Tossing the [...]
-
-
8:10
»
Hack a Day
Long before drum machines played samples from an SD card or EPROM, drum sounds were analog – just filtered waveforms and noise. To the modern eye, these are very primitive machines, but for [Andrew], they’re the inspiration for this brilliant hack. [Andrew] took a Roland CR-68 drum machine from 1978 and added MIDI input with the [...]
-
-
8:33
»
Hack a Day
If you’ve got some favorite electronic device that includes an SD card slot but doesn’t have a video out port you may be able to push VGA signals through the card reader conductors. That’s exactly what’s going on above with the Ben NanoNote, a sub-$100 Linux device which we’ve seen using its SD card slot as [...]
-
-
14:01
»
Hack a Day
[Dmitry Gr.] built a simple circuit to playback digital audio. At the center you can see an 8-pin PIC 12F1840 microcontroller. It’s pulling audio data from a microSD card which is read through a full-sized SD card adapter to which he soldered jumper wires for all of the necessary connections. There is one additional semiconductor, [...]
-
-
12:00
»
Hack a Day
Some say that handing out business cards is an antiquated practice due to the ubiquity of smart phones which can be used to trade or record contact information in mere moments. Instructables user [sponges] however, doesn’t agree and is pushing a “business card renaissance” of sorts with his POV business card. Hand-built in his basement, [...]
-
-
11:05
»
Hack a Day
[Jarrod] has an older Compaq laptop he is still pretty keen on, but he has one niggling problem – the laptop doesn’t have a built-in wireless card. He recently changed security protocols on his home wireless network to WPA and realized that his old Linksys PC card only supports WEP. He decided it was time [...]
-
-
9:00
»
Hack a Day
Apparently some of the traffic lights in Johannesburg, South Africa have SIM cards in them to help maintain the network without a physical connection. Now that’s some and not all, but apparently thieves have learned that the SIMs can be used in cell phones to make anonymous and unlimited calls. Officials are convinced that the [...]
-
-
8:20
»
Hack a Day
About thirty years ago [H. P. Friedrichs] pulled off a hack that greatly improved the process of programming with punch cards. At the time, his school had just two IBM 029 keypunch machines. One of them is shown in the upper right and it uses a keyboard to choose which parts of each card should [...]
-
-
4:01
»
Packet Storm Security Recent Files
OpenCT implements driver and middle-ware for smart card readers. OpenCT drivers can be used via the ct-api interface, the ifdhandler interface, or its own interface/middle-ware. It implements drivers for several USB crypto tokens, USB smart card readers, serial smart card readers, and PCMCIA smart card readers.
-
4:01
»
Packet Storm Security Misc. Files
OpenCT implements driver and middle-ware for smart card readers. OpenCT drivers can be used via the ct-api interface, the ifdhandler interface, or its own interface/middle-ware. It implements drivers for several USB crypto tokens, USB smart card readers, serial smart card readers, and PCMCIA smart card readers.
-
-
14:26
»
Hack a Day
If your board fabrication and soldering skills are up to it, you can make your own tiny MP3 player. This rendition is just about half again as large as a standard SD card, whose slot is on the bottom of the board seen above. The heavy lifting is taken care of by a VS1011 MP3 [...]
-
-
7:00
»
Hack a Day
[Craig's] magnetic card spoofer is both simple and brilliant. There are two parts to spoofing these cards and he took care of both of them. The first part is getting the actual card data. He designed the spoofer board with a header that connects to a card reader for doing this. The second part is [...]
-
-
8:11
»
Hack a Day
[Frank Zhao] put together a USB business card. It’s even got the instructions printed right on the silk screen of the PCB explaining how it should be used. He based the design around an AVR ATtiny85 microcontroller. It runs the V-USB package that handles USB identification and communication protocols. The rest of the hardware is [...]
-
-
14:00
»
Hack a Day
Cards you should crank These greeting cards must be the product of a mechanical engineer run amok. They come with a crank and are designed to entertain with their simple, yet elegant movements. [Thanks Phil] Magnetic card stripe reader [JP] built an Arduino based magnetic card reader. It uses off-the-shelf parts but if you don’t [...]
-
-
12:23
»
remote-exploit & backtrack
Hi all, quick question. I configured kismet to work with my Alfa AWUS036H USB wireless card with these configurations...
Code:
source=rt8180,wlan0,ALFA
Kismet starts up fine, but it doesn't detect any APs. Does anyone know what might be the problem? I've got it to work when I ran Linux as a host machine. But now it's running in a VM. But I hardly think that could be the problem because I let the VM take control of the card. Any suggestions? Thanx in advance.
-
-
7:45
»
Hack a Day
In an act of retro revival, [Lee Hart] has created this “Membership Card“, an altoid tin sized tribute to the 1802 CMOS chip. Made popular in the late 70s in the RCA COSMAC ELF computer, the 1802 stole many a hackers heart. There’s tons of information available if you explore the site, from history to [...]
-
-
6:00
»
Hack a Day
Here’s a hack that makes business sense. [PT] recalls last year’s HOPE conference when their booth was using a virtual credit card terminal for purchases that required manual entry of card information. This year they’ll have the same virtual terminal but this magnetic stripe reader will fill it out automatically. A magstripe reader (reading only, [...]
-
-
8:00
»
Hack a Day
[Zach Charat] didn’t want to carry around yet another card with him so he transplanted the RFID guts from his card to his phone. Soaking the card in nail polish remover for twelve hours got him nowhere, but when he broke out the acetone the card was falling apart in 30 seconds. Above you can [...]
-
-
1:56
»
remote-exploit & backtrack
Hello guys , i need some help some informations , i just got bt4-final install on vmware but my Netgear card dont wont to work with airmon-ng ..
here some informations of the card
1385:5f01 Netgear, Inc WPN111
so my question is how to install with out NDISwrapper .. to get work with airmon/aireplay ..
if anyone sold this problem i apreciet if share it with me ..
PS: sry fo the english ! :)
-
-
9:09
»
Hack a Day
[Alex] had an old FM radio tuner card come his way. It used an ISA connector, a standard that went the way of the dodo in the mid-nineties. With the challenge of implementing an ISA-bus to configure the card he set out on his mission. What he came up with is a working radio using [...]
-
-
10:00
»
Hack a Day
[Darrell] is using a sound card to drive this servo motor. The motor draws power from a cellphone battery with the control signal coming from one of the audio channels. It’s not too surprising that this works since the motor just needs a PWM signal to operate and that’s what is used to create the [...]
-
-
10:09
»
Hack a Day
Just snap off the corners and this business card can be used as a mass storage device. Well sort of. The tab left over has four traces on the back to make it USB compatible. The PIC 24FJ64GB002 microcontroller on the card registers as a storage device and launches [Ramiro's] resume and a cover letter [...]
-
-
11:05
»
remote-exploit & backtrack
My wireless card (atheros ar5007eg) is not discovered by BT4 and so I have been told to use ndiswrapper to resolve the problem.
I have ndiswrapper on my linux desktop so that I may use if for bt4 but I can't get it to work.
help.
-
7:25
»
remote-exploit & backtrack
I have read every thread that relates to my issue (for which there are a few) but so far no luck.
My wireless network card (Atheros AR5007EG) is not picked up by bt4.
I have looked into using ndiswrapper but as I'm not confident with the software I'm not sure I installed it properly.
please help.
-
-
16:39
»
remote-exploit & backtrack
Hello,
I have an Intel WiFi Link 5100 AGN in my Sony laptop. It works in BT4 but in BT3 it doesn't show up for airmon-ng.
Anybody know why?
Thanks
-
-
18:37
»
remote-exploit & backtrack
I have a Inspiron 1525 laptop and the wireless card isnt working or showing up as a interface just like it didnt in bt3 either.
all i know to do is post link to drivers as well but as of right now im not able to post links.
they can be found easily at dell.com
thankyou very much, looking forward to patch!
-
12:39
»
remote-exploit & backtrack
My graphic card is ati radeon hd 4570. i was getting an "no screens found" error message after "startx" and i couldnt be able to get in backtrack. (both 3 and 4). i search this forum and found some fixes. it was the error from graphic card driver, and i install my card driver. AND THIS IS HOW TO:
(FOR THE USB BT USERS. the cd users must remaster their cd.s)
1. Go to ati's site and and download the linuz driver for your ati g.card.
h p:// support. amd. com /us / gpudownload / Pages/ index.aspx
"delete spaces"
2. you will able to download like this : "ati-driver-installer-8-01-x86.x86_64.RUN" . after download , rename it as "ati.run" and copy this file to your BT4/ROOTCOPY folder.
3. boot your BT and write "root-toor" (admin you know). after that, DO NOT "startx". write "cd ..". so you will be in the "rootcopy" folder.
4. then write:
bt ~ #chmod +x ati.run
bt ~ #./ati.run
5. then "enter-enter-enter.." until the installing starts.
6. now write startx and enjoy it. :))
-
9:46
»
remote-exploit & backtrack
ok well my first problem is i dont know how to get it to read my wifi card when i type airmon-ng stop wifi0 it says interface(eth1) chipset(unknown) driver(airo)
when i use my auditor live cd it reads my wifi card and it works ic an use kismet and things like that. but when i boot backtrack on my harddrive it wont read it.
my second thing is more of a question which is when im using my auiditor disc and i trying to send packects and capture them using airforge it says there is no buffer space to send packets or something. im sure these are pretty n00b questions but can somebody please help.
-
2:29
»
remote-exploit & backtrack
Hey guys. This probably isnt the best forum for this type of question but you may be able to lead me to one that might help.
Im currently using BT4 as my OS on a Acer Aspire One netbook.
Im using the Alfa AWUS036H wireless card with the 9db antenna.
When putting the wireless car outside my window and on the roof gutter i notice my old pay tv dish.
This is where i got the idea from. Since my wireless card is clearly not water proof and everything it rains i have to bring it inside.
I want to be able to make a connection from the dish to the wireless card. I can adjust the dish on any angle. The reason i want to do this is that i live on a large property way down the other end from where the main houses wireless system is.
Huge distance my i ad as i drive a car from my little granny flat to the main house.
I need to put the wireless card outside just to pick it up. Inside the house it doesnt pick it up.
What do you guess think of that idea and any ideas on how to go about it?
Im using the RTL8187 drivers not the R8187 drivers since im using it for basic internet.
Any help would be great and a How-to could be made up with crediting to anyone that helps.
Also i just though of its properly not made for a wireless band but could be converted to it somehow.
Thanks in advance.
I was just linked to a site where it gives step by step instructions on how to do it.
http://www.engadget.com/2005/11/15/h...-dish-antenna/
-
-
3:25
»
remote-exploit & backtrack
:mad:
Hi Guys ,
I have Windows Vista as my base operating system , then I loaded VMware and then downloaded the BT4 Final release.
My Lan card is a Intel(R) 82567LM Gigabit Network Connection. Then VMware has created 2 VMware Network Adapters.
I have tried the following to get the LAN working in BT4
1.I have tried setting the card to NAT , using the VMWARE program settings
2. Also tried using the custom settings choosing the vmware adapters.
3.tried using the ifconfig commands to assign an ipadress to the card manually.
Surely this shouldnt be that complicated ? What am I doing wrong here, can someone assist me please.
Thank you
-
-
13:05
»
remote-exploit & backtrack
anyone know or own a wireless card for laptop that work in backtrack including injection.
any suggestions will be appreciated , thank you
-
-
9:21
»
remote-exploit & backtrack
I have hp 6735s laptop. I created bootable usb memory stick and CD with bt3 on it. They are both working on hp 510 laptop, but they don't work on mine!
It says that the operating systeme is up, but it doesn't show desktop. It can't find server X, which is for graphics I think. I also tried to boot knopix from cd, and I get blank screen (it also works on other computers... porblem with graphic card again).
It seems that something is wrong with recognizing my graphic card (ati radeon hd 3200).
I tried commands: xconfig and startx, but it still doesn't help.
Can somebody help me with this?
Thanks! :)
-
-
22:02
»
remote-exploit & backtrack
I have a really good Broadcom based PCMCIA card that works great in Debian (after fwcutter, older kernel) but there is a slight issue in BT4.
The card works in BT4 right after the fresh install but it sees only a half or less of APs that the Intel based card inside the laptop can see. This is odd because normally in Debian or Windows this Broadcom card can detect many more APs than any other card I've ever seen.
I know this is vague but I am looking for any ideas on how to fix this.
-
11:20
»
remote-exploit & backtrack
I am hoping you lot can help me.
I have a slight problem, I can use WepBuster in BT4 and it will see my WLAN card and won't have a problem with hacking WEP keys. Now my problem is, BT4 won't see my WLAN card so I can't connect to the internet within BT4 if that makes sense?
There must be something simple I am doing as WepBuster can actually see and use my card.
I have a: Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Thanks for your help
-
-
7:10
»
remote-exploit & backtrack
hey guys i was hoping if someone could please tell me how to enable orload this driver on bt3 or bt4.
I have Atheros AR5B95
No matter wot i try it says no wireless extension
thanks
-
-
10:51
»
remote-exploit & backtrack
Hi everyone, my wireless card is detecting a wireless AP, but when i try to connect its prompting for an SSID which i cannot crack, properties of the AP detected by my card are as follows
Security type: Unsecured
Radio Type: 802.11b
SSID: Other Network
My card is: Ralink 802.11n Wireless LAN Card im running on Windows7 Ultimate 32-bit
I've researched several topics about cracking SSID and end up downloading MDK3 and AIRCRACK-NG
Appreciate your help in advance :)
-
-
18:36
»
remote-exploit & backtrack
trying to use the ettercap for my wireless card instead of the RJ-45 port. My wireless card is set to eth1. RJ-45 port is eth0. I typed in ettercap -T -q -M ARP // // eth1. And even tried ettercap -T -q -M ARP // // eth0. the RJ-port works fine and I can poison my network. I just need it to be wireless instead of running a cord everywhere.
Plz HELP!
Thanks,
Jon
-
18:06
»
remote-exploit & backtrack
Hi,
I've tried both of this wireless cards and none of them can be recognized by backtrack 4 final version it simply can not be found by system, but when I open in system settings section cales PCI the card is there listed among other pci or agp card. Does anybody know is there driver that supports these card or just one of these cards. I have very good separate directional antena
D-Link ANT24-1200 for d-link card DWL- G520+. I also want to know does any of this PCI wireless card support wireless injection.Thank you very much.
-
-
7:44
»
remote-exploit & backtrack
Good morning!
So here is probably the craziest scenario-
my ALFA AWUS050NH is in monitor mode, but when I run:
# airodump-ng ra0
it only sees ONE wifi network. The same wifi network on EVERY channel, and there's 5 around me, which is so odd..
any ideas?
Thanks in advance =)
-
3:41
»
remote-exploit & backtrack
hey,
I try for a long time to break the wep key, but the iv's go so slow, and i try to folow the tutorial in aircrack-ng web site under this title:
"i_am_injecting_but_the_ivs_don_t_increase"
but it's not help me at all
i understand that i need to fake AP or something like that with wpa_supplicant (even that the netwok is wep key)
i'm using BT4 final from cd
my card it's iwl3945 (i saw that more people have this problem with this card)
please help me.
thanks.
-
-
21:04
»
SecDocs
Authors:
Steven J. Murdoch Tags:
credit card bank Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer's debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous design errors, which could be exploited by criminals. Banks throughout Europe are now issuing hand-held smart card readers to their customers. These are used, along with the customer's bank card, for performing online banking transactions. In this talk I will describe how we reversed-engineered the cryptographic protocol used by these readers, using some custom-designed smart card analysis hardware. We discovered several flaws in this protocol, which could be exploited by criminals (and some already are). This talk will explain what vulnerabilities exist, and what the impact on customers could be.
-
21:04
»
SecDocs
Authors:
Steven J. Murdoch Tags:
credit card bank Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer's debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous design errors, which could be exploited by criminals. Banks throughout Europe are now issuing hand-held smart card readers to their customers. These are used, along with the customer's bank card, for performing online banking transactions. In this talk I will describe how we reversed-engineered the cryptographic protocol used by these readers, using some custom-designed smart card analysis hardware. We discovered several flaws in this protocol, which could be exploited by criminals (and some already are). This talk will explain what vulnerabilities exist, and what the impact on customers could be.
-
-
11:41
»
remote-exploit & backtrack
i got hp compaq nc 6220 lap top with intel[R]pro/wireless 2200BG NETWORK CONNECTION
MY QUESTION IS
WICH ONE IS THE BEST USB WIRELESS CARD ADAPTER TO USE BACK TRACK 4
TO HACK WEP KEYS
PLEASE HELP
-
-
14:17
»
remote-exploit & backtrack
Hey guys ive had this wireless dongle for about a year now, its the linksys wusb54gc (with ralink rt73 driver). Ive used this card with alot of linux distros most of the time its just plug and connect. BT4 is recognizing the card when i put lsusb in the command line, but it wont show up under network interfaces. Ive googled about this alot and cant seem to find an anserw.
-
-
16:47
»
remote-exploit & backtrack
i'm using Compaq Presario CQ40-401AU laptop. The only thing i know about my wireless card is the brand... broadcom... backtrach 4 cant detect the wireless card after i try this command > /etc/init.d/wicd start ... can anyone help? anyway, are broadcom build in wireless card that comes with the laptop that i mention above can do injection?
really appreciates if some1 can help me slve this matter...
-
-
8:44
»
remote-exploit & backtrack
I am deciding on which wifi card I should get. Either the 500mw or the 1000mw alpa networking booster card. Anyone here tried either cards. I search the forum and saw that some people were using the 500mw but want I to know if anyone has experienced better performance with the 1000mw or even the 2000mw adapter card?
Thanks
1. 500mw amazon.com/Adapter-Wardriving-Extension-Strongest-Market/dp/B000QYGNKQ/ref=dp_cp_ob_e_title_3?ie=UTF8&qid=1264171727&sr=8-1]Amazon.com:[/url] USB 500mW WiFI Adapter for Wardriving & Range Extension *Strongest on the Market*: Electronics
2. 1000mv amazon.com/Wireless-Original-Alfa-9dBi-Strongest/dp/B001O9X9EU/ref=sr_1_1?ie=UTF8&s=electronics&qid=1264434130&sr =1-1-spell]Amazon.com:[/url] 1000mW 1W 802.11b/g USB Wireless WiFi Network Adapter With Original Alfa Screw-On Swivel 9dBi Rubber Antenna *Strongest on the Market*: Electronics
-
-
10:58
»
remote-exploit & backtrack
hi all
i have just downloaded backtrack 4 from virtualbox site and run it on virtualbox,but it doesnt see my usb wireless card(my card supported!!!) of =course i choosed "bridge" option and choosed my tp link321but when in backtrack there is nothing
MY BACKTRACK IS NOT ISO FILE ,ITS VDI FILE ITS SPECIAL READY FOR VIRTUALBOX
PLEASE HELP
-
-
12:41
»
remote-exploit & backtrack
I know everyone is sick of the, is my wireless card supported. I know mine is but I cant get it to work. And before you get mad I have already tried lots of different things. Its brand is belkin, its ralink and rt73
No matter what I do I can't get it to work. I tried doing a driver install and I when I get to the 'make' command, I get an error about the /usr/src/linux (cant remember number)
there is a folder there. I am on backtrack 3 final btw and my card is USB. Any help you can give is greatly appreciated.
-
-
10:14
»
remote-exploit & backtrack
Ok I have a SMC - SMCWUSB-G Wireless usb card.
I checked the tested wireless cards and drivers for BT on :
hxxp://backtrack.offensive-security.com/index.php?title=HCL:Wireless#SMCWUSB-G_EU
and I found my card there. The problem is it automaticly works in BT3 but not in BT4.
When I type in lspci it sees the card but somehow I can't enable it.
Tried "iwconfig", "dhclient", "airmon-ng start"
-
10:14
»
remote-exploit & backtrack
Ok I have a SMC - SMCWUSB-G Wireless usb card.
I checked the tested wireless cards and drivers for BT on :
hxxp://backtrack.offensive-security.com/index.php?title=HCL:Wireless#SMCWUSB-G_EU
and I found my card there. The problem is it automaticly works in BT3 but not in BT4.
When I type in lspci it sees the card but somehow I can't enable it.
Tried "iwconfig", "dhclient", "airmon-ng start"
-
-
16:54
»
remote-exploit & backtrack
I recently went out and purchased a Netgear WPN311 which is listed on the wiki as a card working out of the box. I am using BT4 and it doesnt seem to recognize my card. Windows 7 picks it up fine, I am using the Live CD and I also tried VMware. When I type in ifconfig it doesnt show anything at all.
Any ideas? I am really new to using linux to find hardware and recognize it. All your help and experience is greatly appreciated. I know I am new to BT and Linux but out of all the distro's I have used, it is my favorite for many reasons.
Thanks again for reading this.
-
9:25
»
remote-exploit & backtrack
I am looking at getting a new Mini-PCIe card and these were the two I was looking at.
GIGABYTE GN-WI06N-RH 802.11N a/b/g/n draft 2.0 miniPCI wireless - Atheros AR5008 chipset AirCruiser N300 Dual Band Mini Card
GIGABYTE Aircruiser N300 GN-WS30N-RH 802.11N b/g/n draft 2.0 miniPCI EXPRESS wireless - Ralink RT2800 series chipset 2T/3R mini card
Just wondering if anyone has used these and there opinions.
-
3:03
»
remote-exploit & backtrack
I need a little help, I want to install Backtrack4 on hard but I have a problem with my wireless network card, I usually test network cards by booting from cd withour installing anything just to see if they work.
My card is :
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 02)
04:00.0 Ethernet controller: Atheros Communications Inc. AR5001 Wireless Network Adapter (rev 01)
When I type in terminal "lspci" BT4 sees my card.
I have also a wireless usb card SMC wich works when I boot BT3 from CD.
So can someone help me configure my card so that BT4 will work ... I really want it on my HDD ...
