«
Expand/Collapse
90 items tagged "engineering"
Related tags:
quist [+],
danny quist [+],
authors [+],
slides [+],
malware [+],
home [+],
x event [+],
trace [+],
tobias bluzmanis [+],
temporal [+],
reverse [+],
python [+],
physical security [+],
part [+],
marc weber tobias matt [+],
marc weber tobias [+],
magic [+],
mac os x [+],
mac os [+],
lorie [+],
linux driver [+],
linux [+],
insecurity [+],
human [+],
generation [+],
florian echtler [+],
fiddler [+],
e. street [+],
displaylink [+],
deceiving [+],
david weston tags [+],
david weston [+],
compression algorithm [+],
colin ames [+],
analysis [+],
36 stratagems [+],
reverse engineering [+],
workshop authors [+],
visual [+],
validation [+],
transformation [+],
toolsmithing [+],
toolkit [+],
technique [+],
sehop [+],
richard theime [+],
rich smith [+],
reverse engineer [+],
proof of concept [+],
private safe [+],
pridgen [+],
philippe oechslin [+],
paper [+],
news [+],
new [+],
misc [+],
memory [+],
matthew wollenweber [+],
lifecycle [+],
lcd [+],
krakow [+],
jesse burns [+],
implementation [+],
ida pro [+],
ida bridge [+],
human brain works [+],
how things work [+],
how the human brain works [+],
hat europe [+],
greg conti [+],
forensic analysis [+],
flake [+],
felix [+],
executables [+],
europe [+],
erik dean tags [+],
engineering workshop [+],
engineering tools [+],
engineer [+],
disassembler [+],
device [+],
debuggers [+],
dale pearson tags [+],
dale pearson [+],
cryptography [+],
crypto algorithms [+],
crypto [+],
commercial tools [+],
chris palmer [+],
chain [+],
case study [+],
card access [+],
automated [+],
asia [+],
art [+],
android [+],
aiko tags [+],
adam pridgen [+],
Software [+],
Hardware [+],
BackTrack [+],
black hat [+],
zeroaccess [+],
wireless weather stations [+],
wireless weather station [+],
windows security [+],
whole lot [+],
whitepaper [+],
weather [+],
washington dc metro [+],
washington [+],
wafer sort [+],
vulnerability evaluation [+],
vulnerability [+],
vulnerabilities [+],
voice [+],
video introduction [+],
use [+],
us patent application [+],
tyler [+],
troy wright [+],
toy [+],
time [+],
teardown [+],
suite [+],
student design competition [+],
student [+],
strike [+],
storage device [+],
sparkfun [+],
social networks [+],
sneaky [+],
slight [+],
simon [+],
signal [+],
shawn moyer [+],
sensors [+],
security [+],
secrets [+],
sebastian porst [+],
scott [+],
science [+],
scheme [+],
scarecrow [+],
sam [+],
reverse engineering tools [+],
repair [+],
remote control [+],
reil [+],
read [+],
raphael schwartz [+],
radio [+],
qdot [+],
pufu [+],
protocol [+],
project [+],
primer [+],
post mortem [+],
porst [+],
pitchford [+],
physical construction [+],
photoframe [+],
penetration testers [+],
pda software [+],
pda [+],
pcb [+],
patching [+],
nike [+],
next [+],
network protocols [+],
network [+],
nathan brodell [+],
mykeepon [+],
model [+],
mind magic [+],
mike murray tyler reguly [+],
mike murray [+],
michael steil [+],
mechanical [+],
marshall [+],
mark wronkiewicz [+],
logic simulation [+],
lipo battery [+],
lcd screens [+],
language [+],
la crosse wireless weather station [+],
key chains [+],
jtag [+],
joseph klein [+],
jessica zhang [+],
jason raber [+],
jason cheatham [+],
jamie [+],
iphones [+],
iphone [+],
introduction [+],
industry [+],
incident response [+],
inch [+],
illegal opcodes [+],
human brain [+],
how to [+],
home automation system [+],
heavens [+],
hardware debuggers [+],
hammack [+],
hack in the box [+],
guy [+],
greg hoglund [+],
girlfriend [+],
german engineering [+],
fred [+],
force research laboratory [+],
firmware [+],
fiber optics [+],
fiber optic cabling [+],
fiber [+],
festival [+],
felix domke [+],
face detection [+],
exact implementation [+],
engineering network [+],
engagement [+],
dubai [+],
doug mohney [+],
directory traversal vulnerability [+],
dell axim [+],
defective capacitor [+],
de haas [+],
dc metro area [+],
dc [+],
darknet [+],
crimeware [+],
cpu [+],
counter [+],
corporate warfare [+],
corporate [+],
control [+],
construction skills [+],
code [+],
classmates [+],
chris eagle [+],
chip architectures [+],
charles holmes [+],
cats [+],
cat cats [+],
cat [+],
busts [+],
burns [+],
broken [+],
boston [+],
blown fuse [+],
blackberry [+],
binary [+],
bill nye [+],
bill [+],
bike storage [+],
automation [+],
artists [+],
arpad [+],
apple products [+],
apple [+],
aiko [+],
advanced software engineering [+],
advanced [+],
adam meyers [+],
adam [+],
ac signal [+],
Wireless [+],
ARM [+],
social engineering [+],
usa [+],
video [+],
social [+],
hacks [+],
chaos communication congress [+],
audio [+]
-
-
![Permalink for '[Audio] Building Custom Disassemblers'](/themes/lilina/web//media/mark_off.gif)
21:38
»
SecDocs
Authors:
Felix 'FX' Lindner Tags:
reverse engineering Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: The Reverse Engineer occasionally faces situations where even his most advanced commercial tools do not support the instruction set of an arcane CPU. To overcome this situation, one can develop the missing disassembler. This talk is meant to be a tutorial on how to approach the task, what to focus on first and what surprises one may be in for. The primary focus will be on the transformation of byte code back into mnemonic representation where only the reverse transformation is available (i.e. you have the respective assembler). It also covers how to integrate your new disassembler into your reverse engineering tool chain.
-
-
4:12
»
SecDocs
Authors:
Felix 'FX' Lindner Tags:
reverse engineering Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: The Reverse Engineer occasionally faces situations where even his most advanced commercial tools do not support the instruction set of an arcane CPU. To overcome this situation, one can develop the missing disassembler. This talk is meant to be a tutorial on how to approach the task, what to focus on first and what surprises one may be in for. The primary focus will be on the transformation of byte code back into mnemonic representation where only the reverse transformation is available (i.e. you have the respective assembler). It also covers how to integrate your new disassembler into your reverse engineering tool chain.
-
-
13:08
»
Hack a Day
If you’re around the Washington, DC metro area next weekend, here’s something for you. It’s the USA Science and Engineering festival, and if you’ve ever wanted to talk to [Adam] and [Jamie] from Mythbusters, [Bill Nye], and several astronauts, this is where you should be next weekend. This is the second USA Science and Engineering [...]
-
-
21:40
»
SecDocs
Authors:
Michael Steil Tags:
reverse engineering hardware hacking Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: The MOS 6502 CPU, which was designed in 1975 and powered systems like the Apple II, the Atari 2600, the Nintendo NES and the Commodore 64 for two decades, has always been subject to intense reverse engineering of its inner workings. Only recently, the Visual6502.org project has converted a hi-res die-shot of the 6502 into a polygon model suitable for visually simulating the original mask at the transistor level. This talk will present the way from a chip package to a digital representation, how to simulate transistors in software, and new insights gained form this research about 6502 internals, like "illegal" opcodes. The presentation only requires a basic understanding of assembly programming and electronics, and is meant to teach, among other things, the methods of efficient and elegant chip design used in the early years of integrated CPUs. The talk consists of three parts. The first part, "6502 from top down", describes the programmer's model, as well as the basic layout of the components of the CPU. In the second part, "6502 from bottom up", we describe how to decap and photograph chips, convert each physical layer of the chip into a polygon model, and how to finally convert this into a network of wires and transistors suitable for logic simulation. The third part, "6502 from the inside out", explains the inner workings of the CPU: how the logic blocks work together, how an instruction is decoded by the PLA ROM into controlling these blocks and busses, and how details like interrupt delivery work. Finally, this information can be used to describe and explain undocumented behaviour, like illegal opcodes and crash instructions, and explain bugs like the BRK/IRQ race, the ROR bug and spurious reads and writes in certain situations.
-
-
21:33
»
SecDocs
Tags:
social engineering Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: All the talks i saw about SE so far just showed which good SE's the speakers are. I try to do another approach, what if i get in and don't know what to do then. The talk is about the reconn. before the assessment, the different approaches of SE. Which techniques can one use, how to do a proper intel. and what is useful. How things work and more important why. Which skill set should one have before entering a engagement. And last but not least how do one counter a SE attack.
-
21:33
»
SecDocs
Tags:
social engineering Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: All the talks i saw about SE so far just showed which good SE's the speakers are. I try to do another approach, what if i get in and don't know what to do then. The talk is about the reconn. before the assessment, the different approaches of SE. Which techniques can one use, how to do a proper intel. and what is useful. How things work and more important why. Which skill set should one have before entering a engagement. And last but not least how do one counter a SE attack.
-
-
13:01
»
Hack a Day
[Troy Wright] acquired a lot of twenty broken Dell Axim PDAs. This type hardware was quite popular a decade ago, but looks archaic when compared to a modern cell phone. That’s why he was able to get them for a song. After a bit of work he managed to resurrect eight of the units, but was dismayed [...]
-
-
11:01
»
Hack a Day
[Arpad] has spent quite a bit of time reverse-engineering a home automation system, and, as he is quick to point out, presents the information learned for informational purposes only. He’s really done his homework (and documented it well), looking into the US patent application, and figuring out how the protocol works. If you’re wondering how [...]
-
-
14:01
»
Hack a Day
Little, no name, 1.5 inch LCD photo key-chains are all over the place for practically nothing. Not too surprisingly these things do not vary much in the parts that they use, some flash ram, a little lipo battery and a 16 bit color LCD. Wanting to find a way to reuse that LCD [Simon] Has [...]
-
-
20:48
»
Packet Storm Security Recent Files
Whitepaper called Social Engineering - The Human Factor. It documents suggested phases of the social engineering lifecycle and associated techniques for implementation.
-
20:48
»
Packet Storm Security Misc. Files
Whitepaper called Social Engineering - The Human Factor. It documents suggested phases of the social engineering lifecycle and associated techniques for implementation.
-
-
11:41
»
Hack a Day
[qDot] recently got his hands on a MyKeepon toy and after messing with it a bit, decided to tear it down to see what was inside. He had hopes of easily modding the toy, but like most adventures in hacking, things might take a while longer than he first imagined. In his teardown you can [...]
-
-
8:11
»
Hack a Day
The Nike+ hardware is obviously an interesting device. We haven’t heard a whole lot about hacking one until now, but [Dimitry] has decided to change that. Many would assume that the data transmitted off of these sensors is quite simple, however there’s a bit more than meets the eye. Amongst other challenges, all the data [...]
-
-
6:54
»
Packet Storm Security Recent Files
Whitepaper called Social Engineering Toolkit. This article covers backdooring executables and evading antivirus using scripts included with BackTrack.
-
6:54
»
Packet Storm Security Misc. Files
Whitepaper called Social Engineering Toolkit. This article covers backdooring executables and evading antivirus using scripts included with BackTrack.
-
-
23:49
»
SecDocs
Authors:
Dale Pearson Tags:
social engineering Event:
Hashdays 2010 Abstract: Social Engineering is considered by many as a sort of magical art form in the Infosec world, some of the best at it must have Jedi like powers to get into some of the places they do. The magic or art of SE is all about creating a situation that suggests you belong, and are perceived to be just like everyone else just going about your business. Some people have a natural flare for SE, they are good at building rapport and are generally likeable. People say that SE exists because of human stupidity and there is no patch for it, but what if you can understand why the human brain is susceptible, if you understand this better can you be more successful in your SE exploits, and can you use this to educate and perhaps help apply that patch. During my talk I will discuss how I looked at methods and skills that can be learnt to better understand how the human brain works, and how it can be manipulated. This will take us on the journey and fun of looking at NLP patterns, mentalism and becoming a hypnotist myself. We will talk about why these skills can improve your success as a social engineer, as well as being more aware of being manipulated yourself.
-
-
3:06
»
SecDocs
-
3:03
»
SecDocs
-
-
13:01
»
Hack a Day
[Bill the “Engineer Guy” Hammack] is back with another lesson in the science behind the technology we know and love, but might not fully understand. This time around he discusses fiber optic cabling and how it is used to relay data across distances both small and large. He starts off by showing how laser light [...]
-
-
13:58
»
Hack a Day
[Fred] got a La Crosse wireless weather station as a gift and thought the LCD display was great, but he was dismayed that there was no means of extracting the temperature data for use on a computer. He thought that the modular design of the system would make it great for use in his home [...]
-
-
8:00
»
Hack a Day
While not necessarily an easy thing to learn, the ability to reverse engineer embedded device firmware is an incredibly useful skill. Reverse engineering firmware allows you to analyze a device for bugs and vulnerabilities, as well as gives you the opportunity to add features if you happen to be so inclined. When it comes to [...]
-
-
10:01
»
Hack a Day
[Sam Fok], an engineering student at the Washington University School of Engineering wrote in to share a project he and his classmates [Raphael Schwartz, Mark Wronkiewicz, Charles Holmes, Jessica Zhang, Nathan Brodell, and Thane Somers] have been working on as their entry in the 2011 RESNA Student Design Competition. Their project, IpsiHand, is designed to [...]
-
-
13:01
»
Hack a Day
[Scott] was looking to source some LCD screens for an upcoming project, and was considering buying them from SparkFun. While the Nokia panels they sell are not expensive, they aren’t necessarily the cheapest option either – especially when building in volume. He searched around for something he could use instead, and settled on Blackberry screens. [...]
-
-
10:03
»
Hack a Day
So you’re master of electrons; able to program multiple chip architectures without batting an eye. Good for you. The only problem is that blinking LEDs gets boring after a while and you’re going to want to do something else. Here’s a chance to expand on your physical construction skills. Make: Skill Set is sharing the [...]
-
-
13:00
»
Hack a Day
Cats do what they want, which rarely coincides with what their owner wants them to do. In [Dumitru]‘s case, his girlfriend’s cat [Pufu] tended to make it outside into the cold more often than desired. Rather than settle with the normal bell which gets obnoxious even when the cat isn’t misbehaving, he decided to put [...]
-
-
8:00
»
Hack a Day
[Chr] picked up a pack of remote control outlets in order to reverse engineer them and build control into his own projects. These can be plugged into outlets around your house and a relay inside each module will switch whatever device is plugged into it after receiving a command from the remote. Once he cracked [...]
-
-
9:17
»
Hack a Day
Occasionally when a device breaks, the defect is obvious. Whether it is a blown fuse or a defective capacitor, generally the easy to see stuff is easy to fix. When a problem is more subtle, or when doing some more advanced tasks like adding functionality to a device, greater knowledge about a circuit board is [...]
-
-
8:55
»
SecDocs
Authors:
Dale Pearson Tags:
social engineering Event:
Hashdays 2010 Abstract: Social Engineering is considered by many as a sort of magical art form in the Infosec world, some of the best at it must have Jedi like powers to get into some of the places they do. The magic or art of SE is all about creating a situation that suggests you belong, and are perceived to be just like everyone else just going about your business. Some people have a natural flare for SE, they are good at building rapport and are generally likeable. People say that SE exists because of human stupidity and there is no patch for it, but what if you can understand why the human brain is susceptible, if you understand this better can you be more successful in your SE exploits, and can you use this to educate and perhaps help apply that patch. During my talk I will discuss how I looked at methods and skills that can be learnt to better understand how the human brain works, and how it can be manipulated. This will take us on the journey and fun of looking at NLP patterns, mentalism and becoming a hypnotist myself. We will talk about why these skills can improve your success as a social engineer, as well as being more aware of being manipulated yourself.
-
-
4:11
»
Hack a Day
This electronic scarecrow keeps the birds away and makes your neighbors hate you at the same time. That’s because its way too loud, even if the next house is far away. The conrad.de folks that brought us the climbing bike storage device are at it again, putting together car audio and strings of lights as [...]
-
-
9:52
»
Hack a Day
has been hard at work reverse engineering the charging method used by Apple products. This saga takes us through the years as new devices were released and subsequently broke Minty Boost’s charging capabilities. It seems the data lines were gradually adopted as a means for iPhones and iPods to identify the charger that had been [...]
-
-
21:13
»
SecDocs
Authors:
Felix Domke Tags:
reverse engineering hardware hacking Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: JTAG is an industry standard for accessing testmode functionality in almost any complex microchip. While the basics of JTAG are standardized, the exact implementation details are usually undocumented. Nevertheless, JTAG often allows you to interact with the chip very deeply, which makes it very interesting since it is often easily accessible thanks to the small pincount. This talk covers reverse engineering of JTAG interfaces when no or only limited documentation is available. JTAG is an industry standard for accessing testmode functionality, and is available on almost any complex microchip. It is often for functional testing while doing wafer sort, during board production, product development and service. While the basics of JTAG are standardized, the exact implementation details are usually not available in public datasheets. Very often, even when signing a vendor NDA, only limited parts of JTAG will be documented (like boundary scan and the CPU debug interface). JTAG, however, often allows a much deeper interaction with the chip, and often, security is falsely established though obscurity by providing undocumented testmodes. JTAG isn't only available on CPUs, but also on a lot of other peripherals, which turns them into an interesting target if they provide busmaster access to a system bus.
-
-
21:04
»
SecDocs
Authors:
Florian Echtler Tags:
reverse engineering hardware hacking Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: DisplayLink produces nice, useful USB graphics adapters. Unfortunately, they had no real Linux support. In this talk, we'll describe how we first reverse-engineered the encryption and basic protocol, prompting DisplayLink to actually release a Linux driver on their own. However, their driver still doesn't support compression. In the second part, we'll therefore describe how we reverse-engineered the compression algorithm.
-
21:04
»
SecDocs
Authors:
Florian Echtler Tags:
reverse engineering hardware hacking Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: DisplayLink produces nice, useful USB graphics adapters. Unfortunately, they had no real Linux support. In this talk, we'll describe how we first reverse-engineered the encryption and basic protocol, prompting DisplayLink to actually release a Linux driver on their own. However, their driver still doesn't support compression. In the second part, we'll therefore describe how we reverse-engineered the compression algorithm.
-
21:04
»
SecDocs
Authors:
Florian Echtler Tags:
reverse engineering hardware hacking Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: DisplayLink produces nice, useful USB graphics adapters. Unfortunately, they had no real Linux support. In this talk, we'll describe how we first reverse-engineered the encryption and basic protocol, prompting DisplayLink to actually release a Linux driver on their own. However, their driver still doesn't support compression. In the second part, we'll therefore describe how we reverse-engineered the compression algorithm.
-
-
21:06
»
SecDocs
Authors:
Philippe Oechslin Tags:
reverse engineering cryptography Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: Breaking good crypto is hard. It takes a genius to find a flaw in AES or Blowfish. On the other hand, it is also difficult to program cryptography correctly. Thus the simpler way of breaking a cryptographic software is often to reverse engineer it and find the crypto errors that were made by the programmers. In this talk the simple errors will be demonstrated that were discovered when reverse engineering three products for evaluation or forensic purposes. In each case, a simple error gave access to information that was supposed to be protected by the best crypto algorithms. The demos will be the following: * the FIPS 142-3 level 2 certified MXI stealth USB key (before it got patched) * a version of the E-capsule private safe from EISST * Data Beckers now defunct Private Safe software
-
9:00
»
SecDocs
Authors:
Philippe Oechslin Tags:
reverse engineering cryptography Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: Breaking good crypto is hard. It takes a genius to find a flaw in AES or Blowfish. On the other hand, it is also difficult to program cryptography correctly. Thus the simpler way of breaking a cryptographic software is often to reverse engineer it and find the crypto errors that were made by the programmers. In this talk the simple errors will be demonstrated that were discovered when reverse engineering three products for evaluation or forensic purposes. In each case, a simple error gave access to information that was supposed to be protected by the best crypto algorithms. The demos will be the following: * the FIPS 142-3 level 2 certified MXI stealth USB key (before it got patched) * a version of the E-capsule private safe from EISST * Data Beckers now defunct Private Safe software
-
-
7:11
»
SecDocs
-
-
21:12
»
SecDocs
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution