Mai 15 14

Combo Breaker is a motorized, battery powered, 3D printed, Arduino-based combination lock cracking device.

Source code / 3D models:


written by d45id \\ tags: , , , , ,

Feb 15 13

first-0xd0-byesAuf dem 31c3 hab es einen interessanten Vortrag über die Sicherheit von UEFI gesehen – Attacks on UEFI security, inspired by Darth Venamis’s misery and Speed Racer, davon lies sich der Autor dieser interessante Dokumentation inspirieren, wie sich RootKits recht gut in UEFI-System einpflanzen lassen.

Cr4sh dokumentiert recht eindrucksvoll und ausführlich einen erfolgreichen Angriff gegen die UEFI-Sicherheitsmaßnahmen seines Intel DQ77KB.
Der Sourcecode für den Exploit findet sich bei GitHub

written by d45id

Nov 14 11

SpaceInvadersCisco Catalyst switching devices did not properly parse the „request system shell“ challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege (see also CVE-2014-7990). Harrison Shlong use this to add the new Space Invaders feature to Catalyst switches

written by d45id \\ tags: , , , , ,

Aug 14 19

emBlack magicians from Tel Aviv University published a pre-release of their actual study under the title „Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks On PCs“.
Their work will be presented next month in CHES 2014.

Find out more

paper (extended version)

written by d45id \\ tags: , , , ,

Aug 14 15

Robotics researchers from Harvard University developed a low coast scalable robot system for demonstration collective behaviors.


Find out more

The Kilobot Project
Kilobot: A Low Cost Scalable Robot System for Collective Behaviors
Collective Transport of Complex Objects by Simple Robots: Theory and Experiments
Massive Uniform Manipulation

written by d45id \\ tags: , ,

Aug 13 06

cachestructOn the European security conference OHM 2013 a security researcher has demonstrated an attack that would allow a hacker to access and modify the Flash Firmware on a hard drive and program it to protect his access.

Firmware is code stored on a special flash-able chip on the drive. The built in code tells the drive how to work, how to read and write data. It is flashable (it can be reprogrammed) so the manufacturer can release updates to the firmware. Most people never re-flash or update their hard drive firmware. Continue reading »

written by d45id \\ tags: , , , , ,

Feb 13 21

hdmi-loopAdam Laurie verdeutlichte in seinem Artikel HDCP is dead. Long live HDCP. A peek into the curious world of HDMI copy protection… , dass der HDCP-Kopierschutz schon lange gebrochen ist und wie er sich auch weitere Male mit sehr einfacher Hardware, etwas Geschick und ein paar Zeilen Code aushebeln lässt.


written by d45id \\ tags: , , , ,

Jan 13 02

An easier way to update the firmware of your Raspberry Pi it to use rpi-update written by Hexxeh.

To install the tool, run the following command:

sudo wget -O /usr/bin/rpi-update && 
sudo chmod +x /usr/bin/rpi-update

If you get errors relating to certificates, then the problem is likely due to one of two things. Either the time is set incorrectly on your Raspberry Pi, which you can fix by simply setting the time using NTP. The other possible issue is that you might not have the ca-certificates package installed, and so GitHub’s SSL certificate isn’t trusted. If you’re on Debian, you can resolve this by typing:

sudo apt-get install ca-certificates

To then update your firmware, simply run the following command:

sudo rpi-update

To upgrade/downgrade to a specific firmware revision, specify it’s Git hash as follows:

rpi-update <git hash> 

If you’d like to set a different GPU/ARM memory split, then define gpu_mem in /boot/config.txt.

written by d45id \\ tags: , , ,