Vegard Skjefstad

www.vegard.net

Menu Close

Tag: Hacking (page 1 of 2)

Let’s Hack Car Alarms!

If you have a car, there’s a good chance it has a car alarm. But did you know that a hacker can simply hack car alarms, and take off with your precious vehicle?

We’ve already seen how ridiculously easy it is to hack medical equipment, and so-called “smart” cities. This time we’ll see how simple it is to hack something a little less critical; car alarms.

Researchers at British penetration testing and security services firm Pen Test Partners had a look at the security of two of the largest aftermarket car alarm vendors, Viper and Pandora. Like with the medical equipment and smart cities hacks we’ve discussed earlier, both Viper and Pandora had a basic security flaw in their products. The insecure direct object reference (IDOR) vulnerability allowed an attacker to hijack and take complete control of user accounts. The IDOR is a kind of vulnerability this is typically covered in any Internet Security 101 class.

Now that the hacker has control of your Viper or Pandora car alarm, what can they do?

Read more

Android Phones Can Be Hacked – By displaying An Image

It should be no surprise by now that your phone can be hacked. But did you know it can be done just by you looking at an image on your phone?

Yes, I know this particular vulnerability doesn’t really pass as “news” anymore. It was patched on February 4, and The Inquirer reported about it over two weeks ago. But I drafted this post the day Google released the February Android security bulletin, and there’s no way in hell that effort will go down the drain. So this post gets published, news-worthy or not!

So what’s the issue? Let’s see what Google writes in their February security bulletin:

The most severe of these issues is a critical security vulnerability in Framework that could allow a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged process.

Android Security Bulletin β€” February 2019

Allrighty then…

Read more

Let’s Hack A City!

If medical equipment isn’t a big enough target for you, why not hack a city?

A while ago I went on one of my familiar rants. The subject was how ridiculously easy it is to hack medical equipment, with medical device maker Meditronic’s pace maker programming devices being the concrete example. Even though I wrote the post in August, it’s still very relevant. Just a couple of days ago,Β  Meditronic made headlines again when they issued a statement saying that their CareLink line of pace maker programming devices is actually vulnerable to attacks.

The first news of vulnerable Meditronic equipment dropped during the annual Black Hat conference in Las Vegas. But medical equipment was not the only Black Hat target. Far from it. Another interesting subject of hacking was “smart” cities.

Read more

Let’s Hack Medical Equipment!

Or rather, let’s not. Hacking is bad, m’kay? But if we wanted to, it turns out it’s outrageously easy to hack medical equipment.

I’m an information technology professional by trade. My work mantra is that “no matter how bad it goes, no one dies”. It have saved me from a lot of stress, and helped me keep my cool in times of crisis. The point is that even if all the IT systems are down, the data center is on fire, and the entire development team has been abducted by aliens, no one dies. At least if the aliens are of the good, not-anal-probing kind. Sure, it’s annoying that people can’t do their work, and we might lose some money during the downtime. But people can drink coffee, chat about the incompetent IT department while the problem is being fixed. And we’ll eventually cover the financial loss, because we learn from our mistakes, and become even better at what we do1.

Since IT is an important part of every industry these days, I have many choices when it comes to what domain I want to work with. Because of my work mantra, however, there are some businesses I will not to get involved with. One is control systems of any kind where a simple software bug may have disastrous consequences. Think ATC, nuclear power plants, and the like. I’d prefer not to kill scores of people because if (x > 1) had somehow turned into if (x > 1);. Many winters ago, I spent the better part of a workday trying to figure out a baffling bug, and the ; above was the cause2. Thankfully, I wasn’t responsible for making sure airplanes don’t crash into each-other. That would have been a bad day to fly.

Another industry I gladly stay away from is medical equipment. But I would have fit right in because it turns out that many of the people working in the medical IT industry are incompetent dimwits.

Read more

PoisonTap – The $5 Tool That Steals All Your Stuff

A while back I wrote about the WiFi Pineapple, a wonderful little device that can be used to “audit”1 wireless networks. The device makes it surprisingly easy to act as Man in the Middle (MitM), a technique used by hackers to effectively steal all your passwords and credit card numbers. The cheapest version of the WiFi Pineapple, the Nano, costs just shy of $100. Not a lot of money, but it’s a bit too much for me to spend on a device that can’t be used for anything cool without breaking more laws than I can count. But now there’s a new toy available that does many of the same things as the WiFi Pineapple: PoisonTap.

Price tag? Around $5.

PoisonTap also plays the role as the MitM, but there’s a big difference. While the WiFi Pineapple hijacks wireless networks, PoisonTap needs physical access to the computer you wish to audit. Because of that, it’s easy to dismiss PoisonTap as pretty useless. It’s hard to get physical access to an unattended computer, isn’t it? No, it’s not. If you’re working in an office environment, simply take a look around you at lunch time. And if you have access to a conference center or a hotel, take a look inside. I bet you can find an unattended computer within minutes.

Another reason you might dismiss PoisonTap as worthless, is the size of the delivery vehicle. The version of PoisonTap demoed by its creator, Samy Kamkar, runs on a Raspberry Pi Zero. While the Zero is small, it’s not exactly invisible, and not hard to spot. But the PosionTap software doesn’t have to run on a Raspberry Pi, it’s possible to install it on even smaller computers. Both LANTurtle or USB Armory are viable options. Not too easy to spot one of those connected to the back of the workstation tucked under your desk, is it?

On top of that, the PosionTap doesn’t have to be connected for long. Just leave it plugged in for a minute or two, then pull it out, and walk away. The target computer is now infected, and a persistent backdoor has been installed.

Read more

Copyright © 2000-2019 www.vegard.net | Privacy Policy | Statement of Audience | Hosted on vbox4.vbox-host.com