Archive

Archive for the ‘Mods’ Category

Security issues logos

February 27th, 2015 No comments

Since last year it seems that security issues need to be named and need a logo. Since not all issues had a logo yet I made some logos just for fun and no particular reason. I do not support security issues being used for marketing (which seems to be the main reason for the naming), I just like to draw things every now and then. More might follow, or not, dunno yet.

I don’t claim any copyright, they can be freely used with or without credits. All images were created with Paint.NET, and the higher resolution versions are available when clicking on them.

Read more…

Forensic hardware – Don’t just blindly trust it

September 2nd, 2014 No comments

I recently found two pictures which I took in the last 2 years, of the Logicube Forensic Dossier misbehaving. I decided to write this very short article to show these pictures. Since this seems to be a 6th(!) generation forensic solution I would not expect this behavior. The Logicube hardware is widely accepted as ‘forensically sound’, there seems to be some sort of blind trust in forensic hardware by forensic experts, while everything else is always disputed at great length.

Read more…

Convert cheap 433Mhz sensors to KaKu/CoCo with an Arduino convertor

August 24th, 2014 4 comments

In the past 1,5 year I have been playing a bit with Home Automation (or Domotics / Domotica) systems. I initially bought the HomeWizard, but was pretty disappointed in it. When the HomeWizard domotica system was introduced I expected a lot of it, sadly enough it has not been as great as I hoped and I am currently moving over to another system.  One of the things that annoyed me of the HomeWizard is the inability to add other sensors to the setup which were not part of the supported hardware (which is pretty limited). I moved to the HomeWizard from a different (alarm) system which contained a lot of 433Mhz sensors which I could not hook up to the HomeWizard. Because I did not want to throw all these sensors away I built a middle-ware system with an Arduino and some code which can convert the non-supported codes in to HomeWizard supported codes (KaKu / CoCo style codes). The middle-ware receives a code and then translates that to a code which can be understood by the HomeWizard. Initially designed for usage with HomeWizard this same approach also worked with HomeSeer, Domotiga and Domoticz, which all did not support my sensors directly (most of them because of the usage of the RFXCOM).

Read more…

Crypto hardware Plug-over attack

June 25th, 2012 5 comments

This article describes a vulnerability I found over two years ago in certain external USB and eSATA data carriers (hard drives, USB sticks) which use cryptography to help protect the data they carry. This vulnerability has been found during the evaluation of multiple data carriers of different manufacturers and it seems to be quite common. Since this vulnerability doesn’t seem device specific this paper has been written to be able to spread some knowledge and to warn the general public about it. All the manufacturers of the devices I tested which were vulnerable to this attack have been notified long ago. The vulnerability described in this paper has been named the ‘plug-over attack’.

Read more…

Repair a broken HP LaserJet printer by baking it

October 18th, 2011 79 comments

After my HP printer died just after his warranty period I searched for a solution what to do to revive it. When reported to HP they wanted to charge €350 to repair the printer, which is around the same amount a new printer would cost, besides that I had to ship to whole bulky printer to them. When searching the internet for an alternative you will find a lot of people with the same problem using this printer series but not a lot of clear solutions.

This write-up will describe a way to repair the HP LaserJet M1522 series printer. While this idea is not new I wanted to create an easy to follow overview to repair this printer instead of a “just bake the formatter board”. I hope this write-up will be handy for some of the people out there with the same problem. While this write-up is focusing on the HP LaserJet M1522 MFP printer I would expect the same approach to work on other faulty hardware.

Read more…

Hiding your data in plain sight – USB hardware hiding

September 29th, 2010 16 comments

—> The PDF version of this article can be found here.

This article will describe the possibility of hiding data in any kind of USB hardware. Even though USB data carriers come in various sizes and forms, which already sometimes makes them hard to recognize, this approach could even make it worse. Any USB device could be a data carrier and thus from a forensics point of view, any USB device should be taken into account when investigating a computer. Or, for example, from a company protection point of view, any USB device could be used to transport data out of the company.

The reason for writing this article is that the approach described in it has already been developed by me around 2007, while I was still working for the company Fox-IT. I presented part of this paper during a presentation I gave on the ENFSC 2007 congress, but since then I never made the full research completely public. I recently decided to redo my research and to work the idea out further. Since the information in this article is still current, I decided to spread the knowledge on it by publishing this article.

Read more…

iPod dock adapter for the Motorola Droid/Milestone

June 15th, 2010 80 comments

—> The PDF version of this article can be found here.

Motorola Milestone iPod dock adapterManufacturers of electronic devices don’t seem to be able to get a global standard on docking connectors, resulting in that you usually end up buying a new dock for every electronic device you acquire. In the past I bought multiple iPod docks (also see my other article about bypassing the Apple video out protection on older docks here), but I own more devices than just the ones from Apple. My current mobile phone is a Motorola Milestone (or Droid if you are from the US), which of course does not fit on an iPod dock. Not willing to buy new docks I decided to build an adapter to enable me to use my iPod docks with my mobile phone. This article will describe step-by-step how I have built this dock adapter.

Because I am from Europe (the Netherlands to be precise) my Motorola device is named a Milestone, but the whole article of course is just as applicable to the Motorola Droid. For the ease of use I will just refer to the ‘Motorola Milestone’ in this article from now on.

Since all the information in this document is gathered from the internet or analyzed by myself it could be that there are some errors in this document, I am sorry if that is the case. Any opinion expressed in this document is solely my own.

Read more…

Bypassing Apple’s Video Out protection for less than $5

January 13th, 2010 No comments

Modding an unlicensed iPod dock to get Video Out from an iPod Classic

—> The PDF version of this article can be found here.
iPod authentication chip small

Since Apple released the iPod Classic and the iPhone, they have included a new protection mechanism to protect their hardware from being used with certain iPod docks. The protection only lets the devices work to the full extent when using Apple approved / licensed / certified hardware.

Whatever the reason has been for this lockout of older hardware, in the end it means that any dock out there that doesn’t contain the special authentication can not be used with the new iPods/iPhones.

This document describes how to bypass this protection for the iPod Classic, with spending less than $5. It contains detailed instructions to do this mod yourself, the instructions show how to do this mod on the Altec Lansing inMotion iMV712 ‘Digital mini-theater speakers for iPod’, but the same approach should apply to any other dock out there. This mod works for the iPod classic, but might also work for the iPhone with a little adjustment.

Read more…