Menu
Ploštice môže mať doma ktokoľvek. Čistota vám nepomôže, len dezinsekcia. Alebo obhliadka proti odposluchom ?

Ploštice môže mať doma ktokoľvek. Č…

Ploštice môže mať doma kt...

Aby komáre neštípali, stačí lacná pasca na prírodnej báze, alebo ponuka odpudzovače -  plasice.sk

Aby komáre neštípali, stačí lacná p…

Aby komáre neštípali, sta...

Na likvidáciu slimákov sú prieborníčku kačice z Indonézie

Na likvidáciu slimákov sú prieborní…

Na likvidáciu slimákov sú...

GSM rádio rozhranie, GSM slot & burst

GSM rádio rozhranie, GSM slot &…

GSM rádio rozhranie, GS...

GSM sieťové rozhrania

GSM sieťové rozhrania

GSM sieťové rozhrania - ...

Architektúra siete GSM

Architektúra siete GSM

Architektúra siete GSM ...

GSM: Globálny systém pre mobilnú komunikáciu- Tutoriál

GSM: Globálny systém pre mobilnú ko…

Tutoriál o základoch GS...

Predstavujeme startup firmu z východného Slovenska Market.sk & Sigint.sk Vaša ochrana informačných dát

Predstavujeme startup firmu z výcho…

Predstavujeme startup fir...

Softvér zadarmo: ako skopírovať text, napríklad aj z obrázka

Softvér zadarmo: ako skopírovať tex…

Máte text v obrázku, dial...

Zavoláte si z lietadla a už o vás vedia. Tajné služby špehujú telefonáty

Zavoláte si z lietadla a už o vás v…

Americká Národná agentúra...

Prev Next
Slovak Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish

Implementácia prelomenia Keeloq - šifra používaná v autách, je prelomiteľná ?

Na Slovenskom trhu je firma, ktorá propaguje projekt na prelomenie technológie Keeloq. Samozrejme na projekte nie je nič nelegálne, našim cieľom je skôr upútať a pomôcť skonštruovať funkčnú implementáciu demonštrácie prelomenia technológie Keeloq (šifra používaná v autách Chrysler, Daewoo, Fiat, GM, Honda, Toyota, Volvo, Volkswagen Group, Jaguar). Viac informácií – A Practical Attack on Keeloq I, A Practical Attack on KeeLoq II, A Practical Attack on Keeloq (paper).

Možnosť prečítať Keeloq komunikáciu pomocou USRP2/GNURadio. Samotné USRP rádio a VF technológiu máme na Slovensku už k dispozícii. Takže v testoch nič nebráni. Je skôr problém nájsť na testy schopných ľudí a ľudí, ktorí nás presvedčia, že to zvládnu do zdarného konca. Nájde sa niekto komu sme schopný pomôcť a zapožičať kompletný hardvér a za oplátku nám odovzdá funkčný projekt ? Odmena ? Možno cena samotného zapožičaného hardvéru. Je to na Vás.

 

Spomenutý digitálny prijímač má už v jednom kuse zapožičaná skupina H4f. Ako sami popisujú jedná sa o lukratívny kus hardware pod názvom USRP. Krátka zmienka padla v článku GSM fail, v ktorom popisovali možnosti využitia tohto zariadenia. Po krátkej chvíli administrátor H4f vyriešil závislosti a inštaláciu GNU rádio na komunitnej verzii BackTrack 4 CZ c00k. K dispozícií bude niekoľko deb balíkov pre GNU radio, OpenBTS, Airprobe, Asterisk, Kraken a pár ďalších podporných nástrojov. Po sérii testov na systéme BackTrack 4 c00k plánujú vytvoriť komunitnú unikátnu verziu tejto Linxovej distribúcie pre analýzu GSM, resp. Live CD pre USRP.

 

USRP1 ->> USRP PKG, HDW-U1, TVRX, DBSRX2, 2x RFX900, VERT 400/1200, VERT 900, SMA-SMA, SMA-Bulkhead, MCX-Bulkhead, F-Bulkhead.

 

Čo viac si môžeme u Nás v EU priať ? Snáď viac takýchto firiem, ktoré sú ochotné a schopné podporiť aj finančne náročné projekty a to špičkovou novou VF technikov. Škoda, že firmy, ktoré majú napr. k dispozícii OLD VF hardvér, nie sú ochotné ho darovať mládeži, skôr skončí v zberných surovinách. Veľa krát sa pritom jedná o pekné vysokofrekvenčné kúsky, kde pre optimalizované testy by úplne mohli postačovať pre zábavu a testy pre ľudí, ktorých to zaujíma, alebo nemajú dostatok financií na realizáciu svojich projektov. Pomôžte im získať to, čo nikde legálne nezískajú. Veď kto sa legálne dostane k vyradenej OLD GSM BTS stanici ? Niečo z vyradeného VF hardvéru sa dá využiť aj po dobe samotnej životnosti. Ďakujeme. Táto e-mailová adresa je chránená pred spamovacími robotmi. Na jej zobrazenie potrebujete mať nainštalovaný JavaScript. ...

USRP 101: Unlocking Wireless PC Locks (and freeing dolphins)

 

Have you ever seen one of these “USB Proximity PC Locks” before and thought “There’s NO way that piece of junk is secure”… turns out, you were right.

We had a little office challange recently to break this system, just for fun, and along the way document our Universal Software Radio Peripheral (USRP) which I’m still just starting to get to know. By now, I figure most of our readers would be familiar with the OpenBTS Project which uses an USRP to impersonate a GSM base-station. While this is an impressive use of the hardware at a fraction of the cost of a comercial base-station, the USRP can also be used to impersonate less functional and almost worthless priceless equipment… like that USB proximity lock.



First things first, we need to get one of these locks ourselves. Surprisingly, I got one of these as a gift from ThinkGeek years ago and you can still find them on eBay and a few other sites. I was missing the drivers for mine, but you can still find a copy online. I installed it in an XP virtual machine and paired the remote with the USB dongle. Now anytime the remote was powered down or more than 30 feet away, the lock screen with these pretty dolphins was displayed.

Wireless Lock "lock" screen on XP

What I needed to know next was the approximate frequency. which the remote used to send data to the dongle and unlock the computer. My goal was to capture this transmission with the USRP, then replay the signal when the remote was turned off or out of range. Unfortunately the documentation that came with the wireless lock was pretty silent on what it used to do this. Given the device is so old, I doubted it would use BlueTooth, so I started to look through the installed application files for clues. The application is sold to be re-branded by many companies, but the string “Copyright (C) 2003 Dritek System Inc” in the HIDRead.dll seems to point to the actual manufacture. The USB dongle installed as a HID device under Windows, but the driver does not appear to say anything about the frequency which the dongle and the remote communicate. Neither does the documentation with the driver nor the PDFs I found online. However, one EBay post did contain an image of the back packaging which seems to have “FCC 434Mhz”. This matches the unlicensed spectrum that is commonly used for remote keyless car unlocking and garage doors.

This was also backed up when the remote device was taken apart. There are 2 main chips on the remote I was interested in, one labeled “NDR 550″ and the other “MDT10P55B1S”. Some surfing around leads to the NDR550 being from “Najing Electronic Devices Institute” which list this as a One Port Resonator which operates at 433.92 Mhz. Also looking at the remote’s PCB near the battery there are markings “315″ and “434″. Mine had a blue pen marks next to the “434″ text which falls within the range of the WBX board in our USRP.

Wireless PC Lock Remote

Using the GNU Radio spectrum analyzer around the 433.92Mhz frequency with our USRP N210, we do in fact receive a signal when the unlock remote is powered up and transmitting. The “uhd_fft.py” script comes with GNURadio UHD package. While the GUI was a bit unstable on my system, command line parameters worked well.

uhd_fft.py -f 433.9M -A TX/RX

USRP FFT

The next step was to capture the signal coming from the remote to the dongle. While far from stealthy, the Log Periodic antenna we had from WA5VJB works for 400-1000MHz ranges. So with a bit of gain tweaking and proper timing, we were able to snag a good complex capture of the signal out of the air. Again, GNU Radio makes this easy with the “uhd_rx_cfile.py” script.

uhd_rx_cfile.py -f 433.9M -A TX/RX -g 35 outfile.dump

Then it was time to replay the signal. To do this, we wrote a GNU Radio Companion (GRC) file. I’d recommend looking at the OZ9AEC GRC examples if you’re new to GRC and have a UHD device like our N210. However, this replay script was so easy you could basically point and click to get it working. You’ll need just one source (something that will generate a signal in this case) and one sink (something to transmit the signal). The source was the file we had just captured which we sent to the UHD: USRP Sink. Set the sample rate to match that of the capture (default 1M), the center frequency (433.9 MHz in this case), and adjust the gain depending on your antenna and range. We set the file sink to repeat so running the script would continuously replay the unlock command to the dongle. From there, simply execute the script and watch the PC unlock (Go free my dolphin friends!)

GRC Transmit from File

We also looked at unlocking the system using a Teensy USB development board as a fake dongle (Sid, I want my Teensy back!). We plan to have a follow up post on that, but if you start looking though the registry and configuration settings for this wireless lock, you’ll notice some data looks strange. The “SqrtyKey.Cfg” file and HKLMSOFTWAREKeyMarkWireless PC LockPassword Answer registry setting are encoded with a transposition cipher. It shouldn’t take you long to figure out the pattern, so once you have, you can use the python script below to save you some decoding time. UNencode Dritek System Inc encoding (update: link should now work) (update 2: the maddman posted an awesome clean up of the script for Python 3 here)

So there you have it. Want to defeat a $20 wireless PC lock? All you have to do is spend $2500 on USRP hardware ;-)

~Corey and Max

 

 www.sigint.sk tam kde nakúpite aj to, čo potrebujete k danej akcii. 

Naposledy zmenenésobota, 15 február 2014 23:51

57 komentáre

  • Johnnieimalm
    Johnnieimalm streda, 26. júl 2017, 00:03 Odkaz na komentáre

    Howdy! good online pharmacy reviews good web site.

  • Johnnieimalm
    Johnnieimalm utorok, 25. júl 2017, 04:25 Odkaz na komentáre

    Hi there! online pharmacy tech program good website.

  • JosephSteer
    JosephSteer sobota, 22. júl 2017, 16:57 Odkaz na komentáre

    buy cialis 20 mg online
    cialis online
    do you need a prescription to buy cialis
    cheap cialis online
    can cialis pills cut half

  • LarryDurne
    LarryDurne piatok, 21. júl 2017, 13:40 Odkaz na komentáre

    Howdy! fluoxetine very good internet site.

  • LarryDurne
    LarryDurne piatok, 21. júl 2017, 03:08 Odkaz na komentáre

    Hi there! purchase prozac online good internet site.

  • BrianMeddy
    BrianMeddy štvrtok, 20. júl 2017, 07:46 Odkaz na komentáre

    Hi! purchase generic clomid great web site.

  • BrianMeddy
    BrianMeddy štvrtok, 20. júl 2017, 02:59 Odkaz na komentáre

    Hi! purchase clomid online no prescription very good web page.

  • PhilipGed
    PhilipGed sobota, 08. júl 2017, 23:40 Odkaz na komentáre

    Howdy! on line medication without a perscriptrion beneficial website.

  • WilliamEvale
    WilliamEvale nedeľa, 02. júl 2017, 04:28 Odkaz na komentáre

    Hello! viagra online good site.

  • BertramDiz
    BertramDiz piatok, 30. jún 2017, 14:33 Odkaz na komentáre

    Hello! buy ed drugs no rx excellent site.

Napíšte komentár

Presvedčte sa prosím, že ste vložili všetky požadované informácie označené hviezdičkou (*) . HTML kód nie je povolený.

návrat hore