The CCC has published all the talks from the 28th Annual Chaos Communications Congress. Watch all of the freshly published talks from 28c3 – Hack a Day.

Due to poor implementation a brute force attack can be mounted which only has to guess the first half of the pin. This means there are only 11000 combinations to guess in total and each guess takes around 1.3 seconds. There is no mechanism in routers to disconnect a user after so many failed login Read more about Cracking WiFi WPS in < 4 hours[…]

Karsten Nohl / Luca Melette explained how it works at the Chaos Computer Club Communication Camp 2011. Camp 2011: GPRS Intercept. A simpler tutorial can be found here – Download sources into ~/gprs_sniffer git clone git://git.osmocom.org/osmocom-bb.git git clone git://git.osmocom.org/libosmocore.git git clone git://git.srlabs.de/gprsdecode.git wget http://srlabs.de/dl/gprs_multi.patch – Download ARM cross compiler wget http://gnuarm.com/bu-2.15_gcc-3.4.3-c-c++-java_nl-1.12.0_gi-6.1.tar.bz2 tar xf bu-2.15_gcc-3.4.3-c-c++-java_nl-1.12.0_gi-6.1.tar.bz2 – Read more about GPRS Interception – how to sniff 2G mobile data[…]

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the Read more about sqlmap: automatic SQL injection and database takeover tool[…]

Sneaky Command-Line Fu: Reset the Password with the System Rescue CD If you need access to the operating system itself, the Linux-based System Rescue CD is a good option for breaking in. You’ll need to do a bit of command line work, but as long as you follow the instructions closely you should be fine. Read more about How to Break Into a Windows PC[…]

Exclusive: Computer Virus Hits U.S. Drone Fleet | Danger Room | Wired.com.

“BEAST is different than most published attacks against HTTPS,” Duong wrote in an email. “While other attacks focus on the authenticity property of SSL, BEAST attacks the confidentiality of the protocol. As far as we know, BEAST implements the first attack that actually decrypts HTTPS requests.” via Hackers break SSL encryption used by millions of Read more about SSL hacked and decrypted using BEAST[…]

with the plastic PIN pad, it was even possible to determine from the heat signatures not only the numbers pressed but also the number order. via Stealing ATM PINs with thermal cameras | Naked Security.

Android app logs keystrokes using phone movements • The Register.

respawn_redux.

Bitcoin is not inherently anonymous. It may be possible to conduct transactions is such a way so as to obscure your identity, but, in many cases, users and their transactions can be identified. We have performed an analysis of anonymity in the Bitcoin system and published our results in a preprint on arXiv. via An Read more about An Analysis of Anonymity in the Bitcoin System: Bitcoin is not Anonymous[…]

Security researcher Charlie Miller has announced that he has found a way to hack the chips that control the batteries in Apple’s MacBook, MacBook Pro, and MacBook Air. Using these chips, he was able to brick (or ruin) batteries, or even install persistent malware that would survive a physical hard drive change. via Charlie Miller Read more about Charlie Miller Finds Way to Hack MacBook Battery | News | The Mac Observer[…]

DVD Player and Blu-ray Player region codes – VideoHelp.com.

KinectNUI is a Natural User Interface for Windows, built on the Kinect SDK. If you have a Kinect and a modern Windows PC, you should be able to get it to work. via KinectNUI: Kinect SDK NUI Hack.

Groovedown – Grooveshark.com Downloader.

On June 16, 2011, LulzSec released over 62,000 accounts containing emails and passwords in cleartext obtained from random sources. LulzSec announced the release in a Twitter post at https://twitter.com/#!/LulzSec/status/81327464156119040. The table below is the list of these accounts. Passwords have been partially masked to protect the users from further attacks. LulzSec cleartext passwords.

“The following new elements [should include] penalisation of the production and making available of tools eg, malicious software designed to create ‘botnets’ or unrightfully obtained computer passwords for committing the offences [of attacks against computer systems],” the Council of Ministers said in a statement pages 18-19 of 38-page/176KB PDF. The real problem with this, is Read more about European Council: Creating hacking tools should be criminal across EU. Idiots.[…]

1234, 0000, 2580, 1111, 5555, 5683 (spells LOVE), 0852, 2222, 1212, 1998 via These Are the Most Common Lockscreen PINs – Lifehacker.

gpedit.msc isn’t available for windows home versions. Because it’s basically just a frontend for the registry, you can download an excel spreadsheet with the gpedit settings next to the correct registry entry from Microsoft. Download details: Group Policy Settings Reference for Windows and Windows Server.

This looks like an easy to install, comprehesive and easy to use frontend for your snort logs based on Ruby on Rails. Snorby – All About Simplicity.

Internet probe can track you down to within 690 metres – tech – 05 April 2011 – New Scientist.

The pensioner was digging for scrap metal when she hacked into a fibre-optic cable which runs through Georgia to Armenia, forcing many thousands of Internet users in both countries offline for several hours on March 28. via 75 year old killed Georgia, Armenia internet – Times LIVE.

Attackers breached the servers of RSA and stole information that could be used to compromise the security of two-factor authentication tokens used by 40 million employees to access sensitive corporate and government networks via RSA breach leaks data for hacking SecurID tokens • The Register.