Plug this tiny stick into a Motorola / Samsung phone and retrieve all their data in one fell swoop – contacts, emails, sms messages, deleted stuff, anything. Now retailing for around $200,-. More phone models to follow ASAP.

The videos after the jump show exactly how easy it is to hack the voting machines. It’s not just in an isolatied system that it’s possible.

Well, due to the trusting relationship of BGP routing peers it turns out you can reroute a whole load of traffic fairly easily if you have a BGP router.

So after having had 3000 new blank ‘unbreakable’ passports stolen during delivery from the truck, they’ve (well, specifically, Jeroen van Beek of the UvA) now discovered that the passports can be cloned and altered (eg. have digital images inserted on them or other different biometrics, such as thumbprints, eyeprints) within a few minutes. The fraudulent passports are verified as ‘real’ by the official software and equipment used to verify them.

So this is what we all had to fix for: basically a cache poisoning attack.

Hacking At Random 2009 has just been announced and the first post is on the wiki!

Kris Kaspersky claims to have found an exploit which he plans to release into the wild with working proof of concept code at the upcoming Hack In The Box in Malaysia.
He claims that every intel box ever made is vulnerable, OS independent, as long as it’s running TCP/IP or javascript.

It’s been fixed though and everyone SERIOUSLY needs to patch this.

s. Specific domains that were hijacked included “icann.com ” “icann.net ” “iana.”

By changing the DNS entries! How cheeky can you get?! Well done netdevilz

The Image Fulgurator is a device for physically manipulating photographs. It intervenes when a photo is being taken, without the photographer being able to detect anything. It intervenes when a photo is being taken, without the photographer being able to detect anything. The manipulation is only visible on the photo afterwards. The manipulation is only visible on the photo afterwards.

In principle, the Fulgurator can be used anywhere where there is another camera nearby that is being used with a flash. In principle, the Fulgurator can be used anywhere where there is another camera nearby that is being used with a flash. It operates via a kind of reactive flash projection that enables an image to be projected on an object exactly at the moment when someone else is photographing it. It operates via a kind of reactive flash projection that enables an image to be projected on an object at exactly the moment when someone else is photographing it. The intervention is unobtrusive because it takes only a few milliseconds. The intervention is unobtrusive because it takes only a few milliseconds. Every photo another photographer takes of an object at which the Fulgurator is also aimed is affected by the manipulation. Every photographer takes another photo of an object at which the Fulgurator is also aimed is affected by the manipulation. Hence visual information can be smuggled unnoticed into the images of others. Hence visual information can be smuggled unnoticed into the images of others.

Basically it projects ghosts into digital images unnoticeably.

There are a couple of *NIX distributions out there that come on a CD with loads of hacking and cracking tool. None is officially released by Microsoft. Untill now. COFEE (Computer Online Forensic Evidence Extractor) is a USB stick with allegedly over 100 tools and a mouseclick away from hacking your base, some of it by ransacking your live RAM. It’s distributed to law enforcement all over the world, and MS denies that it uses the MS backdoor.

There’s loads more to find out there on Google.

Guitar Hero TIP Guide

Microsoft has announced that it won’t be prosecuting hackers who hack their legally owned software on their own hardware. As soon as they hack illegal copies or on other people’s hardware, they’re in trouble. They are trying to get hackers to come forward with problems with their products before the hacks are leaked into the wild. What is this, Microsoft becoming the good guys?!

This is copy/paist of: http://www.worldofraids.com/ just thougt some ppl might wana try this.

Gfx enhancement macro: WoW will look better

Some players found a way to improve WoW graphics by manipulating several console commands. The following macro will do the job:

/console farclip 777
/console horizonfarclip 6226
/console groundeffectdensity 256
/console groundeffectdist 140
/console smallcull 0
/console skycloudlod 3
/console characterambient 0

You have to restart WoW for some of the effects to be used.

What does this do?

• The vegetation can be seen from miles away (grass flowers etc) plus there seems to be FAR more of it.
• The “bloom” effect seems to be more vivid.
• The view distance is greatly increased.
• Everything seems to be more sharp and crisp.
• The weather effects appear to be more intense.

See below for some examples:

http://www.worldofraids.com/2008/april/terokkar.jpg
http://www.worldofraids.com/2008/april/darkshorem.jpg

However depending on your hardware you might encounter some fps issues (low framerates), so here is the macro to revert the changes (you can also go to video options and pull all the detail options to minimum):

/console groundEffectDensity 16
/console groundEffectDist 1
/console horizonfarclip 1305
/console farclip 177
/console characterAmbient 1
/console smallcull 1
/console skycloudlod 1
/console detailDoodadAlpha 1

Keeloq is used in loads of types of cars. This site shows you how to crack a key in under an hour and then generate new keys fairly easily.

De broncode van de mmo Eve Online is uitgelekt. De code van de client van het spel is onder andere via torrentsite The Pirate Bay te downloaden. Ontwikkelaar CCP bant iedereen die de code binnenhaalt.

………………….Bovendien wil deze gamer weten waarom CCP geen detectieroutines in de client heeft ingebouwd en dus alleen vanaf de servers op bots jaagt: de broncode van Eve Online is eerder uitgelekt en CCP zou sindsdien nauwelijks maatregelen hebben genomen tegen de bots die het spel teisteren. De helpdeskmedewerker vertelt daarop dat CCP de voorkeur geeft aan het maken van uitbreidingen van het spel en niet aan veiligheid…………….

Official URL Link

Youtube presentation video link of Wii Hack.

Youtube Video Link

Ouch – that must hurt when you’re the German minister of the interior and as you’re pusing biometrics left, right and centre, the CCC publishes not only your fingerprint, but your fingerprint on a transparent plastic film so that people can easily pretend to be you!

That means at the very least changing the fingerprint lock for your next car, mister!

IntelGuardians

IntelGaurdians has released DaisyDukes, an app you can put on your USB device and remove passwords stored in the memory of locked windows or linux machines. It was only a matter of time. Link goes to the register, not the app.

The new version also copies the BD protection.

The RFID hacks keep coming fast and furious — hot the heels of that Mifare / Oyster Card exploit, the crew at BoingBoing TV has posted up a little demo of how easy cracking the RFID encryption on an American Express card can be. All it takes is an $8 dollar reader easily available on eBay, some software, and the courage to walk around with a laptop waving plastic boxes at people’s butt pockets, but developer Pablos Holman says he’s hoping to develop a newer version that will allow him to be a little more discreet. The root of the problem is apparently the fact that the system uses local decryption rather than sending card info to a secure data center, but either way we’ve been worried about this for a long time — we’re sticking to loose change and the barter system from now on.

RFID credit cards easily hacked with $8 reader – Engadget

Dorks are people who do things stupidly enough that they end up putting valuable information on the internets in such a way that google finds and indexes them.

The Google Hacking Database has a whole list of dorks you can search google for.

The Cult of the Dead Cow (CDC) has been around for ages and has now built the Goolag scanner, which automatically scans for dorks.

Then you can connect any Linux PC running winlockpwn to it and bypass the login prompt. Using bioskbsnarf you can read the BIOS password. The paper on how to do it is called “Hit By A Bus: Physical Access Attacks with Firewire (as performed at Ruxcon 2k6)” and can be found here too.

This is Vista ripped open – how to properly bypass the signup procedure.

A simple and cheap method to hack into pin machines and gather the information you need to clone a card and have the PIN number. This works because there is no encyption of the data on the line you can tap.