December meeting recap

Ngharo got this started with going around the room and asking everyone what they have been hacking and what they plan on hacking on next, then talking about some improvements to the dc414 server, such as how it is now fully IPv6 friendly and some improvements to the VPN. Then I gave a demo of how BeEF when used with Metasploit can pwn browsers from the inside out. dw5304 stepped in and showed us how to use the windows 7 UI on windows 8 with out having to worry about updates messing things up. Then Noize stepped up and gave us all a great introduction to Subterfuge, a MITM framework that utilizes arp attacks. Then I attempted to give another demo but failed, more on that later 😉 We spent the rest of the night drinking, eating cupcakes “thanx darkwinds wife” and loling at horror pics of server rooms and wiring closets. Congrats to Castor, Tony, and Peppergomez for winning the dc414 free junk giveaway!! Enjoy your junk guys 😛

We got $42 in donations which paid for the pizza and some of the beer with nothing left over for the server :/ which cost about $71 a month. Remember your donations are what keeps dc414 running smoothly for YOU!!!!

September meeting recap

Last meeting was awesome as always, we had some good demos and new faces which is always great. Ngharo started it off going around the room and asking ppl what they hacked last month and what they plan to hack next.

I gave my fakeAP demo to get credit card numbers or sniff traffic. The CC part failed :/ but the sniff part worked like a charm!! Then dw5304 gave a demo titled “Cable hacking for fun” and talked about how to get online anonymously with cable modems, getting almost unlimited bandwidth, modem cloning and lots more. Faraday came packing with some lithium ion batteries and big ass LEDs he gave out “to make flash lights out of” and stuff for making your capacitors which is always fun.

Then I spent the rest of the night drinking beer and yelling in to a ham radio, so I didn’t take any pictures. Congrats to uberushaximus for winning the dc414 free junk giveaway!

Here is a link to the github fakeAP pwnage project, it only works with Backtrack 5 and could use some improvement.
https://github.com/dc414/fakeAP_pwnage

Here is the slides to dw5304’s Cable hacking for fun:
https://skydrive.live.com/redir?resid=463779BB134E309F!375&authkey=!AF56QcP0xP4Ofco

August meeting awesomeness

Klaiviel started us off by giving us a nice show of binary key card hotel locks popular over seas, showed us a 3d printed key for one of his locks, explained pick proof locks from the 40s that are no longer used but highly effective and how to make them today using regular locks. Then he showed us why he is the second best key impressionist in the world, and made a working key for a lock right in front of us and giving us step by step instructions on how to do it our selves.

I stepped in and gave a quick demo of how I made our new and improved donations bucket which I will be making a blog post on later. Darkwind came packing with a alfa wifi antenna hooked up to a satellite dish! This made a killer directional wifi antenna, we took it up to the roof of bucketworks and got signals from all over including the moon 😛 Ngharo hooked it up to his lappy and cracked a few networks 🙂

After the roof party was over and we got back down stairs Castor gave a DEFCON20 badge hacking demo and showed us how to turn our badges into any other badge type we wanted, then showed us how to make the LEDs on the badge flash out words and stuffs. Then we all just started bull shitting and talking about up coming projects.

Cmoney couldnt make it out so I took a few picture that you can view here. Congrats to darkwind and faraday for winning the dc414 free junk giveaway!!

May meeting recap.

May’s meeting was off the hook, one of our best yet! Lots of new faces which is always nice, good demos, and good beer. Ngharo started it off by talking about the hackathon and THOTCON. Klaiviel did his lock master thing and said a few words about TOOOL. Darkwind gave a awesome demo on sniffing pagers. Its crazy to see all the pager traffic that is still out there. Then I showed off my Arduino windows attack tool and pwned a windows 7 box, There will a blog post about that later. Congrats to Genero for winning the dc414 free junk giveaway! I did take a bunch of pictures but my phone was full of fail and didn’t save any of them 🙁 so no pictures of the meeting this time, sorry. I promise to do better next time 😛 later.

April fun

Aprils meeting wasn’t for fools, it was for hackers 😛 It was another awesome meeting full of beer, pizza, lulz, and hacks. dw5304 got the night rolling with how to bypass windows 7 login password, then went on to talk bout how to pwn Time Warner internet! Then Klaiviel gave us a 101 style schooling on hand cuffs, tumbler, combo, and tubular locks and some others! He also covered some car locks, key impression and stuff. He explained the different picking methods and the tools of the trade. Ngharo and I topped off by giving the talk we have prepared for THOTCON! It went well but it is clear we need a little practice before the big event.

Here are some pictures from the meeting thanx to cmoney. Congrats to Klaiviel for getting so many achievements for the Lock Master badge in one night and to The Professor for winning the dc414 free junk giveaway!! He got a awesome CD/DVD/DVD-R external drive “lol”, enjoy!

Big winner of free dc414 junk 🙂

rootkit hidden in millions of cellphones

Another email just surfaced …

rootkit hidden in millions of cellphones

Rootkit found in Android, Symbian, BlackBerry, webOS and even iOS handsets …. but not windows phone’s

The rootkit belongs to a company called Carrier IQ and it seems that it has low-level access to the system that allows it to spy on pretty much everything that you do with your handset. This, on the face of it, seems like an extremely serious breach of security, privacy and trust.

The capabilities of the rootkit were first discovered by 25-year-old Trevor Eckhart.

Here’s a video showing how everything, including text messages and encrypted web searches, are being logged. It’s truly horrifying.

NOTE: At this point there is no evidence to suggest that keystroke data is being transmitted from the handset.

According to Carrier IQ the company is ‘not recording keystrokes or providing tracking tools.’ The video above seems to suggest otherwise.

When Eckhart initially labeled the software as a rootkit, Carrier IQ threatened him with legal action. Only when the Electronic Frontier Foundation stepped in did the company back off from this threat.

“Every button you press in the dialer before you call,” Eckhart says on the video, “it already gets sent off to the IQ application.”

Like I said earlier, there’s a version of Carrier IQ on Apple’s iOS, but it doesn’t seem to be quite the same and doesn’t seem to access as much information. Also, if you want to disable Carrier IQ on your iOS 5 device, turning off Diagnostics and Usage under Settings seems to be enough.

You might have noticed that I didn’t list Windows Phone 7 OS earlier. That’s because it seems that Windows Phone handsets don’t have Carrier IQ installed.

Here’s a video that explains some more about Carrier IQ. This video also contains a clip from a video by Carrier IQ’s vice president of marketing explaining how the company sees this as being completely legal.

 

[UPDATE: According to a statement from Apple to AllThingsD, Apple stopped supporting Carrier IQ with iOS 5.0:

“We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.”

When begs the question … what’s collecting all the information on the iPhone? Is this a mechanism developed by Apple for Apple?]

Bit shocked that your iPhone has that Carrier IQ logging feature built into the OS? You can switch it off … in fact, I’ve shown you how to do this before!

Here’s how!

Buried in the Settings menu is an option to choose not to send what Apple calls ‘diagnostic and usage data.’ This option is buried real deep:

Settings > General About Diagnostics & Usage

Here’s the screen you’re looking for:

Set this to Don’t Send and you can stop worrying about where your data is going and who’s looking at it.

Note that this feature is only present on handsets running iOS 5.0 or later (so the iPhone 4S and upgraded iPhone 4 and 3GS handsets.

Internet in Peril

Got this alarming email from the good folks at SavetheInternet.com and thought I should share it with the rest of you.

Dear dc414,

You’ve heard from me a lot recently about the “resolution of disapproval” (S.J. Res. 6) against Net Neutrality, which extremists plan to push through the Senate.

There’s a reason for all the emails: This dangerous resolution would hand over control of the Internet to companies like AT&T, Comcast and Verizon while stripping the FCC of any authority to protect users’ online rights.

The vote on this resolution could happen as early as next week. So we need you to be a part of Free Press’ national call-in campaign to make one thing absolutely clear to Congress: “Corporations can’t take the Internet away from us.”

Please pick up the phone now and call Sens. Herb Kohl and Ron Johnson. Tell them: “Don’t sell out our basic right to communicate online. Vote ‘no’ on the resolution of disapproval.”

We’ve created an easy-to-use “whiplist” that helps you make the call. Just enter your zip code, find your senators and click their names. We’ve also provided a sample call script should you need to use some talking points.

Here’s the thing our senators need to know: An overwhelming majority of Americans want an open Internet. Period. We don’t want corporations blocking what we say or do online. We want every website, from the biggies like Amazon and Google to sites operated by millions of small businesses and bloggers, to be treated the same, with no fast lanes for companies with deep pockets.

These are simple, common-sense demands, and it’s time our senators heard them.

So pick up the phone, call your senators and demand they vote “no” on this resolution of disapproval. We’ll follow up on our progress as we get closer to the vote.

Thanks for everything you do,

Josh Levy
Associate Campaign Director
Free Press Action Fund
SavetheInternet.com

So if you like the freedom of the net, call your senator now to preserve it, I already did. 🙂

My little hackers

I have a house full of little n00bs who have been “hacking” each other in the house lately. See we have one laptop in the house that the kids share in the living room and form time to time one kid will get up and not log out of the sites he/she were using and one of the others will sit down, see the sites open and leave little messages like “hacked by so and so”.

It all started when my oldest boy (19) liked a bunch of dick related stuff on my youngest boys (14) face book account. lol. They have even got cmoney a few times! Now normally i would yell at them for things like this but no one got hurt and they are learning a valuable lesson in technology that is normally learned at much greater coast. Plus it might spark an interest in security for them as well, at the very lest they are more aware of it.

So all in all i think its a good thing they jest in this manner, i just hope they keep it as such. One thing i know for sure is i will be scanning that laptop for key loggers on the regular now 😛

Stop mandatory data retention

Got this email from our friends at EFF:

Dear friends,

The U.S. House of Representatives is currently considering H.R. 1981, a bill that would order all of our online service providers to keep new logs about our online activities, logs to help the government identify the web sites we visit and the content we post online. This sweeping new “mandatory data retention” proposal treats every Internet user like a potential criminal and represents a clear and present danger to the online free speech and privacy rights of millions of innocent Americans.

Please, contact your Representative today and ask them to oppose this dangerous bill:
https://secure.eff.org/site/Advocacy?cmd=display&page=UserAction&id=497

Thank you for all that you do to help us safeguard online rights,

Rainey R., Richard E., Eva G. and the rest of the team

Help dc414 and the EFF stop mandatory data retention, contact your Representative and spread the word!

Aaron Swartz indicted.

Got this email from the good group of people at Demand Progress:


Shocking news: Moments ago former Demand Progress Executive Director Aaron Swartz was indicted by the US government. As best as we can tell, he is being charged with allegedly downloading too many journal articles from the Web. The government contends that downloading so many journal articles constitutes felony computer hacking and should be punished with time in prison. We disagree.

Will you click here to sign our petition of support for Aaron?

The charges are made all the more senseless by the fact that the alleged victim has settled any claims against Aaron, explained they’ve suffered no loss or damage, and asked the government not to prosecute.

James Jacobs, the Government Documents Librarian at Stanford University — where Aaron did undergraduate work — denounced the arrest: “Aaron’s prosecution undermines academic inquiry and democratic principles,” Jacobs said. “It’s incredible that the government would try to lock someone up for allegedly looking up articles at a library.”

Will you click here to show your support for Aaron?

Thanks for your support and concern as we help see Aaron through these tough times. We’ll keep you updated.

— The Demand Progress team

This is just unreal and needs to be stopped here! Help Demand Progress and end this kind of crap for good!! Also if you can Demand Progress needs donations to fund their fight. Anything will help im sure, see their site for more details on that.