AndrewNohawk

Security

Sec related jazz

CodingRadioRTLSDRSecurity

Hacking fixed key remotes

Previously I discussed using my RTL-SDR to merely listen for analog audio signals. In this entry I’ll discuss using it to decode digital signals (this example on fixed remote signals often used for garages / gates ) so that they can be replayed/brute forced with something like the RFCat project (based on TI’s CC1111EMK module)….

CodingHardware HacksSecurity

Magnetic stripes Part 1

Intro So its been nearly a month since I last put a blog post up and I have been working on some stuff in my free time between work (been traveling to the US and took a weekend off to visit some friends in Canada). I’m not particularly in the mood to write a new…

Security

Alternate DNS Names in Certificates

I know, its been forever since I posted, but I do have two things i’m working on (there are drafts, but they need to be finished) – Its just the effort to actually finishing. Its on Magstripe spoofing and using the RTLSDR -shrug-. Anyway, a discussion started in #zacon based on a post I thought…

CodingPastebinSecurity

PasteLert v2!

The Quick and dirty: New PasteLert lives at http://andrewmohawk.com/pasteLertV2/ Downloads: » Interface -> http://andrewmohawk.com/pasteLertV2/src/pastelertv2_Interface.zip » Cron Tasks -> http://andrewmohawk.com/pasteLertV2/src/pastelertv2_Cron_Tasks.zip » Scraping Script -> http://andrewmohawk.com/pasteLertV2/src/pastelertv2_Python_Scraping_Script.zip And of course if you want everything -> http://andrewmohawk.com/pasteLertV2/src/pastelertv2_all.zip Overview My linode has been pretty much falling over due to the previous version of the pastebin alerts for a number of…

CodingSecurity

Joomla 2.51 Blind SQL Attack

<responsible_disclosure> Before i discuss this, let me just say that the bug has been patched (was in 2.5.1) and at the time of writing this Joomla is already 2 increments away –  2.5.3 is currently available. </responsible_disclosure> Overview So back in the dark ages of my programming life I, like many people who started coding,…

CodingSecurity

FireBridges, proxies that burn!

Overview   I’ve always been semi interested in botnets/trojans and targetted attacks and the way they get their data in and out and how the command and control centres work. One of the things i’d usually do is see if I can determine where the traffic is going from the bot (infected machine) and this…