The Edge of I-Hacked

from MAKE: Blog

One of the frustrating things about traveling is the obligatory pay-wireless that so many hotels and airports provide. If you check your mail at the airport and again at the hotel, it’s pretty easy to run up charges equivalent to a month’s worth of broadband, not to mention that you have to give your credit card to an unknown access provider affiliate.

There are two traditional ways of getting around the captive portal: tunneling IP over DNS and tunneling IP over ICMP.

In most situations, the firewall will be set up to block or proxy all TCP traffic, and all HTTP requests are redirected to the authentication server that wants you to enter a credit card. DNS lookups and ICMP traffic ping, for example are quite often left untouched, however, allowing you to use these services to move data through a remote computer under your control.

The basic setup is the same for both scenarios, and you can use the same server as a DNS and ICMP proxy. All you’ll need is a public DNS server that you can manage and another server with a static IP that you can access remotely. Thomer Gil has written two excellent howtos, one for using NSTX IP-over-DNS, and the other for using ICMPTX IP-over-ICMP. Follow the guides, install and configure the two packages, and you can get free access in a pinch from just about anywhere.

NSTX (IP-over-DNS) HOWTO
ICMPTX (IP-over-ICMP) HOWTO

via PaulDotCom: Archives.

One of the great things about Shmoocon is the ability to provide instant feedback to the presenter, while the presentation is happening. Ever been to a conference or presentation where you just knew there was something “rotten in Denmark”, or you wanted to make a point about some minute, but essential overlooked detail? Shmoocon enables and encourages every attendee to tall the speaker to task: They provide a foam stress ball (aka a Shmooball) at registration for each attendee (and offer more for sale, proceeds going to charity). The organizers encourage you to throw them at the presenters when you have a point to make, or when you think that you’re being sold a bill of goods.

As a result, the closing ceremony of the conference has typically found the Shmoo group founder, Bruce Potter, amidst a barrage of shmooballs. Why? Because the attendees could.

In 2007, a group of folks unveiled their Shmooball cannon at closing ceremonies and unloaded at Bruce. It was multi-shot, made from PVC and a 2-stroke leaf blower. It was a great concept, but it was smelly and not incredibly efficient.

This is when I had thoughts of doing better. In 2008, I created a version that was much like a shoulder fired grenade launcher. In 2009, I decided I needed to take it up a notch.

This is the story of the building of the 2009 Shmooball cannon.

If you are in the Kansas City area and are interested in forensics, I would HIGHLY suggest checking out this new offering from SANS. We dont get any kickbacks for advertising this, but the instructor (Dave Hull) is a good friend of I-Hacked’s and is well known in the forensics world. This would be a great opportunity to either gain new or polish your existing forensics skills!

SANS is bringing Security 508: Computer Forensics, Investigation, and Response to your local community in our popular Mentor hands-on format!
Beginning on May 14, SANS Mentor Dave Hull will be leading this class in Kansas City, Kansas. For complete course details, please click on http://www.sans.org/info/34748.

Why Choose the Mentor Program?
The Mentor Program, http://www.sans.org/info/34753, consists of small, locally run, 10 week classes utilizing the same great SANS courseware presented at the larger conferences. This unique program opens SANS training up to students with family or work commitments necessitating a more flexible option. Mentored students report several major benefits of this format including: cost savings, time to digest the material, convenient evening classes, small groups, a Mentor “coach”, and community networking.

from Creative Freedom Foundation creativefreedom.org.nz
Join The New Zealand Internet Blackout to protest against the Guilt Upon Accusation law ‘Section 92A‘ that calls for internet disconnection based on accusations of copyright infringement without a trial and without any evidence held up to court scrutiny. This is due to come into effect on February 28th unless immediate action is taken by the National Party.

learn more about the song

Join thousands of New Zealanders already against this law by blacking out your Facebook photo, your websites, your Myspace pages, your Twitter account, in protest against this unjust new law that may come into effect on February 28.

Just use this image (Right-click, Save-As) with the text:”(your name) is blacked out: Stand up against “Guilt Upon Accusation” for New Zealand http://creativefreedom.org.nz/blackout.html”

from NetworkWorld.com Community

With only 100 compromised ATM cards thieves were able to grab $9 million bucks from the banking system in a new style of attack. Law enforcement sources told Fox 5 it’s one of the most frightening well-coordinated heists they’ve ever seen. “We’ve seen similar attempts to defraud a bank through ATM machines but not, not anywhere near the scale we have here,” FBI Agent Ross Rice told Fox 5. “We’ve never seen one this well coordinated,” the FBI said.

How did the hackers steal $9 million in one 30-minute time period using only 100 ATM cards you ask? That shouldn’t be possible given the daily limits usually about $500/day placed on all ATM cards. Well it turns out that the hackers applied military like precision to old ATM Scam techniques and added a touch of devious ingenuity to pull this one off. Here is a look at how the theft was perpetrated.

First, the bad guys had to obtain the ATM cards. To accomplish this they hacked into RBS WorldPay and stole at least 100 payroll cards. According to RBS WorldPay, “Payroll cards are used by a growing number of U.S. firms to pay wages to employees. A payroll card is a reloadable stored value card that can be used at any point of sale that accepts credit and debit cards.”

from Deadspin

Never fear America: The FBI is making sure that there will never again be an incident of Super Bowl TV porn. However, all anthrax letters will be delivered as usual.

Don’t tell me that you’ve already forgotten how about 30 seconds of a porn movie made its way onto the Super Bowl broadcast shown to about 80,000 Comcast cable subscribers in the Tucson area. Comcast is saying that it was “a malicious act” perpetrated by an outside party (those terrorist bastards!), and have vowed to catch the culprits.

But so far, the hacker(s) have eluded the net. So in comes the FBI’s renowned TV porn squad.

From JestinStoffel.com

For any of you who saw the labywiinth at the HacDC party, here is a GREAT post on the difficulties we had getting it to work as well as it did. Make sure you pay attention to the time-stamps in the email. Just FYI the setup at HacDC started at 6pm on Friday. (PLENTY OF TIME!!)

Anyone who has been reading this blog will know that I have been working on a labyrinth game that is controlled by a Nintendo Wii Balance Board. We made a YouTube video that got a few hits when we released it, and it gained some recognition in the hacker/diy community. Fellow member of my local hackerspace, hevnsnt, had inquired about taking the device to the Shmoocon convention in Washington D.C., but ended up deciding to leave it here in Kansas City. Well, the Tuesday before the conference, hevnsnt had a change of heart:

from hevnsnt
to Jestin Stoffel, SomeoneKnows
date Tue, Feb 3, 2009 at 2:35 PM

I am starting to regret our discussion at last thursday’s meeting where I said I didnt want to take the labyrinth to shmoocon (D.C.), and I would like to talk it out with you.

Last night I put out a post on twitter informing that the Shmoocon ATM had been compromised, and everyone who had used it should cancel & reissue their cards. This of course got retweeted a bunch, and then FINALLY some security people started commenting that we should have some evidence before they take action.

So some may have seen the ATMs in the hotel were “tagged” with this prank and thought that THIS was the compromise I was referring to.

Making Faces is illegal.

This was funny, and I have a pretty good idea who put it there. (and really if it was “them” I would think twice of touching that ATM anyways) But it was not a compromise.

@surbo and I were running late to the airport, and the taxi driver wouldnt take a card. Having spent all our cash the night before, we ran over to the ATM located in the main hallway of the Marriott (across from the hotel convenience store) and I tried the ATM. It was acting very odd, it was taking about 5 minutes to change screens, and it was NOT TAKING MY PIN on my card, and occasionally told me that it could not read the card. I got a very bad feeling, but I was in a hurry, so I tried another card. Same story — acting weird not taking my pin. I asked Surbo to give it a go, and this time it took his pin, but it was still acting weird.

Surbo then did something that made us both say “F&^K”. He pulled the facepanel down off the ATM exposing the internal computer and authentication “dialer”, someone had either picked or left the panel unlocked. (the safe panel ($$$$) remained locked). The electronics that control the authorization of funds were easily accessed. You can imagine what an person of “low moral standards” could have benefited from this situation.

Right about the time that Surbo pulled the front panel down, Mouse came strolling by and said “Boys! What are you doing!?” It didnt look good, and since we had already had some run-ins with hotel police we immediately put it back and made sure it was reported. We didnt take any pictures because we didnt want to be any more involved than we already were. I am sure you can understand that although we pull some harmless pranks here or there, ATM fraud is not up our alley.

So, Do I have evidence that if you used that ATM that your card numbers & pin were exposed and/or recorded? No, in-fact I did not see any suspicious looking equipment inside that would indicate that it had, however the security of the ATM was compromised and the potential was definitely there. Don’t risk it, if you used this ATM, please call your bank and get your card reissued.

Update: I have now learned that the ATMs were using the default admin password. (crap see comments below)

from AppleInsider

Wired’s Brian X. Chen posted a video podcast to the Gadget Lab blog on December 1st that demonstrated the installation of an “illegal, hacked version” of Mac OS X Leopard onto an MSI Wind netbook.

“I start out by telling you where to download the hacked operating system software,” Chen wrote. “You’ll also need to download and install a copy of OSX86 tools. Then I walk you through the steps of how to put the OS on a USB flash drive at least 4GB to copy it onto the netbook.”

Just hours ago, Chen sent an update to his Twitter account: “Just found out Apple is suing Wired for my video tutorial on hacking netbooks to run Mac OS X. One hell of a way to start off the day.” It later turned out that Chen misunderstood the situation, and a formal complaint has not been lodged with the US court system.

Since then, copies of the video have disappeared one-by-one from the original entry at Wired’s site and from YouTube. However, a lone copy of the video remained on the video sharing website as of press time, which can be seen below.

Via

History of the Internet from PICOL on Vimeo.