Patches for Lab Coats

What a brilliant idea, sewing 2D barcodes onto patches that re-direct to specific (and changeable) URLS ! The thing that amazes me MOST of all is that you can snap the p8tch with an iPhone and some software to decode this. WOW ! I’m not sure what I was doing a couple years ago but when I developed a 2D Matrix (PDF417) barcode reader, I couldn’t get any software to image and decode that damn thing. Congrats 2Dsense you are a better man than I.

enjOi – I am buying one for my black lab coat. I know what everyone is thinking right now, this is just another excuse to create a severely over-arching attempt to rick roll somebody. Be a little more creative than that.

Read more here: P8TCH

Posted in Uncategorized

Soldering 0603

what I see through the beauty of 2x *sigh*

what I see through the beauty of 2x *sigh*

This weekend has been full of rocking out the surface-mount soldering for my current project – Building the Proxmark3. Figured I would upload some pictures on Flickr here

The only magnification I’ve had during this is my 2x radio-shack bought magnifying glass, needless to say I’m looking for a nice scope now. Thanks to Virosa and Ellen for the help with this project, should have one ready to play with soon. Will give a talk at the space when it’s working and get some usage under my belt.

Hacking the SmarTrip – Part I

Thanks to DCist – http://tinyurl.com/5spogg – I got inspired to rip apart an extra SmarTrip card I had lying around for when friends/family visit me in the D.C. area. Unfortunately for them, they will now have to buy the day-long pass until I am done playing!

To start, today I took the extra card and soaked it in acetone for about an hour and after that time I was able to rip off the initial plastic of the card. After that hour-long of soaking you’ll find the card becomes very flexible and if you attack the corners with tweezers you’ll eventually realize the 3 layers of the card. The face of each side should peel off rather easily, although a minute amount of force is required.

See the Flickr set here: http://tinyurl.com/6ck5q5

If you take a look at the images you’ll see that all of the electronics (controller, antenna) are now exposed and we can start to play. My girlfriend just handed me a Faraday flashlight with a GIANT coil of magnet wire inside of it, so now we’re working on extracting that wire to use as the antenna for the smarTrip’s microcontroller.

More to come…

Introduction to Reverse Engineering

UPDATE: This training is going to be filmed for our members away from home this weekend. :)

As you may know HacDC will be holding it’s second training event. June 28, 2008 we are inviting Bow Sineath to HacDC to teach our members (and even non-members, bring your friends!) about the intricacies of reversing binaries using some of the latest tools in the field.

The following is an abstract from the trainer:

Over the past few years, reverse engineering has become a highly marketable and valuable skill backed by a number of powerful tools. With uses in incident response, vulnerability analysis, exploit development, malware analysis, DRM, and many others, the ability to reverse engineer code is becoming a very popular and desired skill. This class will teach the basics of reverse engineering, including the use of common tools, basic theory, the x86 instruction set, and identifying common code constructs. We may also delve into other issues, depending on time.

The class assumes basic programming knowledge (particularly C and/or C++) and no previous experience with IDA or the x86 instruction set. The class will consist of both lecture and practical exercises using “real world” binaries (with the exception of one).

The following are the tools we will be using:

Name: IDA Pro 4.9 freeware
Link: http://www.hex-rays.com/idapro/idadownfreeware.htm
Description:
This is the freeware version of the Interactive DisAssembler, the most powerful commercial disassembler on the market. IDA will disassemble a number of different executable formats and supports a wide range of processors (depending on the version), in addition it has a powerful API and scripting language that can be used to further enhance its capabilities. The freeware version is version 4.9 and is fairly old, most of the latest plugins and scripts will likely not work. The latest release, 5.2 supports a number of new features (eg debugging, better analysis, graphing, API enhancements) and processor formats.

Name: ImmDBG
Link: http://www.immunitysec.com/products-immdbg.shtml
Description:
The Immunity Debugger is a powerful debugger that has a number of very powerful features. Its specific purpose is exploit development, however it can be used for a number of other purposes as well. It has a Python API which is fairly well documented, uses a GUI and has a powerful command line, and allows for remote debugging sessions. Best of all, it is free :)

Name: 010 Editor
Link: http://www.sweetscape.com/010editor/
Description:
010 Editor is a wonderful text editor and, there are alternatives (eg Hex Workshop), this is what I have been using for a while and have become familiar with. It isn’t incredibly expensive ($50 for home/academic use), but it is very powerful and allows you to analyze binary file formats using scripts and “templates”. You can see the website for screenshots, this is a lifesaver for anyone meddling in file formats.

I will also be posting some binaries (mostly DLLs) that I’ll use for the class at some point this week, most of them are from Microsoft, but one of them will be something I wrote so that they can compare the source to what the compiler produces. I would highly recommend that people go ahead and load them into IDA as soon as I get them out, I’m hoping to do it in a timely fashion (eg by Tuesday) so that they can go ahead and have the initial autoanalysis performed and we don’t have to wait around for it. I can provide a brief description of how to do this (although it is relatively self explanatory) when I send out the binaries.

Special thanks to Bow for coming out to teach the class!


See you the 28th @ 2:00PM !