Tuesday, October 2, 2018

locating the “brew” button pads DRILL; BABY, DRILL

Method 1: Patching Into I/O

The first (and arguably easiest) method of hacking a device is patching into its control mechanism. Most consumer products have at least one button or indicator LED, and the connections for that component are usually easy to find and solder to.
With access to button pads, you can attach your own button, relay, or transistor circuit to control it with your own hardware. For example, if you wanted to make a device wireless, you can connect your wireless device directly to the button pads to drive the button signal high or low depending on what the wireless device receives. I see this kind of implementation all the time. For example, there was recently a write-up on hackaday about a user named Kolumkilli hacking his Keurig coffee maker to be wirelessly controlled. He accomplished this by locating the “brew” button pads and connecting a wireless device. This kind of hack can be accomplished without digging into the actual programming of the device.
Broken apart Keurig Machine
Image courtesy of Hackaday
With access to the LED pads on a device, you have a reliable output source from the device. The best example I’ve seen of this is a hack with the Star Wars Force Trainer. It appears the blog post for this hack has been removed, but in the hack the designers simply soldered to LEDs on the base of the toy to trigger their own device when certain LEDs turned on. Then they could use the toy as the controller for their own system, without ever having to access the data on the device.
Star Wars toy
Image courtesy of starwars.com

Method 2: Replacing a Component

This method is often used in Circuit Bending. The user wants the device to sound different, so he or she replaces a component (usually experimentally) to get a different sound out of a device. This kind of approach isn’t relegated to Circuit Bending, though. A lot of interesting hacks have been achieved by replacing a component. For example, replacing bike light bulbs with high-intensity LEDs, or replacing the motors on an off-the-shelf toy car to make it drive dangerously fast.
Bike with LED light
Image courtesy of Hackedgadgets.com

Method 3: The Logic Analyzer

One can gather a lot of “private” data from a device with the use of a simple logic analyzer. To do this, one finds an interesting chip or test point on a circuit board, connects a logic analyzer, and then runs the device. The logic analyzer will record any signals occurring on the lines it’s sniffing, and that data can potentially be translated into something useful. I once hacked a Lidar range finder this way, probing its serial lines while it was running.
The blog post went live before I had time to do anything useful with the data, but I made the data public, and by the next day someone had interpreted it and created of video of the graphical representation of the data. Just for a little shameless self-promotion, I used the Logic Analyzer that we sell, which does auto baud-rate detection and signal translation for the SPI, I2C, and serial protocols. Because of this, it is a vital tool in my hardware hacking toolkit.
Logic Pro 8 - USB Logic Analyzer

Method 4: JTAG Hex Dump (a.k.a. Voodoo)

When an electronic device is manufactured, it must be programmed with firmware at some point. The same port through which a device is programmed can also be used to disassemble and hack the firmware. Many microcontrollers have a memory dump feature that can be triggered through its programming port that allows a user to read the full memory (in hex) of the chip. Many devices include a feature that “locks” the device so that it cannot be read or reprogrammed once it is flashed, but many device manufacturers do not implement this feature, leaving their products susceptible to firmware hacking.
In order to hack firmware through a programming port, one must:
  1. Identify the device and if it has the capability to dump its memory
  2. Build or buy a programmer that can receive this memory dump and transmit to a computer
  3. Get the hex dump from the chip with the programmer
  4. Disassemble the hex into assembly language
Once the hacker has the assembly language, he or she is looking at the firmware. From there one can modify the firmware file to one’s own ends, changing variables and registers to change the behavior of the device. Then the hacker recompiles the firmware into hex, and reprograms the device with the hacked firmware. This is an advanced method of hardware hacking, but can provide the most effective (or entertaining) results.
One of my favorite examples of this sort of hacking is the GoodFET, a device developed by Travis Goodspeed to (among other things) easily trigger a hex dump and re-flash the memory of multiple platforms (MSP430, AVR, PIC, etc.). The GoodFET makes it easy for the hardware hacker to download or “peek” at code hosted on a chip, in order to modify or exploit it for hacking.
Goodfet Board
Image courtesy of Goodfet.sourceforge.net
For those interested in heavy-duty hardware hacking, be sure to check out Travis Goodspeed’s blog.

Drill, Baby, Drill

Drill, Baby, Drill
For Kaspersky, the mystery of the drilled ATMs began last fall, when a bank client showed them an emptied cash machine whose only evidence of tampering was a golf-ball sized hole next to its PIN pad

Their compact gadget, far smaller than even the arrested suspect's laptop, consisted of only a breadboard, an Atmega microcontroller of the kind commonly found in Arduino microcomputers, some capacitors, an adapter, and a 9 volt battery.
Step aside, ATM skimmers. This new attack empties out all the cash in minutes.

I'll be back later...with Marvel Cartoons

Dschinghis Khan - Moskau 1979

We can dance if we want to

Eu nao faço a menor da ideia, que espécie de palhaçada é esta....que caganeira é esta???!!!!! e volto a perguntar...quando este cagatório nem constituiçao tem....onde é que está o meu cash??????? e pergunto, já agora....se foi um informante da PJ dentro da base, no meio de civis, que chibou o local na Chamusca, e foram 3 comandantes que planearam...o que é que foram estes perfeitos cagalhoes pedir à Espanha que encontrassem duas matrículas, romena e búlgara, no local de Tancos, nessa noite?????....deixem me ver se eu nao sou estúpida afinal, a monte de merda da mae e do pai...e a falhada que de burra nao acabou o curso!!!! a máfia tinha e tem as bases militares sob escuta!!!! han....?
Elsa David where is my cash...mr keynes The Wall Street Journal
Responder1 min
Elsa David Central Intelligence Agency (CIA) Mossad PRAVDA.RU...resolvam esta merda, sem as mulheres grávidas histéricas abortarem bébés feios putagueses ---
Responder1 min
heck it out! Kraftwerk..( i didn't went to translator...I think means..artcrafter) is ...a metal neo nazi band...but then it shows up here, like this...if you are smart you will say...that the one's thinking they are on one national socialism "something" ...actually are tottaly controlled...after the concert they go to a rave...totally controlled...that's the game...do you know how to play?

Elsa David
2 h
After 14 years..last thursday, 6 guys from the different institutions started a true emotional relationship with me..Bryan from the IRA, Ib and X from Mossad, Matt from the CIA, and an old 1987 boyfriend,,,that actually showed up last week, even being here 29 years. And first issued, was politics, brainwash, differents perpectives, and me. I skip thursday all night. After sunday afternoon, virtual "sexual fantasy" from old centuries memories, that really chocked them...while never seem me as a whoore, but an excelent actress, and why were them, wanting that shit for a long time...the spark was...Zé stabbed a SIS men, the banana from fruit fly obessive manaiac cila woman injection of envy...that thought he was a trully hotshot, that could for certain has a romance with me...the "system" who have always protected the situations, envolving violence, didn't charged him with attempt homicide...few hours later, Zé simple stabbed again his girl companion and letf the house, with compadre Mendes, which always was just a medium drug dealer, and not really had no cartel. With all political questions, sort of agreement, finally they had a opportunity of being with me, if Zé founded a place to live, and actually break the shie part of Elsa...then, late at night, I ww were 48 hours awaked, a ganso face which thinks somehow God knows could have a relation with any of them, did not let me fall of sleep, and Zé just simple went there for stabbing her. Meanwhile, at 4 am...a radical ISIL, was detected by Mossad witha drone, on a sniper position to shhot me down at the balcony..and with Thai intel, a cell was at Rua da Milharada 7th floor...Ib and X got the man, while I had to hide my head...on a suspen movie type..they went to the building and a samsonite bag was found on the hall entrancy connected to the building electrical circuit...with a geiger counter it had 7.4 level of radioactive...the ISIL man here(on the web), simple said, I took advantge of you, we make the terrorit attack, the worthwhile one, and you die, the Zion doll...they were all killed, and 5.30 am, the bomb was dismantled...one IRA guys gave at 2 am PREVIOUSE gave THE INTEL THAT THEY CALLED IT THE TRIPLE BOMB...BIOLOGICAL, NUCLEAR and regular ...they tooked for forensic only 12 pm monday, they knew was rubeola virus...6 am, a Mulah showed up in line, with an astonishing inteligent speech...that the mainstream american thinking was gefallen...on the other hand, he simple said to me, if you would reall had sex with them all, in that moment you would felt a prostitute. (also said you hands are clean, keep it that way) ...none of them is for you...a programmer maybe...When he was out, to not be traceback...Ib said, change of plans, Zé was caught by the police...no more plan..then the bomb was declared a decoy, and not the real bomb out there...Mulah returned, at 13 pm, I asked him, what about the soldier (Ib) he said ...well, is not a blind man on a killing machine...then, Ib and me got the relation...even if Ib while wacthing and participating on the virtual scene, stayed dumb...because we wre then 56 hours without sleep, a regular PJ, cracked out completly specially because of the real bomb thread depending on me, as a key..,a dn because zé would get away with the right of resistance....he started erasing people, shooting 17...Ib, shot cila( the portugue stabbed by zé hotshot)...because I previouse said, after a personal war with his own ex, that he meet her, simple married her, simple was an old borned man, had stupid few fucks, left her witha 4 years old son..and I would never took him out of his F16, on no case of all, just so he would killer, she was 14 years ago, mossad, and pot of a israeli general...then, 60 hours with no sleep...and X saying we are great partners but I actually don't stand up with talk for your wallstreet bullshit, got out, Bryan and Matt ironic sleeping...and then 7 am..a police shot Zé...65 hours with nosleep,,,then...Ib had a diareiah of making me jeaoulese with a israeli cute..then I said to mr Pardo...you just planning a emotional vulnerability to me, he said...no...but then...the Mullah not no more offical nothing but..a Muslum Radical Anarchyst Movement (????) ....nothing to Mossad...said well...you loose creativity with him...and he looses concentration techical with you...then..the stabbed hotshot disapperaed on a garage...and an image plantted on my brain..I would also disappear in a garage...with....chinese men...Then..the deal was, you are a fantastic intel tek, we hire you..you work 10 minutes or 10 hours show up when ever, you are upgrade at the door, and brain deleted at the the exit eachday...Muslum Radical Anarchyst Revolutionary...on that case you date Ib...right! I saty on my appartment, I kiss him, dance...maybe write a book...and I get payed. And they all watch...I lay with Ib...somewhere else...the PJ cop, will dispparead also in a garage, for the hapinness of lots of foreigners...because we owed Zé the favours, we had to take him out...but then a police man (???) showed up...I will tell you, how did we went fall sleep 12 pm last night...on a nother post.
I just got an email...invite me to participate and apply as Pastour , for the Christian Anarchy Church...and spread the word.
well...the History character that I most admire...is Ezquiel. That you old bastards...putted her process aside for 5000 years...still deciding if she was or not A Prophet
Elsa David My Christian Church declares Ezquiel...a Prophet !
Elsa David I already said Muslum Radical Anarchyst Revolutionary Movement....it would be ironic...I got a shoot protecting Ib?
Elsa David I want a feed back neo nazi ....God does not exist is a creation of Men...you are not afraid to die...and therfore superior
Hi everybody! What a wonderful day for capitalism...aren't we feeling society developers...? ...its because tribe...the good guys...if its all because kindness...I'm not paying no kindness bullshit ticket...