Wednesday, June 28, 2017
Tuesday, June 27, 2017
Sunday, June 25, 2017
Saturday, June 24, 2017
Wednesday, June 21, 2017
again gentlemen...again and again...fucking NATO ! what about link 11, what is all about?
http://www.signalogic.com/index.pl?page=codec_samples
SEE ALSO FOR RESEARCH :Reciprocal mode saw correlator method and apparatus
US 5355389 A https://encrypted.google.com/patents/US5355389
SEE ALSO FOR RESEARCH :
US 5355389 A https://encrypted.google.com/patents/US5355389
Below are a variety of "before and after" .wav file samples for different LBR (low bit rate) speech (voice) codecs, including MELP, GSM, and G.729A/B, with bit rates ranging from 600 bps to 13000 bps. Click on the .wav file links to hear the samples. All .wav files are mono, sampled at 8 kHz.
Speech samples are at left, with different codec types across (columns). Each row is a different language or sample type, such as addition of background noise. In several cases, a language sample may include both male and female speakers.
Underneath each sample is given the PESQ score, which is a numerical algorithm comparison between the original sample and the processed sample designed to closely approximate a MOS score. 4.5 is a perfect PESQ score, meaning there was no degradation of the processed sample from the original sample. PESQ scores normally refer to the "Original" sample at far left column, unless otherwise indicated. More information on PESQ is given below.
Speech Codec Samples
Numbers given in () below the codec type are inherent algorithm frame size (delay) values, given in msec.
| Fs = 8 kHz (128000 bps) | 2400 bps (22.5 msec) | 2400 bps (22.5 msec) | 1200 bps (67.5 msec) | 2400 bps (22.5 msec) | 2700 bps (20 msec) | 4000 bps (20 msec) | 600 bps (30 msec) | 8000 bps (10 msec) | 13000 bps (20 msec) | 2400 + AT&T NPP4 | 8000 bps + AT&T NPP | 13000 bps +AT&T NPP | 13000 bps +AT&T NPP | 13000 bps +AT&T NPP | |||||||||||||||
Language & Score | Female | Female | Female | Female | Female | Female | Female | Female | Female | Female | Female | Female | Female | Female | Female | |||||||||||||||
English1 | eng2_m | eng2_f | male600 | female600 | eng_m | eng_f | eng_m | eng_f | ||||||||||||||||||||||
(ITU) PESQ Score | 4.5 | 4.5 | 2.673 | 2.293 | ||||||||||||||||||||||||||
English2 | eng_m | eng_f | eng_m1 | eng_f1 | eng_m2 | eng_f2 | eng_m3 | eng_f3 | eng_m4 | eng_f4 | eng_m5 | eng_f5 | eng_m6 | eng_f6 | eng_m7 | eng_f7 | eng_m9 | eng_f9 | eng_m10 | eng_f10 | ||||||||||
(ITU) PESQ1Score | 4.5 | 4.5 | 2.666 | 2.445 | 2.86 | 2.583 | 2.413 | 2.323 | 2.923 | 2.704 | 2.958 | 2.734 | 3.266 | 3.078 | 3.570 | 3.265 | 2.583 | 2.434 | 3.254 | 3.076 | ||||||||||
French | f_m | f_f | f_m1 | f_f1 | f_m2 | f_f2 | f_m3 | f_f3 | f_m4 | f_f4 | f_m5 | f_f5 | f_m6 | f_f6 | f_m7 | f_f7 | f_m9 | f_f9 | f_m10 | f_f10 | f_m | f_f | f_m | f_f | ||||||
(ITU) PESQ Score | 4.5 | 4.5 | 2.401 | 2.549 | 2.482 | 2.575 | 2.249 | 2.365 | 2.786 | 2.756 | 2.770 | 2.829 | 3.162 | 3.243 | 3.349 | 3.352 | 2.482 | 2.599 | 3.343 | 3.315 | ||||||||||
German | ||||||||||||||||||||||||||||||
(ITU) PESQ Score | ||||||||||||||||||||||||||||||
Japanese | ||||||||||||||||||||||||||||||
(ITU) PESQ Score | ||||||||||||||||||||||||||||||
Chinese | ch_m | ch_f | ch_m1 | ch_f1 | ch_m2 | ch_f2 | ch_m3 | ch_f3 | ch_m4 | ch_f4 | ch_m5 | ch_f5 | ch_m6 | ch_f6 | ch_m7 | ch_f7 | ch_m9 | ch_f9 | ch_m10 | ch_f10 | ||||||||||
(ITU) PESQ Score | 4.5 | 4.5 | 2.781 | 2.572 | 3.080 | 2.769 | 2.738 | 2.477 | 3.120 | 2.739 | 3.124 | 2.809 | 3.490 | 3.164 | 3.730 | 3.601 | 2.969 | 2.641 | 3.548 | 3.462 | ||||||||||
NSA test vector5 | nsa_m | nsa_f | nsa_m1 | nsa_f1 | nsa_m2 | nsa_f2 | nsa_m3 | nsa_f3 | nsa_m4 | nsa_f4 | nsa_m5 | nsa_f5 | nsa_m6 | nsa_f6 | nsa_m600 | nsa_f600 | nsa_m7 | nsa_f7 | nsa_m9 | nsa_f9 | nsa_m10 | nsa_f10 | ||||||||
(ITU) PESQ Score | 4.5 | 4.5 | 3.185 | 2.963 | 3.270 | 3.063 | 2.976 | 2.761 | 3.331 | 3.029 | 3.330 | 2.963 | 3.637 | 3.451 | 2.694 | 2.275 | 3.882 | 3.901 | 3.197 | 2.988 | 3.865 | 3.659 |
Ok, welcome back to war! let's then fuck NATO here, today! besides wifi and laser guided bullets, there's only one protection at warfare, ultrasonic transducer. And I have here a perfect modus of fucking their targets
Product details of Ultrasonic Mist Maker Fogger Humidifier Water Fountain Pond DC 24V
Place it into water, powered on the device, it will produce natural flowing water mist under that condition that the atomized pieces vibrate in high frequency.
There are large number of air anions in the mist which can increase air humidity and fresh the air.
This item has advanced atomized pieces, produce a large amount of mist and excellent mist effects.
Can be used for rockery, fountain, bonsai and other occasionsMaterial: zinc alloy
Mist maker head: single-end
Atomized piece quantity: 20pcs (built-in)
Mist production: 400ML / H
Operating voltage: DC24V
Best position into the water: 5CM
Product Dimensions: Diameter 4.6CM, high 4CM, length 1.3M.
US version power adapter (with EU adapter)
Input: AC100-240V 50 / 60Hz
Output: DC24V 1A
Cable length: 90CM
DC port Specifications: outer diameter 5.5MM (male)
Sunday, June 18, 2017
Friday, June 16, 2017
Thursday, June 15, 2017
Wednesday, June 14, 2017
Hacking the Wiegand Serial Protocol
By Brad Antoniewicz.
"Wiegand" is used to describe a number of different things used within access control systems such as the format in which data is stored on a card, the protocol which is used to transmit the data, and different types of access cards that leverage it. In this blog post we'll focus on targeting the serial protocol while touching on some of the other uses. You'll find Wiegand used in magnetic strip, RFID (proximity card), and various other access card systems
I originally came across Wiegand as part of my Attacking Proximity Card Access Systems talk where I demonstrated attacks against each of the components involved in access control systems. Later on someone told me about Zac Franken, who created Gecko, a sort of Wiegand man in the middle tool. This blog post will implement and expand on Franken's tool using an Arudino.
The Arduino code to implement this is pretty simple. Mike Cook created some basic code that places an interrupt on the wires, so when there is a change, the interrupt function will be called. I leveraged this technique in my Arduino code too. The skimmed card values are sent via the Arduino's serial interface.
The Skimmer is implemented in the emulator code in the next section.
Furthermore, if you add a wireless component to your Arudino setup, you can wirelessly provide those card values. Here's the code:
Here's the code:
I implemented a basic fuzzer using the Arudino:
"Wiegand" is used to describe a number of different things used within access control systems such as the format in which data is stored on a card, the protocol which is used to transmit the data, and different types of access cards that leverage it. In this blog post we'll focus on targeting the serial protocol while touching on some of the other uses. You'll find Wiegand used in magnetic strip, RFID (proximity card), and various other access card systems
I originally came across Wiegand as part of my Attacking Proximity Card Access Systems talk where I demonstrated attacks against each of the components involved in access control systems. Later on someone told me about Zac Franken, who created Gecko, a sort of Wiegand man in the middle tool. This blog post will implement and expand on Franken's tool using an Arudino.
On the Wire
Wiegand is used to transmit data from the access card reader to the backend controller for processing. It's a super simple protocol consisting of two wires:DATA0
and DATA1
. When the reader wants to send a zero, it lowers DATA0
and whenever it wants to send a one it lowers DATA1
. Here's what it looks like within an logic analyzer. I've written the one's and zero's in green and translated them to the card values printed on the back of a proximity card.Accessing
In a non-lab environment the wires are physically accessible anywhere between the reader and the controller. For a completely unauthenticated user, the easiest way is to pop off the cover of the reader which will expose the two screws. Remove the screws, pull the reader away from the wall, and you'll be able to access the wires. They're usually colored green forDATA0
and white for DATA1
. You can also use the power wires (red and black) to power your Arduino.Capturing Card Values (Skimming)
The first attack that's possible is to capture valid card values as they're being transmitted. The values can then be stored on a memory card off the Arudino or even transmitted wirelessly. The Gecko tool skimmed card values, then when a special replay card was provided, it would repeat a stored card value to the controller.The Arduino code to implement this is pretty simple. Mike Cook created some basic code that places an interrupt on the wires, so when there is a change, the interrupt function will be called. I leveraged this technique in my Arduino code too. The skimmed card values are sent via the Arduino's serial interface.
The Skimmer is implemented in the emulator code in the next section.
Emulating Card Values
Something that's obvious but for some reason overlooked is that with direct access to the Wiegand interface, you can bypass all reader-level security. For instance, there are certain proximity cards that implement RFID authentication, encryption, and replay protection. In most cases this security is in place to protect the card value stored on the card. If you can somehow obtain a card value, it can be replayed via wiegand without ever considering the reader to human interface. This even extends to biometrics.Furthermore, if you add a wireless component to your Arudino setup, you can wirelessly provide those card values. Here's the code:
Brute Forcing Values
Another interesting idea is brute forcing values. There may be times that you have a valid (or once valid) card value and you need a card value with higher privileges (e.g. access to restricted areas). Due to the way certain card formats (e.g. 26-bit format) distribute card values, with knowledge of one card, you could determine other card values with a simple incremental brute force. This technique can be also be applied to the reader interface, but because of the delay between reads, you can only get about one read a second. Using the Weigand interface, you can get 5!Here's the code:
Fuzzing!
Don't forget that both the controller and the backend system process the values received via Wiegand. This gives us two potential targets to fuzz. Although the test cases are pretty limited: length, raising DATA0 and DATA1 at the same time, raising the two for a long time, etc... It's still worthwhile to fuzz - if you get a crash, you can potentially implement the trigger in a RFID or magstripe card, and crash the system from reader's interface!!I implemented a basic fuzzer using the Arudino:
Expanding
As mentioned, you can expand upon all of this by adding wireless capabilities. Another cool thought is that because all of this is on an Arduino, you can easily communicate with it via a cell phone, making things really inconspicuous :)Got any more ideas on expanding this? Let us know in the comments down below!!
Tuesday, June 13, 2017
what I'm trying to accomplish" is...dead treads with no trace back INTERPOL HQ FBI – Federal Bureau of Investigation
Good morning! boolean tribe...welcome back to war!
"Really, what I am trying to accomplish in the client is
1) Subscribe to channel XYZ normally, with attached callbacks, etc
2) Construct a well-formed JSON message that would be similar to one
normally received by XYZ, but instead it was formed by the client
3) Send the message through the normal WebSync message-received
functions, which ultimately will call the originally attached
callbacks as if it had been a normal message
My use case here is that I am getting data from a WebSocket connection
(non WebSync) that is forming JSON messages in the same format as
would normally be processed by WebSync. And instead of parsing the
messages myself and determining the correct callbacks based on the
channel, just pass it off to your wonderfully written JavaScript
client library that already does this sort of heavy lifting :).
I don't need to actually publish the message to the server because
this data is coming from another source, and would be for all
subscribers (in my case, using websockets because the data is *very*
high frequency, and necessitates low latency).
Speaking of which - are WebSockets still on your roadmap? I know that
they were pulled out of the HTML5 spec and instead put into their own
specification. And I also know that while WebSockets are supported in
*some* browsers, they are not in all (of the major ones, that is), and
FF4 will have them disabled by default"
"Really, what I am trying to accomplish in the client is
1) Subscribe to channel XYZ normally, with attached callbacks, etc
2) Construct a well-formed JSON message that would be similar to one
normally received by XYZ, but instead it was formed by the client
3) Send the message through the normal WebSync message-received
functions, which ultimately will call the originally attached
callbacks as if it had been a normal message
My use case here is that I am getting data from a WebSocket connection
(non WebSync) that is forming JSON messages in the same format as
would normally be processed by WebSync. And instead of parsing the
messages myself and determining the correct callbacks based on the
channel, just pass it off to your wonderfully written JavaScript
client library that already does this sort of heavy lifting :).
I don't need to actually publish the message to the server because
this data is coming from another source, and would be for all
subscribers (in my case, using websockets because the data is *very*
high frequency, and necessitates low latency).
Speaking of which - are WebSockets still on your roadmap? I know that
they were pulled out of the HTML5 spec and instead put into their own
specification. And I also know that while WebSockets are supported in
*some* browsers, they are not in all (of the major ones, that is), and
FF4 will have them disabled by default"
Monday, June 12, 2017
so we want today to send dead treads emails without beeing EVER detected.
# config/email.yml | |
--- | |
test: | |
:delivery_method: :test | |
:url_host: 'localhost:3000' | |
development: | |
:delivery_method: :smtp | |
:host: "localhost:1025" | |
production: | |
:delivery_method: :smtp | |
:address: 'localhost' | |
:port: 25 | |
# config/initializers/mail_settings.rb | |
email_settings = YAML.load_file("#{Rails.root.to_s}/config/email.yml")[Rails.env.to_s] | |
Rails.application.config.action_mailer.default_url_options = { | |
host: email_settings.delete(:url_host) || "localhost:3000" | |
} | |
Rails.application.config.action_mailer.delivery_method = email_settings.delete(:delivery_method) | |
Rails.application.config.action_mailer.smtp_settings = email_settings https://gist.github.com/joshmcarthur/9884826https://gist.github.com/joshmcarthur/9884826 |
Subscribe to:
Posts (Atom)