Hidden War Dialer Build: Rechristening 2.0

WHAT YEAR IS IT!? Is this a Palm Pilot?
MY LIFE IS A LIE! Nevermind. Raspberry Pi you say?
Tell me more.

Duties in life and work took me away from this project. The end of the year leaves me with some much needed time off. I choose to use some of that time to rededicate myself to this blog and some of its projects. My hope is to present some of these projects at Bsides conferences in 2015.

First, we should talk about the elephant in the room: originally the build was a war dialer hidden inside an APC UPS using an old Sony Clié. That project hit some significant roadblocks.

• Testing the modem
• Finding an analog phone line bordered on hilariously difficult. In my circle of friends and places I work these things simply do no exist. You would have thought I was looking for a Pony Express stable that could get an urgent package to the "udder sidea the call-r-ada river." 
• I finally got access to an analog line, but it had its own complications. It was located at an office I did not have access to at the odd intervals I may have time to test. It also did not have a handset nearby to test if the line was actually working.
• Using the modem
• The war dialing software was almost a decade old on a platform that is no longer supported using a fork of the PalmOS software and a modem that was not specified in the manual for the war dialer. It was a problem, wrapped in a riddle, where the people that wrote the riddle have all moved on with their lives because the tools are ancient and the idea perfectly insane. Reaching a solution may require a Delorean inside a Tardis.

This is not to say I gave up. I have moved on for now. The project was rechristened: Hidden War Dialer Raspberry Pen Test Build.

Effort will be focused on something a bit more worthwhile: hiding a Raspberry Pi Model B in an APC UPS with a cellular modem and an Ethernet passive tap. The work already started with a 3D print that should be here on the 26th of November. The test print is for the Raspberry Pi case mount that will hold the additional devices in the APC UPS.

The end goal will be to present a device that can be built for around $100 for pen testing that blends seamlessly with a cube farm (Read: Office). 

I will write a follow-up post with what the system should deliver and the desired goals. 

Look for more soon.

Hidden War Dialer Build: Update

Say hello to my bulky little friend.

This weekend I visited one of my favorite places: SkyCraft in Winter Park, FL. For those not familiar it's an electronics surplus store with all manner of gadgets, old electronics, parts, etc. To be certain it's a Maker heaven and what Tony Stark's trashcan must look like... parts and parts and parts. It has to be seen to truly be understood.

As part of the Back to the Hack series and related to my hidden war dialer project I decided to see if there was a better option to hide my war dialer, Arduino, or Raspberry Pi. In my previous post I said I would use a gutted APC-350 UPS. A trip to SkyCraft and $15 dollars later I found myself with a APC-420. I love how it's well worn, scratched, and has little dents. The device will look like its been tucked away at a target facility for years. It will be a much roomier home for all my hack-a-tronics and will blend into any cube farm, IDF, or MDF perfectly.

After the jump see the tear down and some of my first thoughts heading into the hidden war dialer build.

Badges, we don't need no stinking badges

Badge blurred for
obvious reasons. It lists my real title as
"Grand Security Bison of the
Loyal Order of the Water Buffalo"

Recently someone pointed out the way I wear my work badge is "unusual". The picture to the left illustrates my particular "style" of wear: no lanyard, clipped to the collar of my shirt. Why do I do this?

This is one of the many ways that I take security seriously as a security professional. If you mind all the small things, like how you wear your badge, often the big things will follow suit.

Just having a badge or access card is "Check box Compliance" as a past manager once told me. Company has photo badges: Check!, No one can see them on their belts: Check!, Lanyard rotates the photo around making the photo useless for identifying someone in a hall: Check!, No one cares if a person walking in the data center doesn't have an ID badge visible: Check! Check box compliance does nothing. Utilizing the tools required by compliance does everything.

ID badges allow for quick identification of individuals and empower anyone in the organization to make a determination if that individual should be in a given area. I prefer wearing my badge this way because it avoids many of the common issues that take a very valuable security tool, like a identification badge, and turns it into one more thing those tinfoil hat wearers in security require that everyone will ignore.

After the jump I will break down my reasons why the way most people wear their ID or access badge defeats the point of the ID in the first place. I will also discuss what you can do to make the ID and access badge process more valuable to securing your organization.

Fossetcon 2014 - September 11-13th Orlando, FL

I just bought a ticket to Fossetcon happening September 11-13th, 2014 in Orlando, FL. Fossetcon is the Free and Open Source Expo and Technology Conference.

The three day event includes one full day of training classes, plus lunch during the training day, for $20! I am very excited to see how this goes as it seems like an incredible deal. If you are in Central Florida and like free and open source software check it out. For $20 you can hardly go wrong. http://fossetcon.org/

Hidden Palm Pilot Wardialing Platform: Part One

While combing through "ye olde box of ancient tech artifacts" I found a Sony Clié Palm Pilot (PEG-N610C circa 2001/2002?). I powered it up to find it still worked like a charm. What to do with this wonderful little piece of tech?

How about a war dialing platform stuffed into a gutted APC battery backup that can be hidden in just about any office anywhere for around $20 USD? Sure. OK!

In part one of this Back to the Hack we will discuss the basic idea for this cheap hidden war dialing platform, its uses, and the goals for the build. In part two we will look at the deployment of this wonderfully ancient little device and what it can be used to discover.

Read more after the jump

Back to The Hack!

One of the areas of security I find interesting is when old hardware/software becomes relevant again. When dusty old devices find new life as security tools after being relegated to the numerous scrap piles of technological progress and dead links of tech reviews years past. Blog posts tagged as Back to the Hack will explore using this old "useless" tech to exploit the modern security controls we rely on today.

Radio Shack DTMF dialer to open door relays? Maybe? What can be done with this old Palm Pilot and modem bought off eBay for a few dollars? Wardialer hidden in a APC batter backup case? Sure! Check out Back to the Hack to see how old tech is breaking new tech, today!

Exploiting Security Cameras with Infrared LEDs - Part One

A few years ago I read a Boing Boing article covering how infrared LEDs could be used to hide the identity of individuals from security cameras. The described method allows one to render their face unrecognizable to many cameras.

This article was written six years ago and as a security professional I couldn't help but wonder, "Have camera manufacturers compensated for this issue since then? Can the cameras that protect the areas and Information Security assets I am charged with guarding be exploited by this type of vulnerability?"

Only one way to find out! Build a test rig, protocol for testing, and test camera that will allow me to evaluate cameras that may be vulnerable to the described exploit. Part One will focus on the build of the testing unit and Part Two will focus on testing and findings. (Including easier ways to perform these tests if you don't want to or can't build a test device yourself. I wanted a permanent tool for testing.)

 

IR based security camera obfusctaor

"Officer, he looked like a
radiant ball of glowing light."

See the build after the break