Blog

Rekt by the REX

The request-to-exit (REX) passive infrared (PIR) sensor. You know the one. Spray canned air or smoke in its face, it becomes disoriented and unlocks the door. Spit a mist of alcohol in its face, it gets a buzz and unlocks the door. The butt of many “jokes” for how easily it provides unauthorized entry, but...

Let’s Build a Card Cloner

This post isn’t attempting to present new research or a new device—that work has already been done, a la Bishop Fox. While an overall design was created, and many others have discussed building such a device, doing so can prove to be challenging. This post will provide you with all that is needed to fully...

DerbyTV

This blog post isn’t directly information security related per se, but is technical in nature, so it should appeal to the geek in most of us. When Dave posted pictures of the gear being used to stream the Track talks within the Hyatt at DerbyCon this year, there was a fair amount of interest in...

Classy Inter-Domain Routing Enumeration

During the information gathering phase of a penetration test, we want to discover the netblocks, or ranges, owned by the target organization. This allows us to produce a list of potential hosts for further enumeration. For very large organizations, or ones that have been around since the birth of the Internet, it is possible that...

OBD-II Break-Out Box (DIY Edition)

When assessing a vehicle’s various electronic systems, the primary interface is the On-Board Diagnostics (OBD-II) port. This provides the connection to interface with the vehicle’s CANBus, among others. The CANBus has been utilized in vehicles within the US since the 90s and has been mandatory since 2008. While the CANBus, +12VDC, and Ground pins are...