Back from the cons!

It’s been a crazy month, so much going on! I had the pleasure of presenting my updated Cracking into embedded devices presentation at (Luxembourg) and Hack in the Box (Malaysia). I also had to give a talk on PCI DSS in London, which was a challenge as PCI DSS is not the most fun topic for me, trust me!

The best thing about assisting these kind of events is the technical discussions and exchange of ideas with not just other presenters but also attendees. [...]

more | comments | comments rss | posted by

New technique to perform universal website hijacking

I’m really excited that HITBSecConf2008 Malaysia is coming up soon: end of October to be precise. I highly recommend our readers to attend such event, as it’s organized by one of the finest security event crews I have ever dealt with. There are tons of talks I want to attend, which I will cover in another post. [...]

more | comments | comments rss | posted by

Dumping the admin password of the BT Home Hub (pt 2)

This is just a quick update regarding our previous post which details how to extract the default admin password for the latest firmware of the BT Home Hub (6.2.6.E at time of writing). I recommend you to read the previous post if you have not done so yet.

The BT Home Hub’s serial number – which is the default admin password – can also be found on UPnP description XML files. [...]

more | comments | comments rss | posted by

Exploring the UNKNOWN: Scanning the Internet via SNMP!

Hacking is not only about coming up with interesting solutions to problems, but also about exploring the unknown. It was this drive for knowledge philosophy that lead to surveying a significant sample of the Internet which allowed us to make some VERY interesting observations and get an idea of the current state of remote SNMP hacking.


2.5 million random IP addresses were surveyed via SNMP. Why SNMP you might be asking? Well, there are several reasons. [...]

more | comments | comments rss | posted by

Hacking Video Surveillance Networks

The usual suspects: George Clooney, Brad Pitt and Matt Damon. The plot: rob a casino. The method: hijack the vault’s security camera video stream and replace it with a static image. Fiction? I don’t think so.

This post is not going to be about how to hack into the video surveillance networks of your local government but rather about my personal opinion about the current state of security implemented by the latest video technologies. [...]

more | comments | comments rss | posted by

Call Jacking: Phreaking the BT Home Hub

OK, this is a bit of a funny attack – although it could also be used for criminal purposes! After playing with the BT Home Hub for a while (again!), pdp and I discovered that attackers can steal/hijack VoIP calls. Let me explain …

In summary, if the victim visits our evil proof-of-concept webpage, his/her browser sends a HTTP request to the BT Home Hub’s web interface. [...]

more | comments | comments rss | posted by