Project of "RF-Ninjia-101" initiate!

Sniffing ADS-B traffics near Ontario lake

Manual Fuzzing ATM?

Show me the crash dump now ... :)

IOToronto Hardware Meetup

It was so nice to meet you all. And I hope everyone enjoy my talk. Here is the PPT link of my talk. :) Any comment welcome! (Slideshare-meetup-rfid)

PoC of Hackable Griffith College Student card

A demo video to show that, Student card of Griffith College,Ireland is Hackable. 

 

PoC of Clone-able DKIT Student card

This is a demo video to proof,  Student card of Dundalk institute technology is Clone-able.

USB Plug-over bypass attack on Integral USB Drive.

I was read this article "Crypto hardware Plug-over attack" (Crypto-plug-over-attack) the other day. And think will be a nice weekend project. I happened to have 2 Integral Crypto USB drives. Integral claim this drive is enhanced with 256 bit hardware based AES encryption and FIPS 197 approved, which allowing for advanced security of confidential data. However it only works on Windows. :(

From Thice's article, the reason why this work, because after user unlock the USB drive, for some reason the encryption system isn’t able to lock itself again. Even after switch USB drive over to a new system, as long as power is provided. So if we can find some way to provide un-cut power. We can keep access the data on USB drive without provide passwords.

The schematic overview

 

As picture shows, we only able to access date after unlock it.                        

 

But it dos not work under Linux system! :(                                                           

                                                     

 

 If unlocked under Windows 1st. and switch to Linux.                             

Because the power is uncut, we now can access the data without ask for password anymore.