Season 9 continues with the results from last weekend’s Crack the Code Challenge as well as a walkthrough on how participants were able to complete the challenge using packet analysis, file reconstruction, stenagrophy and brute force. Plus encrypted USB drives with centralized management and more from the RSA 2011 conference.

Download HD Download MP4 Download WMV

Hacker Headlines

Bummed you didn’t get your hands on one of Google’s CR-48 Chrome notebooks? The alternative Instant-On OS Splashtop Linux is now available for download. Splashtop has been previously available as a pre-installed second OS on notebooks from Acer, ASUS, Dell and others. This 1.0 release makes the trim down Linux 2.6 and X11 based OS available to the public.

Samsung has made a ROM based on Android 2.3.2 Gingerbread for the i9000 that just leaked to the net. All of the changes haven’t yet been determined, and if you don’t have an i9000 model, you still have to wait for the update on your Galaxy S devices. I’m looking forward to seeing what the users can do with the ROM now that it’s available.

Sony isn’t taking recent PlayStation3 hacks lightly, as German hacker Graf Chokolo found out when authorities raided his house earlier in the week. In a post on his Hypervisor reverse engineering blog Chokolo wrote “Sony was today at my home with police and got all my stuff and accounts.” Hours later the “Hypervisor Bible” as Chokolo puts it was released. Links have been removed to comply with legal notices, but you know nothing is ever erased from the web.

The Nintendo 3DS has been out for a day in Japan… and it’s already been hacked. The Tech-On! Group has already gotten their hands on the 3DS and torn it apart to look at all the delicious insides, including the 3D display. Along with the hardware, Ayasuke2 on Youtube has already hacked the 3DS to run R4 Cards and play unauthorized Nintendo DS games.

Getting encased in carbonite isn’t exclusive to Han Solo anymore. Attendees at the Tangible, Embedded and Embodied Interactive Conference got to scan themselves in 3D with a hacked Microsoft Kinect and print the resulting STL file using a Stratasys 3D printer.

Crack the Code Challenge

Did you have what it took to compete in our Crack The Code Challenge, brought to you by GoToAssist Express? 6 Hak5 viewers did this Sunday. Mad props go to Netshroud for being the first to crack the code, as well as Jellyfish, Jon, Alex, Leo and Tristan.

A big thanks go out to all that participated, joined the live stream and chat, and of course GoToAssist Express for sponsoring our Hak5 Lab Network. We’ll have details on the next challenge on next weeks show so be sure to tune in.

Cracking the code: PCAP file recovery and stenography

Shannon demonstrates techniques for completing the Crack the Code Challenge using Network Miner and steghide.

HakTip: Command line packet captures using Tshark

Last week we were asked about command-line packet sniffers and I recommended tcpdump and ngrep for filtering. Steve Z was quick to point out TShark, the command-line counterpart to Wireshark. With rules and filtering built in, it is quickly becoming a favorite for my packet sniffing needs. For example, issuing:

tshark -R “!(udp.port==53) and udp and ip.addr==10.73.31.55″ -i eth0

will show me just UDP packets that aren’t on port 53 to or from the address specified.

What little gems are rocking your world? Hit us up, we’ll share ‘em on the show. tips@hak5.org

Encrypted USB drives with centralized management

Darren meets with Kingston and Blockmaster to talk about their new USB management security applications.

Email: USB Passthrough

Toby writes in:

Now that I’m adhering to the “Trust Your Technolust” way of life, I figure your my best chance for a quality fix… I have an issue that I would love to see how you would resolve. I work at a non-profit food producer that provides millions of servings to feeding programs world wide every year. Were running as much open source goodness as we possibly can so that we can direct as much revenue to the feeding programs as possible. I have a VM “When-doze” terminal server running a software package that requires a usb software key. I need a (cheap or free) way (hak or bypass) to overcome the lack of ability to have non-storage USB passthrough

Darren recommends USB Redirector, a product he learned about when researching Proxmox VE.

Keep up with the latest on Hak5 by following us on Twitter or Facebook. Subscribe and get your weekly technolust delivered automatically. Or show your support and grab some swag from the HakShop – including the new airport friendly WiFi Pineapple and hoodie. Finally if you’d like to suggest a topic
for ask a question feel free to hit up feedback@hak5.org.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

9 Comments

  • mail junky 3 years ago

    The splash os downloads as a mswindows executable. How chicken shit. No respect for linux.

  • mihai 3 years ago

    Hi!

    You have a problem with this episode.I mean a sound problem,i can’t hear no voices.(only some noises)

    Can you fix it?

  • Nice work with the challenge!

    I’ve done a blog post about this episode on my Network Security and Forensics blog. It is always fun to see NetworkMiner being put to use.

  • Vedexent 3 years ago

    Just a note about non-storage USB pass through on a Windows machine: you can pass through a WiFi dongle on Windows 7 to a VM just fine, PROVIDED you uninstall the drivers on the host so that Windows doesn’t try and mount the device.

    Once I did this, I had no problem using my WiFi dongle on a Linux VM

    It might be something to try before forking out 60 euros for USB redirector.

  • zmbijuri 3 years ago

    do a quick google search on cracking steganography and you’ll find a much easier way than bruteforcing.

  • Hi is the code for the kerberos.JPG image really February??

    I must be missing something, I tried it after downloading ccc.zip and I can’t get the password right:

    steghide extract -sf $target

    I even ran the perl script over with a dictionary file and it didn’t crack it… did the password get changed for that .JPG file? it’s beginning to get to me that I can’t open it.

  • Enter passphrase: Trying: typewritten
    Attempt #:27039
    steghide: could not extract any data with that passphrase!
    Enter passphrase: Trying: typewrote
    Attempt #:27040typewrote

    IT WORKED!
    PASSPHRASE was : typewrote

    yeah, doesn’t work.

  • redlynx 3 years ago

    Haha BB my bad, I should have seen that coming. The problem here resides in the fact that my regex wasn’t very specific, this was my first brute force program after all! :-/

    The script breaks because it only checks to see if the text “wrote” is present in steghide’s output.

    The line:

    [qr/wrote/ => sub{

    should have been:

    [qr /\swrote\s/ => sub{

    Its a tad more specific. it is still possible for it to fail, but it greatly reduces the likelihood of failure.

    To be fair, it works. It has, however, the potential to fail.

    redlynx