This time on an exciting brand-new-studio edition of Hak5 we’re getting hands on with the latest version of BackTrack-Linux, configuring virtual machines and wireless. Shannon’s flashing the firmware on a Dingoo Digital A320 and installing a custom distro of Linux and so much more.

Download HD Download MP4 Download WMV

Hacker Headlines

Oh Skype… They have another security problem. Skype on Mac OS X has a bit of a flaw. You can send a Skype message to another user and potentially get remote access to that other computer. Gordon Maddern, a security researcher, found the flaw and told Skype about it more than a month ago, but there was no fix until after the news started spreading that there was an issue. Skype has released a small term patch, but no full fix has been released, nor has users been notified to update.

Just days before Google I/O begins, French security firm Vupen demonstrates a zero-day vulnerability in Google Chrome allowing remote execution. The exploit, which hasn’t been released to the public, bypasses Chrome’s praised Sandbox as well as Address Space Layout Randomization and Data Execution Prevention. Google, busy introducing the Chromebook, has not verified VUPEN’s claims and says that if necessary an update will be pushed to users automatically.

The death of Osama Bin Laden has spurred several scams throughout the interwebz. Malware has shown up on certain websites, a Facebook scam popped up, and even the blog of the guy who accidentially live twittered the event has been compromised. Scammers are smart and they know what you’re looking for. People want to see the ‘Osama death video’, which doesn’t exist. So for anyone out there who was considering clicking that video on Facebook and sharing it with your friends, DON’T, and while you’re at it, delete it from your profile if someone else posted it.

Symantic security researchers are reporting that a flaw in the way application authentication works on Facebook, nearly 100,000 apps may have complete access to your account. Facebook now uses OAUTH 2.0 for authentication, however older authentication schemes are still in use. The firm advises users to change their passwords immediately — which essentually thwarts the access token bug.

Hot off the heals of Ubuntu’s 11.04 “Natty Narwhal” release — which has been getting mixed reviews due to the new Unity window manager, Backtrack Linux releases the much awaited version 5. In addition to native 64-bit and ARM processor support the security distribution now comes in both KDE and Gnome flavors. Are you excited? Have you checked it out? It’s available via torrents, has a stealth mode, comes with Metasploit, and sounds just plain awesome!

Kerby’s oldschool app of the week
Oregon Trail

Hacking the Dingoo Digital A320

This week I’m introducing this fun little device called the Dingoo Digital.

The Dingoo Digital A320 is a gaming handheld for open game development. It has modest hardware specs: 400MHz CPU, 32MB of RAM, 4GB internal storage, a miniSD reader, a 2.8″” LCD screen with a 320×240 resolution, and your normal jacks. The cool part is the software. You can playback several video and audio file types, there is a built in FM tuner for radio, you can record voice, and the SDK is available for free. My favorite part is it’s customization features and ability to play ROMs. Because who doesn’t like video games?

The device comes preinstalled with several arcade games like Centipede, Mine Sweeper, and has built in Emulators for your convenience as well. But if you want more with your new toy, what is better than installing Linux on it?

Enter Dingux, the Linux Distro for the Dingoo. You can get Dingux on the dingoo-scene website as well as really easy steps to follow if you want to check it out.

First off, you’ll need to download a couple of files. Booboo’s dual boot installer zip file for Windows, and the local-10 or local zip file. Charge your Dingoo so it doesn’t die during the reflashing process. We don’t want a bricked Dingoo!

Once your files are downloaded, unzip the Dual Boot file into a new folder wherever you want on your PC.

Turn on the Dingoo and go to the ‘System Setup’ menu, ‘About’, and press A. Press up-right-down-up-right-down and an easter egg diagnostics screen pops up. On the screen it should say ILI9331 or ILI9325 at the end of one of the lines. Mine says 9331. This is an LCD model and pertains to the flashing procedure.

Now, reset the Dingoo by holding B and pressing in the power button. The screen will stay dark so don’t panic!

Plug the Dingoo Digital into your PC. Choose cancel if any ‘new hardware found’ screens pop up. When your PC asks for a driver location choose your newly created Dual Boot folder. The driver should successfully install and you’re ready to flash your Dingoo!

Unplug the Dingoo, press the reset button, and let it boot into the normal firmware. You won’t need to hit the on button during this reset.

Hold the B button down and press POWER AGAIN. Plug the Dingoo back into your PC.

Open cmd, and go to the Dual Boot File directory. cd shannon\downloads\Dingoo Dual Boot and execute the usbtool-win file. We’re going to upload a file to a specified address, so we’ll type usbtool-win 1 hwinit.bin 0x80000000. This should start the flashing. Then type usbtool-win 1 zImage_dual_boot_installer_ILI9331 0x80600000 and press enter. A screen will appear on the Dingoo saying Dual Boot Flasher and press start to coninue.

Follow the on screen instructions. If done correctly, it’ll say Success at the end. You should see a Dingux startup screen when your Dingoo restarts. There is another step to getting Dingux to startup, so right now it’ll just boot to the original firmware.

Reset your Dingoo and plug it into the PC. Your PC should find it in a few seconds.

Next, plug in your mini SD card and format it to FAT32. Unzip everything from the second file you downloaded, local-10.zip, to the root of your mini SD card.

After unzipped, go to the mini SD card and rename your LCD screen file to zImage. So, mine is ‘zImage-20090707-ILI9331′, and I’ll change the name to ‘zImage’. Delete the other LCD image file if you want to.

Then, you’re done! Unplug and reset the Dingoo while holding down the Select key. It should boot into Dingux and launch the Dmenu. You should see a new menu on your screen.

Now that you have Dingux installed, go online and find some handy ROMs!

There is a ton of stuff you can do with this gaming device. The growing online community has tons of homebrew video games to try out, theme packs, and ROM’s available. I’ve linked a bunch of the websites in our shownotes. I’m thinking next week I’m going to try to stick Doom on here, because, why not? It’s DOOM!

Email me at feedback@hak5.org with questions and comments.

HakTip: BackTrack 5 first-boot

Darren is excited to be playing with the new BackTrack 5 linux. BackTrack is a fantastic distribution for security auditing. Version 5 is available in 32 and 64 bit flavors as well as ARM processor support and now comes in either Gnome or KDE.

Darren demonstrates how to setup either a USB drive to boot directly off, or a Virtualbox VM. Darren goes on to show off ethernet configuration and setting up a wireless adapter over USB.

Emails

Nick writes in:

http://hackertyper.net/
set type speed to 1 for a more realistic look.

Keep up with the latest on Hak5 by follow us on Twitter or Facebook. Subscribe and get your weekly technolust delivered automatically. Or show your support and grab some swag from the HakShop – including the new airport friendly WiFi Pineapple and hoodie. Finally if you’d like to suggest a topic
for ask a question feel free to hit up feedback@hak5.org.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

13 Comments

  • Why Cant You Make A new Episode On Metaspoiled Attacked….
    We Realy Want To Know ……

  • TrY tO PuT ViDeO On yOuTuBe sO We cOuLd dOwNlOaD It eAsYlY…..

    KeEp iT uP gUyS…….

  • Hi, we are from http://www.thehackernews.com/ , can we have Link Exchange ? Contact us at thehackernews@gmail.com , Thanks

  • Nick Bouwhuis 4 years ago

    Stil no Crack the code walktrough that you promised two episodes back? Realy like those

  • Whoah! The brick wall is back? :)

  • Woah! The brick wall is back? 😀

  • Martin 4 years ago

    Great episode, as always! I was just going to email you guys to ask if you could recommend a good usb wireless adapter for BT5…! I just ordered the same one online. I can’t wait for “Hak Tip” to start! Cheers!

  • Hey,

    Question. Does the Backtrack LiveCD need to be placed into the computer CD tray in order to download the Backtrack 5 onto the VM ware HD?

    -B

    • Martin 4 years ago

      B,
      You can just download the ISO and create a new VM off it; you don’t need to burn the image. VMWare is going to ask you to browse for the image or CD where the OS is located; just point it to where you saved the ISO. Once you’ve created the VM and booted into Backtrack 5, you’ll see an icon on the desktop named “Install”. Just double-click on it and it will guide you thru the steps to complete the hard drive installation on your new VM. Once it’s finished, you won’t need that ISO anymore.

  • Nicos 4 years ago

    Hak5,

    Hello guys! Just want to take a quick moment to say that I love your show. With being a newb and trying to take in the limitless hacking world tricks in, you guys have helped by showing me the 101. I recently inherited an old laptop (Sony Viao, 512 mb ram, 70 gbs, 1.5 ghz processor) and I installed backtrack 5 on the hard disk. No dual boot. This is my primary OS now. Is it possible to find an usb wireless adapter that will be compatible with this laptop and if so, what brand and model do you guys recommend? Keep up the good work. Thanks.

    Nicos

  • Someone 4 years ago

    Testing Backtrack 5.
    Just writing to get your captcha pic for pwntcha :)

  • Bruno 3 years ago

    Hi. Iam a macbook user and i had backtrack installed on vmware. The problem was…i couldnt use the gpu cracker because it just wouldnt recognize my ati.

    Is there any way to solve this? If i create a bootable usb will i have the same problem?If there is a mac user out there plz let me know how o solve this

  • It would be nice if you would show how to use backtrack on ubuntu virtualbox.

  • Welcome to our coach online store,80% Discount waiting
    for youMichael Kors Handbags Outlet Michael Kors Outlet

  • I will rigvht away clutch our rss feed as I can not in finding your e-mail
    subscription link or newsletter service.
    Do you’ve any? Please permit me recognize inn order that I may subscribe.

    Thanks.

  • Welcome to our coach online store,Super Discount waiting for
    youcoach outlet factory coach outlet online

  • Welcome to our michael kors online store,100% authentic quality,
    best appearance michael kors handbags fast Shipping. Michael Kors Handbags Michael
    Kors Handbags Outlet

  • Welcome to our coach online store,80% Discount waiting for youCoach Factory Outlet Coach Outlet
    Factory

  • cheap jerseys ?om cheap jerseys for sale

  • Chewap Warriors Jerseys Flash ?f Cheap Warriors Jerseys m?ke you outstanding Cheap Warriors Jerseys

  • What’s up it’s me, I am also isiting this web site on a regular basis, this web site is in fact good and
    the users are in fact sharing pleasan thoughts.

  • Do you have a spam issue on this website; I also am a
    blogger, and I was curious about your situation; many of us have developed some nice
    methods and we are looking to exchange strategies with
    other folks, why not shoot me an email if interested.

  • What’s uup mates, good post annd fastidious urging commented at this place, I am in fact enjoying by these.

  • We stumbledd over here from a different web addrerss
    and thought I might as well check things out. I like what I
    see so now i’m followin you. Look forward to checking out youhr web page foor a second time.

  • cheap colin mccarthy jerseys Seattle Seahawks Gear cheap rishaw johnson jerseys

  • authentic michael kors outlet Cheap Pelicans Salmons John Limited Jerseys cheap michael kors handbags

  • My family always say that I am killing my time here at web, however I know I am
    getting know-how daily by reaqding such fastidious articles
    or reviews.

  • Hello! Do you know if they make any plugins to protect against hackers?
    I’m kinda paranoid about losing everything I’ve worked
    hard on. Any recommendations?

  • WOW just what I was looking for. Came here by searching for Episodes