At tomorrow night's NEO InfoSec Forum meeting I'll be presenting "Unleash the Power of CUDA: Cracking Passwords With Video Cards".  Below is a quick abstract of the talk:

Being able to quickly crack passwords is an important part of a penetration test. Even with the advent of rainbow tables and pass-the-hash attacks, bruteforce cracking of passwords is often still required. During this talk I’ll discuss how CUDA enabled video cards can be used to greatly increase the speed of password attacks. Demonstrations of a CUDA powered attack will be given.

NEO InfoSec meetings are free, open to the public and include free pizza.  Food arrives around 6:00 PM and the meeting starts at 6:30 PM.  More information on the meetings can be found here.

I look forward to seeing you there!

Here are some links with directions and meeting details.

The party starts at 6:00.  I hope to you see you there!

Today the Bus Pirate speaks eight protocols (1-Wire, UART, I²C, SPI, JTAG, raw 2-wire, raw 3-wire and PC AT keyboard).  The raw 2-wire and raw 3-wire can be used to interface with proprietary serial protocols.  The Bus Pirate also contains some other handy features such as a on-board 3.3 and 5 volt power supply, 0-6 volt measurement probe, a frequency measurement probe and frequency generator.

I was not adventurous enough to etch my own circuit board so I decided to build the Bus Pirate kit made by Fundamental Logic.  The kit includes all the parts you need.  Fundamental Logic even preprogrammed the PIC so you can build the kit without a PIC programmer.  The online assembly directions for the kit are very clear and easy to follow.  Before you start be sure to visit their tools page to make sure you have all the tools you need.

Overall the project took me about two hours to complete. A lot of that time was spent setting up and getting back into the swing of soldering.  Overall it was not a very difficult project.  The kit uses all through-hole components and the circuit board is not too densely populated.  In terms of difficulty I rate this kit as medium to medium-low.  I recommend this kit to anyone who wants to build a Bus Pirate.  However if you are new to electronics and soldering this is probably not the best project for you to cut your teeth on.

Truthfully I had more problems getting my serial port and terminal program configured properly than I did assembling the kit.  In the future I'll post some notes on getting the Bus Pirate to work in Windows and Linux.  I'll also cover how to get it working with a serial-to-USB converter.

So the Bus Pirate sounds like a cool geek toy but how does it relate to security?  First off when assessing hardware it is often helpful to communicate with the hardware directly.  This will allow you to skip over the vendor's APIs and applications which may place limitation on what can be sent to the hardware.  If you can talk to the hardware directly you can bypass these limitations.  From the security point of view I am especially interested in the Bus Pirate's ability to speak JTAG, 1-wire and raw 2-wire serial protocols.

JTAG is a diagnostic protocol that can be used to communicate with electronic circuits and chips.  JTAG is commonly used to restore bricked routers when an installation of OpenWRT or similar firmware fails.  However JTAG can also be used to directly query the memory in most embedded devices.

iButton Image By Stan Zurek1-wire is a protocol used by the iButton line of products. iButtons are frequently used in physical access control systems.

The raw 2-wire mode can be used to communicate with a number of smart cards.

I'll let your imagination ponder why I would want to communicate with these devices.

Notacon Mythbusters: Is Personal Data Stored on Hotel Keys? Using Magstripe Analysis Tools to Discover the Answer

For years emails and rumors have circulated that personal information such as credit card numbers, names and addresses are stored stored on hotel room keys.

The talk starts with an introduction to magstripe cards and how information is encoded onto the cards. The next section discusses what tools can be used to read and analyze magstripe cards. Next we test the myth by looking at data collected from a large number of hotel keys to determine what personal information is stored on them. The talk concludes with a discussion of advanced magstripe analysis, data manipulation techniques and how these techniques can be used during penetration tests and security assessments.

On a related note I hope to get back into updating this blog. One of my first priorities is to finish up the series on magstripe analysis. Thank you for reading and stay tuned for more updates!

Remember to watch this blog for a series of blog posts on this topic!

• February 18th - Cutting Edge Web Application Security Attacks - Lunch and Learn hosted by Peak 10 in Cincinnati Ohio - E-Mail Me for More Information
• February 18th - Tool Talk: Pass the Hash - NEO InfoSec Forum in Cleveland Ohio - More Info
• February 18th - Overview of ShmooCon - NEO InfoSec Forum in Cleveland Ohio - More Info
• March 12th - Client-Side Wireless Attacks and Defenses - Ohio Information Security Conference in Dayton Ohio - Registration Information
• April 16th - 19th - Notacon Mythbusters: Is Personal Data Stored on Hotel Keys? Using Magstripe Analysis Tools to Discover the Answer - Notacon in Cleveland Ohio - Registration Information
• May 5th - Wireless Security Issues with Hands-on Lab on Auditing Wireless - Pittsburgh Chapter of ISSA in Pittsburgh PA - More Info

If you are at any of these events please come up and to say "hi".  I always love to meet my readers in person!

As always ShmooCon was a blast.  It was wonderful to meet everyone!  The podcaster meetup was a lot of fun.  Before the meetup Dave and I had a chance to make some Security Bats of Justice (TM) and try them out in a duel!  If you are wondering Dave solidly that match.  That man is dangerous with inflatable toys!

Of course there were also some great talks at this years ShmooCon.  If you are in the Cleveland area and would like to hear a first hand review them stop by next week's NEO InfoSec Forum meeting.  At next week's meeting I'll actually be doing two presentations.  One will be an overview of ShmooCon and the other will cover the Pass-the-Hash Toolkit.  Of course after the NEO InfoSec Forum meeting we're going to head over to Mavis Winkle's Irish Pub to record the Security Justice Podcast.