Adventures in UAV Hacking

SkyNET demo flight SkyNET Drone

My first accepted workshop paper, accepted to USENIX WOOT 2011, was called "SkyNET: A 3G-enabled mobile attack drone and stealth botmaster". Catchy name, right? Check out the project page if you'd like a review. After the paper was published, presented, and let lie for a month, the project caught the attention of MIT Technology Review. Shortly after the story was published tons of other websites started duplicating and running their own. The relation between UAVs and "Skynet" did the trick in attracting media attention. Unfortunately there's very little AI incorporated thus far into the project. Nevertheless, it's been a blast reading the various comments on the project.

Read More

Enable Complete support for SSL on Wordpress

By 'complete' I mean: required SSL on the login and register pages as well as the entire admin section, and optional SSL for the entire blog for private reading. And when there is SSL, everything is transfered over SSL.

The first step is to enable SSL for administration. This is well documented within Wordpress, just add the following statement to your wp-config.php:

Read More

Social Engineering, the Past, and a Browser-based Game

I used to be a big gamer, playing mostly online multi-player games. When I started high school a friend of mine showed me a browser based game, let's call it game X. (I don't want to name the game as some of my memories are not exactly held in good taste.)  The game (mostly click-based) wasn't much fun and couldn't hold my attention for more than 10 minutes at a time. However, what did find my attention was various ways to exploit both the game mechanics and community. I was young, and mischievous.
Read More

Fun with Network Forensics: Discovering a Rouge Bridge

This is a short write up on some interesting things I found while completing a midterm project for a Network Forensics class I took last year. My network forensics group decided to map the traffic for contemporary Windows-based denial of service vulnerabilities. Our project utilized a live network of volunteer hosts connected to the university network. We used NetFlow data collected by Flow Tools. While searching for possible exploits I found a hidden network bridge. The bridge used a non-human host registered to a roaming port in a networking closet. The host was eventually found to use a rouge process which proxied connections from an external residence on to campus. A malicious user could have used this bridge to proxy requests from their home through the university.

Read More

Proxied Email Addresses per-Application

Abstract: I wanted some mechanic in email, such that I could tell how a person found my address. Since I post my email address to many web sites, I wanted a way to track which web sites knew which emails. So I wrote a small script which allowed me to think of email addresses on the fly and distribute them. When someone responded to the emails they would be analyzed and forwarded to my inbox with a reply-to address that would take the opposite route and be sent as the 'on-the-fly' email address.
Read More