2 comments

[ 14.0 ms ] story [ 235 ms ] thread
My presentation is here: https://www.youtube.com/watch?v=Hyq6_IZ-2fE

I presented this at CircleCityCon, a hacker con in Indianapolis IN. https://ccc2019cfp.busyconf.com/activities/5c3a57314808fac10...

The pictures of this device: https://pbs.twimg.com/media/D4cOL0DWAAIiD2P.jpg:large

https://gitlab.com/crankylinuxuser/siginttablet/raw/master/C...

The details are as follows:

     Rx: 24MHz-1.7GHz (antennas 50MHz-1.2GHz)
     Tx: 100KHz-1.5GHz (antennas 50MHz-1.2GHz)
     CrazyRadio: non-BT 2.4GHz keyboards/mice
     802.1abgn wireless usb
     BTLE onboard bluetooth
I designed, build, and scripted its full build to a comprehensive defense/scanning and attacking platform. My repo linked contains the complete build instructions to build your own device.

Everything is under the GPL 3.

Why should you care?

Radio is used a ton outside of 'wifi' (802.11abgn) and Bluetooth, yet the hardware manufacturers put little to none in security / authentication / authorization / auditing. So they're massive vulnerabilities in any house or org. My device allows detection and attacking devices. It can be used to see for yourself what's vulnerable. And you can then make choices on what you want to do with it.

Vulnerabilities can include things like the following:

Garage door openers

car key fobs

refrigerators

ovens

washing machines

dryers

various IoT equipment

restaurant order alert devices

emergency sirens

municipal water pumps

P25 (police communications)

Plane telemetry (ADSB spoofing)

GPS spoofing and takeover

...and more