The poetry of (in)security

$ hello

Wireguard VPN: Portable Raspberry Pi Setup

We often use wireless networks to access the internet. This may be at home, work or even places like restaurants. When we connect to these networks, the security of our internet traffic is under the control of the owner of the wireless network. This is also the case when we connect to a wired connection on a network we don’t control.

Read on →

Wireguard VPN: Chained Setup

Moving on from my previous post about setting up a typical Wireguard VPN connection, let’s go through how to do a chained setup. I will show how to do both the typical chained Wireguard VPN connection and the one with selective routing as described in my earlier post here

Read on →

Wireguard VPN: Typical Setup

I recently discovered the awesome Wireguard VPN tunnel and I was sold. Wireguard is a simple, kernel-based, state-of-the-art VPN that also happens to be ridiculously fast and uses modern cryptographic principles that all other highspeed VPN solutions lack.

Read on →

VPNs! An OPSEC Primer

The internet is a glorious place. This gloriousness does often come with some pitfalls here and there. Being probably the greatest source of information ever, various actors are constantly devicing ways to acquire and make use of all this data.

Read on →

The 2017 AfricaHackon Conference Badge

Information security conference badges have rapidly evolved over time. They have become a favorite among conference organisers and attendees as fun accessories that tie in to the conference experience. Unique badges have become collectible items that attendees keep and identify with a particular conference.

Read on →

Receiving Outernet Satellite Broadcasts

Receiving satellite data is something I’ve been hoping to try out for a while. It’s an area that captures the magic of long range radio communication and has become easier to experiment in as time has gone by.

Read on →

Hijacking wireless mice and keyboards

Earlier this year researchers from Bastille discovered vulnerabilities in wireless mice and keyboards that could lead to them being remotely hijacked from as far as 225 meters away. They have a dedicated site detailing the vulnerabilities dubbed mousejack. They also released POC code which I have built on to implement a remote takeover of a machine using a wireless mouse/keyboard.

Read on →

A DIY Listening Device

I have had a set of Intex Wireless Roaming Headphones lying around the house for a couple of years. They consist of a receiver (headphones) and a separate transmitter. The headphones include an FM receiver powered by two AAA batteries with reset and scan buttons for normal FM operation, and of course volume control. The separate transmitter comes with audio and microphone jack ports and is also powered by two AAA batteries. It also has a DC port as an alternative power source option. Here’s how it looks:

Read on →

GSM: Sniffing voice traffic

I wrap up the GSM series with a walkthrough on how to decrypt voice traffic. Voice is the way most people interact on a telecommunications network and therefore a major componenent of GSM traffic. I’ve explained a lot of the background on GSM communication in the previous posts so I’ll get right to it.

Read on →

GSM: Sniffing SMS traffic

In the previous post, I explained how GSM traffic can be sniffed with the HackRF One. GSM traffic carries a lot of information, from system information to the actual voice and data we are familiar with. The traffic that the normal user of a telecommunication network is concerned with is voice and data. With this in mind I’ll do a two part series to demonstrate how voice and data can be sniffed using the HackRF. I start with SMS traffic which falls under the data category. Let’s get right into it!

Read on →