Custom PC Volume Knob Project
Recently, the Elgato Stream Deck Plus was released. My friends and I were looking at the device and really wanting the knobs to control just the volume of our PC volume. However, I didn’t want to buy the whole device just for a knob. This is the journey I made to DIY my volume knob.
This post is sponsored by PCBWay.
In searching for something that might already exist, I found a great blog post by Wolfgang Zeigler on how he built one for himself.
Adafruit Feather Huzzah 8266 DS18B20 Wing
I recently had my barn freezer go out. While it’s always inconvenient, I had just bought half of a cow, which is quite costly. A good majority of the meat had gone bad, and we didn’t know it for a day or so. To ensure this didn’t happen again, I tried to see if I could use my nerd skills to figure out a way to prevent this in the future.
Renewing KeyBase and GnuPG Keys
Every year or two, my GnuPG keys expire on KeyBase and in various key servers. Every time, I forget the process, and have to re-learn it. This post serves as a reminder to myself, or anyone else trying to do the same thing. It’s trivially easy, and there are GUI applications which can do it for you, but I went with this solution, since everyone should be able to do it.
Cricut Payment Bypass Vulnerability
Last year during Black Friday, I bought a Cricut Explore Air 2 to make custom stickers, tshirts, and what not. Due to the fact that I like 3D printing and other CNC devices, it seemed right up my alley. Being the security enthusiast that I am, I couldn’t help but look at their site as it was in my browser. What I found was surprising.
Background Cricut is a brand of home die-cutting machines.
Compiling SSLScan with SSLv2 support on OSX
SSLScan is a tool that I often use when validating SSL findings on penetration tests. I had recently seen a new version come out, with color highlighting and more fanciness, but wanted it for OSX. When I tried to compile it, I noticed that it did not support SSLv2, which is something I often screenshot, so I dived into getting it all working.
This guide will outline how to compile the newer versions of SSLScan with color highlighting, on OSX while retaining SSLv2 capabilities.
Burp Icon in OSX
Recently, I on a Google Hangout with a coworker and saw him using the Burp Suite. I noticed that he opened a text file containing the command to run burp with extra memory, so he could remember the shell command easily. I personally just ran the burp jar file by double-clicking the jar file. The only exception was when I did need that extra memory. In that situation, I had to look up the arguments on Google.
Backdoor Modules for Netgear, Linksys, and Other Routers
A week or so ago, I read the news of a new backdoor on several devices, including those made by Belkin, Cisco, NetGear, Linksys, and several others. A list of what seems to be affected devices can be found here. Eloi Vanderbeken, who posted his findings on GitHub made the original discovery. He also wrote a useful python proof-of-concept exploit, which allowed command injection, but I wanted Metasploit integration.
After playing with the proof-of-concept, I realized how powerful this backdoor could be.
Brainpan2
Over on #vulnhub, there has been quite a chatter about Brainpan2, a “sequel” to Brainpan, by superkojiman. They’re even offering a 50 GBP award to whoever submits the best write-up! Since I enjoy challenges like this, I took a look at the machine. However, the writeup had to wait until the contest was complete, so that people didn’t cheat to win.
The trolling, it begins early… I imported the VM into VMWare Fusion, and started finding the host.
Canon, Y U NO Security?
I recently bought a new printer at home, so my wife could print coupons without manually attaching to my office printer each time (Thanks coupons.com and all the other shady sites that require spyware-like software to print coupons, and often don’t support network printers). I ended up picking up a Canon MX922. It works awesome for her, and is connected over WiFi, so any device in the house can print to it.
