A Virginia DEF CON community
Today I installed SigintOS into a VM and captured it with FOG for lab deployment, got the Wifi Pineapple upgraded, and installed “Damn Vulnerable Windows” into my lab for sploit practice. ‘Twas a good day, and now I’m going fishing in VR.
Well, I can’t complain. That was a super quick delivery.
I ordered both of these things three days ago at 2:30AM.
Let’s start with the Eurorack frame from Synthrotek. For just over $30, you get top and bottom rails with channels for the included M3 Eurorack square nuts (50ish I think?), and a pair of rack ears that screw into the ends of the rails with self-tapping 10-24 machine screws. Considering that the cheapest comparable size unpowered Eurorack skiff is probably the Moog 60HP for $90, and I already have a place to rack it, I think I got a good deal.
Now, onto the Behringer CP1A Eurorack power supply. Most everywhere I looked in the US, this unit sells for over $100. However, gear4music in the UK sold it to me for $58 + like $12 shipping, and unlike China, it arrived on my doorstep in three days via DHL.
I’ve held a so-so opinion of Behringer for years due to shitty audio gear I’ve owned. Feature-poor and muddy sound. But I talked to a synth addict colleague of mine, and he says they’re making a lot of serious moves into synth territory, and becoming a respected name. And I thought, “Well, I can’t go wrong with a simple power supply, right?”
I was pleasantly surprised with the packaging, first of all. Some thought went into the internal packaging and foam design. That’s always a good sign.
Then I noticed the power supply. It came with a brick-style transformer which takes in 100-240V AC and outputs 13V DC in a standard barrel connector, but the power connector from the wall to the brick was UK AC to relatively ubiquitous C8. If I wasn’t an electronics hoarder who recently rearranged all of my power cables, I’d be in a bit of a quandary there. But of course I have a standard ungrounded US AC power to C8 cable. Not a problem at all.
The unit has two sockets for bus connectors in the rear, and they were kind enough to include two flying bus ribbon cables in the box. There’s a good chance this unit will power two racks rather than just the one I intended it for. Time will tell. Looks nice, takes up very little space, and has an on-off switch. I’m pleased. Now we wait for the modules to start arriving.
And I’m excited for how it fits into the overall plan, too…. Muahahahahahaha.
So within the last year, I saw the Moog Subharmonicon demos, and decided that this is something I really really wanted to experience for myself. Then, per my standard response, I went all in, obtaining the Subharmonicon, then the DFAM, then the Mother32. “But wait,” you’re thinking, “that’s not modular, that’s semimodular!” Yeah. I know. Believe me, I know. But it’s close enough to have given me the bug.
I started looking at modular setups. Going fully modular can be really, really expensive. Anything beyond a minimal setup starts at maybe $1000 and goes way, way, way up from there. It’s difficult to imagine how people afford some of the rigs they’ve put together.
But recently, Winterbloom opened up preorders for a module I’ve been watching the progress on — the Castor & Pollux module. I like it because (a) it’s unique — I don’t think there’s another module like it; (b) it has functionality I think I’ll truly enjoy, rather than just utilitarian modules that you simply have to buy if you go fully modular; and (c) it’s open — I can decide to use the ins, outs and knobs for different functionality than originally intended, and it’s DESIGNED to be that way. So I’m excited about it, and placed a preorder. Oh, and (d) it’s fucking beautiful, visually.
Here’s the difficulty. I don’t have ANY Eurorack modular gear yet, and at the very least I will need a housing and power. So I weighed my options. I could go with a Moog 60HP case that will aesthetically match the three Moog semimodulars I have now — about $90 for the case, plus the cost of a power distribution module for it. I could shell out hundreds for a powered or unpowered Eurorack skiff. I think most of them are drastically overpriced for what they are.
What I settled on was a DIY solution, which isn’t TRUE DIY, but also happens to be the best budget solution out there for getting started in Eurorack.
Years ago, I built a DIY Ikea 19″ rack. I probably posted about it here. It’s 6U of rack connected to an Ikea side table. I recently retired it and offered it to my friends, and nobody took me up on it. Good thing. When I started looking for 19″-rack compatible Eurorack housings, I found that Synthrotek offers one for just over $30. An 84HP 3U rack with ears, compatible with 19″ racks, for just $35. And then I found that Behringer offers a decent power module for Eurorack (the CP1A) which can be found for well under $100, including flying bus board and a wall wart to power it. So I get to recycle my DIY Ikea rack and start filling it with Eurorack modules as the whim hits me.
I also decided that I can’t have a Eurorack with only power and Castor & Pollux. I needed something else to round it out. So I went with another module kit that I’ve had my eye on for a while. I need a source of “randomness” that I can use with any of my semi-modular gear, because it suits my style of synthesis. So I ordered a “Sauce of Unce,” inspired by Buchla’s Source of Uncertainty. I’ll have to assemble it myself, including soldering components, but it’s worth it.
I may ditch my most recent effects pedal as well, the Source Audio Collider, in favor of a Eurorack reverb unit. Pedals take up unnecessary surface space if they’re on the desk, and you can’t see them or work them easily if they’re on the floor. I like the Collider a lot, but the available Eurorack reverbs almost had me make the jump to modular when I was making that decision. Fortunately, when you buy the good shit, it holds its value.
It’s a slippery slope, but for better or worse, I’m on it.
For those who don’t have access to one of these, you can live vicariously through this video.
I recently blogged about obtaining Chinese UID-writable magic backdoor Hello Kitty MIFARE fobs to test cloning HF RFID cards. My hope was that I’d be able to clone my kid’s college card, so she wouldn’t have to dig out a card every time she enters a space, just use a fob on her keyring, just like I cloned my LF HID card to a fob for work.
At the time I ordered them, she was away at school, so I had no way of knowing what format her card was. If her student card was MIFARE, I’d probably have a fighting chance. I believe I have successfully cloned MIFARE cards. I say I believe, because I don’t have access to a testing platform until my next hotel stay.
Alas, it seems like schools (at least her school) are a bit ahead of the RFID game compared to hotels. Rather than simple MIFARE, it’s DESFire EV1 2K, and from the searching I’ve been conducting tonight, it doesn’t seem like DESFire has been cracked as far as retrieving the master key. DESFire EV1 is not bleeding edge, though. According to MIFARE, it’s not recommended for new designs. Instead, MIFARE recommends DESFire EV3.
In any case, it’s a hell of a lot of fun to learn the ins and outs of the various formats, protocols, etc., and how these cards and readers work.
I’ll keep on it on the sideburner. I suspect if I do nothing and someone cracks it, it will make its way into the PM3 firmware rather quickly.
I did read something on the forums indicating that the master key might be derived through side-channel attacks involving response speed.
I’ve been wanting to slap this together for a while. Since we have so many members who have never seen the space (thanks Covid!), I thought I’d give you a taste.
So thanks to Kyle, I’ve got a 2019 SAINTCON Enigma Badge to play with for a while.
I’ve been mildly frustrated by the fact that I haven’t gotten anything to decrypt on it yet using the 2019 instructions, sample messages and code sheet. I had just gotten comfortable with that fact when the Hackers Challenge CTF came up during this year’s SAINTCON. I lost quite a bit of time to trying to solve an ENIGMA challenge, because I HAVE the badge right here in front of me but still had a knowledge block that was preventing decryption. Had I learned before the CTF, I would have gotten another 300 to 400 points.
So now, even though the challenge is over, I was even more determined to see this through.
Here are the 2019 instructions, with my commentary following:
Okay. Instruction 1 says “Apply the daily key from the code sheet to your Enigma machine.” This is a sample of what the Code Sheet looks like. While it is unclear from the instructions AND the Code Sheet, I assumed that “daily key” refers to the “ring settings” or Ringstelling.
What threw me was the plugboard. When I entered settings, there was a PLUGBOARD section on the badge that wouldn’t accept any input. Naively, I assumed that was an unimplemented feature. Boy was I wrong. I wasn’t at SAINTCON last year, so I missed a critical piece — the critical piece is that the plugboard is a PHYSICAL plugboard on the badge, just as it is on the real thing.
Once that Eureka moment came (thanks to atru5 and kfeuz for clueing me in), it was smooth sailing all the way to the finish line. God I want one of these of my own.
Here’s the sample message and the code sheet for that day, followed by the images of the message decoding after setting all the rotors, ringsettings and encrypted message key, and connecting the plugboard up properly with jumper wires:
October 27 1942
0801 = 1tle = 1tl = 107 = SYN VAB
SCZOT GULGK VHBJQ WILJA CBSZG YUUYC VYLFV YPEFZ SMLNR DFPEO HYHNB JFSYV JFJJP QGKRV MUJLS TLESD IISMW POMJT JBYNL LLOIC YFNWK VU
If you want to play with the Enigma yourself, you can use the simulator on Cyberchef. For the SAINTCON simulations, you will need a custom rotor. When the code calls for rotor IX, use the following: BASHCOMPUKIDZERGYJWLQTFXVN
Today, one of the important accessories I was waiting for arrived. The SIM card reader extension. This extends a SIM card slot out via ribbon cable to a clear housing which fits, wait for it… a smart card. Inside the Proxmark3 RDV4 housing, in addition to all that delicious RFID goodness, is a SIM card slot. (If you didn’t already know this, SIM cards are basically the same technology in a different card profile.
So if you crack open the housing (and remove the BlueShark battery/BT module if you have one), you’ll see the SIM card slot. These adapters are less than $2 on aliexpress. Once you slide it in and slip a card into the housing (chip end first, of course, and chip facing the contacts), you have access to the sc commands in the Proxmark firmware (I’m running iceman’s fork, I don’t know how much of this is supported in the stock firmware).
I remember when I got my Hak5 kit, one of the things I thought was a nice touch was the custom flight tags — “REMOVE BEFORE FLIGHT” on one side and “TRUST YOUR TECHNOLUST” on the other.
Anyone who knows me knows I have a fetish for storage solutions, both permanent and portable/mobile. I really like the idea of everything in its place. When done right, finding things in the heat of the moment becomes a breeze. I wasn’t always like this.
So when I started enhancing my Proxmark3 RDV4 with accessories, most of which aren’t used at the same time, I realized I would have to assemble a kit and contain it somehow, because when going out and about for RFID research purposes, I might need any of the accessories. I happened to have a zipper bag similar to the Hak5 kit, so the thought came to me, “Hey, I wonder if custom flight tags are affordable in low quantities.” Turns out they are!
I found this on Amazon — two tags, two sides of messaging, choose your colors, under $10.
https://www.amazon.com/gp/product/B085772MFD/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1
I figured at $10 it was worth a shot. For a moment I struggled with what the second tag would be for, then I realized I could use it with my locksport Pelican.
I think they came out fabulous. 10/10 will purchase again.
What an exciting time to be alive. The badge itself will be a really fun platform for collecting minibadges. A minibadge came with it, as well as a coupon for three copies of my own minibadge, which I designed today as part of the Hackers Challenge CTF that’s going on during the con. Strongly recommend y’all get one before they run out. Very affordable for the level of fun and creativity involved.
