Project « Rick’s Awesome Blog

Archive for the ‘Project’ Category

Magomatic Brute Forcing?

Sunday, April 5th, 2009

I was writing up the page for the Magomatic and started on the improvements section. I realized I started going on and on about a possible brute-forcing function and I decided that it would be better suited for a post instead of putting it on the page. So prepare yourself, as I am about to dump everything I can think of regarding brute forcing magstripe card door locks.

I was thinking that since I can just read card data with a computer, I should be able to read a room number off the card, alter that data to another room number, and put that information on my emulator. This would work in theory, but what if the card contains encrypted data? Then you would not know what represents the room number. What’s more, what if the card does not conform to the track 2 standard? They could use their own protocol. Either way, all I will see are 1’s and zeros.

Since the encrypted data is still only 1’s and 0’s, you could potentially try every possible combination of 1’s and 0’s until you found a combo that worked. Analyzing multiple cards of the same type, (door keys for example) you could potentially see how much data changes from room to room or date to date. You could then lower the amount of bits you would have to brute force to just the number of bits that change. This may be impractical seeing that to brute force each bit would mean that the total number of possible combinations is equal to 2^n where n is equal to the number of bits required to brute force. That means for just 10 bits you would have to try 2^10 = 1024 combinations. It would probably take the magstripe reader about 1.5 – 2 seconds to deny a card. If it took 2 seconds, that means brute forcing 10 bits would take (1024 * 2) / 60 = 34.13 minutes. That might not be worth the time.

Another option for brute forcing is to brute force each byte, rather than each bit. This will only work if the magnetic stripe key follows valid track protocol and is not encrypted. In this case, you could just read the data on your computer and alter whatever you wanted, however what if you wanted a hand held device to do everything for you automatically? It is rather cumbersome to hook up a reader to a laptop, scan the card, alter the data, program a microcontroller, put the micro in your emulator, and then open a door. It would be much nicer to have a device that could just brute force open any door.

If one of these cards follows valid track 2 format, then you could just brute force every 5 bits (there are 5 bits in a byte in track 2 format) rather than every single bit. However, now you have more possibilities for each byte. It’s not just either a one or a zero. Each byte can represent 11 different characters (0-9, =). I found this information by consulting this resource. Track 2 also states that there are 37 data bytes between the start and end sentinal values. This means that the total possible combinations you would have to brute force would be 11^37= way too many to be worth the time. In this case, the best thing to do would be to analyze the data on a computer, figure out where the room number and/or expiration date is stored, and then program a microcontroller to try every possible room number while keeping the other data the same. It could then make sure that the date was some date way in the future to ensure it would work. Better than this, you could put an interface on the device to program the exact room number. Using a serial LCD and a few buttons, you could view the data after it is scanned into the device. Then the buttons can be used to alter the data or just punch in the room number.

Brute forcing these things seems mostly impractical due to the fact that it would take forever to brute force all the data on a card but in the event of encryption, it may be necessary. If you can narrow down just a few bits that need brute forcing it would be worth it. I’ll have to experiment once I have some data to analyze.

Tags: magnetic, magomatic, magstripe, Project
Posted in Project, security | No Comments »

Magstripe Emulator Device Complete

Saturday, April 4th, 2009

I first became interested in magstripes a few years back. I found a few resources online that explained how you can build a primitive magstripe reader using just a magnetic readhead from a walkman and a headphone jack. You can use custom software to look at the waveform that is created and decode the binary data. I never was able to get that working right, most likely due to now being able to swipe the read head over the card in the exact right spot. A few weeks back I finally decided to bite the bullet and just buy a magstripe reader online so I could play with magnetic stripes.

After reading through the StripeSnoop site I decided to buy a 30$ TTL magstripe reader. These seem to be the simplest to use and they work with StripeSnoop. However, StripeSnoop requires a gameport or parallel port connection, and most computers nowadays do not have either of those. I wanted to be able to use my reader on any system. I found this guide that shows how to make a sort of USB adapter for the TTL reader. It basically reads the TTL signals from the magstripe reader, and then “types” them into the computer as though it is a keyboard. If you have a notepad window open it will just dump a long string of 1’s and 0’s into the window. StripeSnoop has a -i option that takes input from the keyboard so all of this should work together. I purchased one of the adapter boards along with the magstripe reader. Five days later they both showed up at my door and in about an hour I had everything hooked up on my computer and functioning. My reader only reads track two, although I cold read track one if I put a small piece of plastic in the bottom of the reader to raise up my cards by exactly one track size. For now, reading just track two will work fine since my research showed that most cards use that track anyway.

Enter the idea for the magomatic. I’ve had this idea for a while but it keeps changing slightly in my mind. I essentially want the ability to read a magstripe card and then emulate it back. This is different from cloning a magstripe card onto another card. This is basically “recording” the magstripe data and then “playing” it back as though it is coming from a magstripe card, even though it is not. I first thought that the easiest way to accomplish this goal would be to record the magstripe data as audio, and then play it back out through an amplifier, into an electromagnet. I had found this instructable where someone did something similar and prooved that it works. This person would scan in the data, and then put it into a C program. The c program would encode the binary data into a wav file. He could then put the wav file on his iPod, play it out through an amplifier and into an electromagnet. He included a video to proove that the concept works. This is how I started the project.

I had to proove to myself that his idea worked. I created an electro magnet and downloaded his source code. I also purchased a small battery powered amplifier from RadioShack that was able to boost an audio signal pretty loud. I wasn’t able to get the C program to work correctly so I ended up changing some of the code around. I altered it so I could just paste the raw binary data from my card into an array in the program. It would then encode that data, rather than converting symbols and letters into binary data and having to generate valid checksums. After some fiddling with the code and with volume settings I was able to get this working. I could play the audio file out of my headphone jack, through the amplifier, into the electromagnet, and then into the card reader. The card reader thought I had swiped my card. Success.

The next step was figuring out how I could store the data on something portable. I didn’t want to have to lug around a computer. My idea was to have a small, handheld device that could read a card and then instantly play it back. I bought a small picture frame from RadioShack that included a 10 second voice recording module. It is supposed to be used to store a message along with your photograph. I had other plans. I ripped that picture frame appart and pulled out the small recording module. I removed the microphone and the speaker and just left some wires attached. To test the module, I hooked my computer’s headphone port up to the microphone wires of the circuit using some aligator clips and a 1/8 inch mono jack. I pressed the record button on the module and then played the working wav file through the headphones. I then moved the aligator clips to the speaker wires and plugged the headphone jack into the audio amplifier. I then had another set of clips going from the amplifier to the electro magnet. After fiddling with the volumes for recording and playback, I had it working. I now knew that it was possible to record magstripe audio data onto this module and play it back without losing the data.

The last step was to create my own simplistic reader from a magnetic read head. I bought an old Walkman from the local Goodwill for $4. The read head was not difficult to remove. Unfortunately, I had a terrible time figuring out how to build a mechanism that would line up the read head exactly to track two of the magstripe card and swipe in a nice, straight line. I tried a few things but everything failed. I could tell it was picking up data but I never knew what track(s) it was from. Eventually, after all that work, I had to give up on the audio idea.

It was time to come up with a new plan. How else could I record the data and play it back though? I had already been thinking it would be nifty to be able to record the data digitally, rather than via an analog signal. Having the actual data would allow the possibility of data manipulation. Why would it be good to manipulate the magstripe data? One application is in hotels. Most hotels use magstripe cards as room keys. What if that data was not encrypted? What if I could just read the data, see the room number in the data, and then change it to another room number? I could open any room in the hotel! I could even put a number pad on the device to allow me to choose what room I wanted to enter. This is just one interesting application that I thought of. But how could I accomplish this?

I pretty much instantly thought of using a microcontroller. I assumed that a Basic Stamp would be too slow to read the magstripe data, and also, Basic Stamps are expensive at around $50 a pop. My next thought was the use the Parallax SX chip, since it’s the only other microcontroller that I have used and have a programmer for. To prevent myself from re-inventing the wheel I Googled around to see if anyone else had interfaced a magstripe reader to an SX chip before. I got lucky and found one article where someone did just that. He also used the easier to understand SX/B code rather than assembly so it worked rather well for me.

I was going to have to edit the code, though. He was using a serial LCD for output but I don’t have one of those. My only real option was to set WATCH’s on the variables that hold the data and then poll for the variables while debugging. After a few days of fiddling, frustration, code editing, etc I had to give up for a bit. I was having a terrible time making that code work with my reader. The author had used a similar, yet different reader and his code just wasn’t working right for me. At this point I had changed pretty much all of it and simplified it as much as possible and still wasn’t getting anywhere. I decided to focus my attention on the emulation part of the project.

I figured it would be a waste of time to finally get this reader working, only to find out that I was unable to emulate magstripe data with the SX. Emulating the data turned out to be a piece of cake. I created two SX/B functions to output either a one or a zero depending on which function was called. You essentially have the electromagnet hooked up to two SX pins. If you want to output a one, you just turn one pin off, and the other on, then after about 1ms you switch them. For a zero, you turn one pin on and the other off, but after the 1ms delay you leave them in the same position for 1 ms. You can then “flip the pins” to make the current travel through the electromagnet in the other direction. I wrote a simple program to output a fake credit card number, including the start sentinal, end sentinal, checksum bits, and the LRC byte. The extra information was necessary for StripeSnoop to properly decide data. More information on magstripe protocols can be found at this great resource.

Now it was time to get back to the card reader. It took another 2-3 days of fiddling before I finally got this part working, but I did. I was able to store the credit card information in a byte array, and then play it back through an electromagnet into my computer. StripeSnoop thought I swiped my credit card. Victory at last! But I still had to merge the reader function with the emulation function.

Initially, the reader function would specifically wait for the start sentinal character and then collect data in 5 bit intervals. This is how the typical stripe 2 protocol works. After thinking about it, though, I realized that hotel systems and other systems might not follow that protocol. They could very well use their own system. That’s when it occured to me that for simply replaying the data, I didn’t even have to collect it in such a tedious manner anyway. That is only benneficial if I want to view the data in a way that I can read it. Instead, I altered the code to just fill up each byte all the way, instead of only the first 5 bits. I ended up with two 16-byte arrays. As you swipe the card, it stores the binary data in each bit of those arrays. Once the data is stored in the variables you just put the magnet inside the card reader, press a button, and it reads through the variables bit by bit and powers the electromagnet as necessary. Everything worked as it should. I now had a working magstripe emulator.

I spent all morning and early afternoon drawing up a schematic, collecting parts, soldering, and troubleshooting. After a few hours I had a working circuit board. About 4 hours ago I was able to fit everything into a project box the way I wanted. I did one last test with everything fitted to make sure it still worked and it worked just fine. My goal of having a portable, battery operated device capable of cloning magstripe cards is now a reality. I’m heading to Las Vegas in one week for a short vacation with my family. I can’t wait to test this thing out. I’m hoping that the hotel uses track two so I won’t have to try and read tracks one or three and mess with my reader. I’m also hoping that the keys are encrypted in any way. This might let me program the SX with my laptop to open other doors. I’ll post an update once I get back with the results of my experiment.

I’ll also take some photos of the device and post them on the project page. If I am able to get it to open my hotel room door I’ll definitely post up a video as well.

Tags: magnetic, magstripe, microcontroller, Project, sx
Posted in Project, security | No Comments »

Packet Radio

Tuesday, December 9th, 2008

Last February I got my Technician class amateur radio license. Why? Because I became really interested in high altitude ballooning. After looking at those pictures how could anyone NOT become interested? The hobby consists of launched a weather balloon up in excess of 90,000 feet. The balloon carries a payload that contains a GPS unit for tracking, and a radio to transmit the GPS coordinates back down to the ground, among other things. Another device called a Terminal Node Controller (TNC) takes the GPS data and turns it into an audio signal to send over the radio. The TNC also presses the Push to Talk (PTT) switch on the radio before sending the audio. Essentially a TNC is a radio modem. It takes digital data and turns it into audio to transmit through the air. TNC’s can allso to the reverse, and take an audio signal input from a radio to turn it back into digital data. Without this technology, high altitude ballooning wouldn’t be possible. Why send up a balloon to take photos if you can’t recover the payload?

This got me thinking. You can send GPS data over radio, so why can’t you send other data over radio? Well, you can. In fact, people have been doing this for a LONG time. My problem was, TNC’s are expensive. Several hundred dollars expensive. After some Googling, it found out that you can actually use your computer’s sound card as a modem. Makes sense right? There is software called soundmodem that runs on multiple operating systems that does just this. It creates a virtual KISS TNC interface in your system for use with packet radio programs. All you really need is some audio cables, and a PTT interface. Luckily, a serial PTT interface is really easy to build.

I did some testing yesterday morning with packet radio using a manual switch. To make the switch, I just cut the ground wire of a 1/8″ stereo audio cable and soldered a momentary pushbutton switch to it. When I want to send audio out of my radio from the computer, I just hold the switch down manually and set the packet radio software to transmit. It took some fiddling, but I finally got it working. I transmitted from my PC running a virtual Ubuntu install through one radio. The signal went through the air and out the microphone jack of a second radio plugged into my laptop running Windows XP. I sent the message “KE7SAL testing testing” and the laptop recieved it. There were some extra garbage characters before and after the message, but none in between. It was pretty awesome. The software I was running is called fldigi. It runs on both Windows and Linux and worked really well. At first I tried transmitting with fldigi and receiving with digipan, but digipan could not pick up the signal properly. I tried tweaking settings but to no avail. Once I switched to using the same program for send and receive it worked flawlessly.

Now that I can send data to myself, I want to send data to somewhere else! Although it’s cool knowing that I can do it, it’s just not as cool as actually using it for a purpose. Until some friends of mine get set up with packet radio gear I will need to find another way to go about this. That’s where a BBS comes in. A radio BBS is kind of like an old telephone computer BBS. You can “dial” into it with your radio and a computer and send/receive messages. Most BBS’s now adays are also connected to the Internet so you can send and receive emails via radio. There are a few in my city, although I’m not sure I will be able to hit them from my apartment. Maybe if I use an external antenna and place it in a good location outside. Regardless, I’m going to start getting my computer’s set up to deal with BBS’s this week. Here is a breakdown of the steps as far as I can tell:

1) Make sure the AX.25 protocol is enabled in my kernel. This is the network protocol that packet radio uses to communicate with BBS’s among other things.

2) Make sure KISS mode TNC’s are enabled in the kernel.

3) Install soundmodem.

4) Configure soundmodem using the soundmodemconfig utility.

5) Install jnos2. jnos2 is a packet BBS software. I believe it can be used as a BBS client or as a BBS server. This could prove to be fun to experiment with later on.

6) Configure jnos2 to use the soundmodem interface

7) Build the PTT interface.

That should be about it… I think. After all of that is done I believe I should be ready to communicate with BBS’s , or just communicate using the AX.25 protocol in general. If I get a friend to run jnos2 we should be able to send/receive email with each other via radio whenever. I’m getting pretty psyched about this for some reason. There’s just something cool about knowing you can transmit any data you want all over the place wirelessly without requiring any type of phone, cable, internet, etc service. All you need is electricity!

Tags: hamradio, hardware, packetradio, radio
Posted in Project | No Comments »

Pneumatic Cannon

Tuesday, August 26th, 2008

I’ve wanted to build a potato cannon since I was in high school, but never really got around too it. About two years ago I finally built one with my friend Drake. It was a very basic cannon. It had about a four foot long barrel and two inches wide, with a three inch wide chamber at the bottom. We would spray some hairspray in there and ignite it with a grill igniter. It worked pretty well but I was always a bit concerned with the fire element. Since then I have read up on using compressed air to build more powerful pneumatic potato cannons. I finally decided to spend some money and get the parts to build one.

I was able to find most of what I needed at Lowe’s. I bought all the PVC there, a PSI gauge, and a hacksaw. I ended up having to go to Ace Hardware to get the Schrader valve. One of the guys that works at Ace Hardware instantly knew what I was building when I told him I was attaching the valve to PVC. It turns out he has built a few of these himself. He advised me to use caulking to seal up the valve and PSI gauge to the PVC.

Once I returned home to my apartment I laid out all the pieces to make sure I hadn’t forgotten anything. It was at this time that I had realized the 3″ Sch40 PVC I had purchased to function as the pressure tank says right on the side of it “FOR NONPRESSURE USE ONLY”. Great. It turns out this Lowe’s doesn’t carry PVC pressure pipe in any sizes over 2″. I also tried the nearest Home Depot with no success. I will be stopping by a bigger Home Depot today to try and find some. Once I have the pipe, I can start chopping, drilling, and gluing everything into place. I’m hoping to have this thing ready by Sunday so I can launch some potatoes into orbit.

I’m adding a page for this to the Works in Progress section. I’m also adding a page to the ideas section for a coil gun. While doing research for the air cannon I found many resources on building a small coil gun out of used disposable cameras. I’ll most likely be stopping by a CVS soon to try and score some. There are actually several ideas I have for the disposable cameras but the coil gun sounds the most intriguing to me right now. I’ll be posting updates as things roll along.

Tags: air, camera, cannon, coil, gun, pneumatic, potato
Posted in Project, Update | No Comments »

New Project Completed

Thursday, May 22nd, 2008

It’s been a while since I posted on here. There are several reasons for that. The main reason is that my latest project has been taking all my spare time and it was a secret. I didn’t log any of it until just a few minutes ago because I didn’t want the secret to get out. It is an anniversary present for my girlfriend. You can check out the project page for more details on that.

The second reason is that my web server has been down and I haven’t fixed it until recently. My server rebooted one day when I lost power and Apache refused to start for some reason. Rather than sitting down to fix that, I just spent all my time working on the anniversary project. It turns out there was some other instance of httpd running in the background hogging port 81. I have no idea why this was. I’ll have to reboot the system again to see if the problem occurs again. At least I’ll know what the problem is.

In other news, I have started the Near Space class at school last week. I am really excited for this class. We will be sending a balloon equipped with computer, science experiments, and a camera into near space in just a few months. Ryan is splitting the class into teams and should have them posted on the e-shell this weekend at some point. Hopefully I’ll have access to the shell soon. I just e-mailed a local enthusiast to see if he wants to come to class to share his experiences and offer some words of wisdom. Hopefully that will go over well.

My dad should be sending me another radio, antenna and a Tiny Trak 3 module next week. I can’t wait to get that stuff. I want to start messing with APRS tracking as soon as possible to get a feel for it before we actually do a launch. I’m hoping to be on the tracking and telemetry team for the near space class.

I suppose that’s enough updating for now. I have to take some photos of the anniversary lamp to stick on that page, as well as get a schematic up. Man, I still need to get a schematic up on the graduation hacks page… I’ll get on that soon. I’ll also post a video of the lamp in action. Until then.

Tags: anniversary, lamp, linux, programming, Project, sx, Update
Posted in Project, Update | No Comments »

Laser Annoyance Device

Friday, April 25th, 2008

The other day I was working on a final project with some friends at school when we had a brilliant idea. We used a laser pointer from one of the projector remotes to mess with people in the commons at school from a small window in an upstairs classroom. When the student we were messing with started looking around to see where the source of the light was coming from, we would quickly duck out of site. A few people would watch the students react on the UAT webcam. When we could see that the students stopped looking around to see who was shining the laser, we would pop out again and shine it. They could NOT figure out where the laser was coming from. Hilarity ensued.

This lead to a project idea. Recently I procured an RC car with a video camera and headset. This thing is really quiet and really cool. I’m thinking I should be able to re-mount the camera on dual-axis servo rig. This would let me aim the camera in any direction I want. Also, I want to mount a laser on top of the camera so I can remotely shine it at people from this little car. It would be so much harder for people to spot this quiet little black car than a giggling college student. Yes, I know this project is ridiculous but I think it would be fun. It also gives me another reason to learn a microcontroller other than a BS2. I’ll just call it a social experiment. I’ve added this project to the Ideas section.

Tags: camera, headset, idea, laser, Project, remote
Posted in Project | No Comments »

Small Update

Wednesday, April 23rd, 2008

I’m still really busy with trying to get all of my homework and final papers complete, but I wanted to throw up a few more links that helped me out with the VU Meter project. I don’t want to lose them forever. I should have time in a day or two to actually put some real updates on here. Until then, here are the links:

How to power electret microphones

LM3914 Datasheet

Op-Amp basics

Once I get some more time I will try to actually put these up on my own server instead of just linking to other sites. Until next time…

Oh, and one more thing. I’ve started working on a new project that I haven’t even posted anywhere on the site yet. It’s basically a script that will watch for an e-mail and then jump onto The Edge 103.9’s web page to see what song is playing. This way, when I’m driving my car, I can just text message my server and have it save a list of all the songs I like. Then I can go find them later without having to write them down or try to remember them. I’ll post up my progress on that later as well. Ok, NOW I’m out.

Posted in Project, Update | No Comments »

VU Meter Tie

Thursday, April 10th, 2008

I just started working on the VU meter tie. Today has been a productive day. I got the main meter circuit up and running in no time. Now I just need to get it working with a microphone. Once I have that running, all I’ll need to do is assemble it on a PCB and stick it in a tie.

Check it out in the Works in Progress section.

Tags: electronics, led, Project, wearable
Posted in Project | No Comments »

E-mail Harvest

Thursday, April 10th, 2008

I’m starting to work on the E-mail harvesting program now. The other day I went to myspace and took a look around. Guess what? No e-mail addresses are visible anywhere. There’s no specific place to pull e-mail addresses from. That’s when I decided to go check out facebook. These guys are crafty. They include your e-mail address but they include it as an image. That way you can’t just copy and paste the text. Well I think to think that I am craftier. I started doing a little Google research on linux-based OCR software. For those that don’t already know OCR stands for optical character recognition. This software will read an image and turn the text located within it into an actual editable text document.

I found this awesome article comparing many different OCR engines designed for linux. I’ve decided that gocr is the simplest solution that should do everything I need it too. I just need a program I can send an image too and have that program send me back text. That is exactly how gocr works. Now i just have to get it installed on CentOS.

I found the source for gocr at http://jocr.sourceforge.net. I just run the command:

wget http://prdownloads.sourceforge.net/jocr/gocr-0.45.tar.gz

Then I extract the file:

tar -xzvf gocr-0.45.tar.gz

configure, make, and install:

./configure
make
sudo make install

The image files on facebook are png images. gocr uses a utility called pngtopnm to convert the image to a format it can understand. This utility is included in the netpbm package.

sudo yum install netpbm
sudo yum install netpbm-progs

Now that everything is installed I can just try running the program with a downloaded facebook email image.

gocr -i test.png

The image I gave it contained my email address “ricosgoo@uat.edu”. The result: “ricgoouat.edu”. It seems as though gocr didn’t pick it up correctly. I’m pretty sure the reason is that the ‘o’ and the ’s’ in the image are touching each other. gocr probably thinks it is one character and cannot recognize it so it is just leaving it out. Also, it missed the @ symbol. I tried a different facebook image and the @ sign was missing from that as well. It would seem as though gocr does not support the @ sign in its dictionary. I might need to try a different OCR program.

Doing some more google research, I found that many people feel that HP’s tesseracr-ocr is one of the best open-source OCRs there is. That was my next logical step. I followed this guide again to get the software up and running.

wget http://tesseract-ocr.googlecode.com/files/tesseract-2.01.tar.gz
tar -xzvf tesseract-2.01.tar.gz
cd tesseract-2.01
./configure
make
sudo make install

Now I have to install the English language dictionary files for tesseract.

wget http://tesseract-ocr.googlecode.com/files/tesseract-2.00.eng.tar.gz
tar -xzvf tesseract-2.00.eng.tar.gz
cd tesseract-2.00.eng
sudo cp * /usr/local/share/tessdata/

I also needed to install ImageMagick so that I can convert the facebook images to tiff files. I have to do this because tesseract-ocr only supports tiff images right now.

sudo yum install ImageMagick.i386

Now I convert the image to a tiff file.

convert test.png test.tiff

Now I try out the OCR.

tesseract test.tiff test.txt

No good. I get error messages. Here is Tesseract’s output:

Tesseract Open Source OCR Engine
name_to_image_type:Error:Unrecognized image type:test.tiff
IMAGE::read_header:Error:Can’t read this image type:test.tiff
tesseract:Error:Read of file failed:test.tiff
Signal_exit 31 ABORT. LocCode: 3 AbortCode: 3

I have to take a break from all this now, so I’ll deal with these problems later.

Tags: email, linux, Project, script, security
Posted in Project, security | No Comments »

Another new idea and a cantenna update

Tuesday, April 8th, 2008

Today I only went to one class: Law370. Normally, I really hate the thought of going to the class, but it’s always a lot of fun. That professor really knows how to teach. I always learn something new from that class. Today, we were separated into groups and each group had to research a specific law regarding cyber-crime. This whole activity spawned a new project idea.

My group was assigned the CAN-SPAM act of 2003. This act basically has all these rules regulating how spam e-mail can be sent. I’m not going into that because it’s long, it’s complicated, and it really doesn’t matter for my project idea. My project basically will be a script that will crawl social networking sites like Facebook and MySpace to collect e-mail addresses. It gets more diabolical than that, though. The script will log onto someone’s MySpace account and get their e-mail. Then, the script will log onto each of that person’s “Top 8″ friends and get THEIR e-mail addresses. Now, the script can send a phishing e-mail to each of the friends on the “Top 8″ list and spoof the e-mail that it originates from to look like it is coming from the original person. I think this would be an awesome and fun proof of concept. I would never use actually use this for my own malicious purposes, although I would be interested to see how well it would actually work. I really just want to write this script just to do it. It would give me an excuse to brush up on my scripting and programming skills.

I think I’ll get started on this idea soon, seeing as it won’t cost me any money.

Another update here. I started working on the cantenna project some more. I bought the pigtail that I need, cut off one end and soldered it to the PCMCIA card. I’ve also soldered the piece of copper wire to the jack that attaches to the can. All I need now is a can to attach this thing too. The solder points on the PCB were so small, I’m not sure that the connections will be good enough. Hopefully I’ll find out tomorrow. I don’t have any class so I have the entire day off. I plan on getting a can either form the cafe at school or from the supermarket. I shall update the cantenna page as time permits.

Tags: cantenna, Project, script, Update
Posted in Project, Update | No Comments »

Rick’s Awesome Blog