Quick video to show just one possibility to leverage NFC with easy-creds to have a victim auto join an evil AP.
Here is how to create and write the tag:
Aug 302012
Mar 252012
Recently I came into possession of a Kindle Fire, and quickly learned that it was “locked” to the Amazon Market. I was going to root it, install CM9 and be on my way. Then I wondered if there was a quicker (more trustworthy) way to just sideload the apps I “need”. Of course there is…
Feb 232012
Recently I have been using my Jasager rig more and more that I built a few years back. As I use it, I began to wonder… “I wonder if I could pair this with my n900 for ultimate pwnage…” We all know what happens when hackers wonder… it happens.
Feb 142012
The embedded video is a result of working with a colleague of mine to de-obfuscate some javascript found in a live sample that essentially started as a piece of spam. His write-up is phenomenal regarding the subject, and I will simply embed the video I recorded out of context. To put it in context be sure to check out the article here: http://www.h-i-r.net/2011/12/intro-to-javascript-malware-analysis.html
Edit: Looks like Infosecisland also picked this up, be sure to check it out here: http://www.infosecisland.com/videos-view/19101-Malware-Analysis-How-to-Decode-JavaScript-Obfuscation.html
Feb 142012
I have a lot of books to read this year. The problem is, they have become more of a collection than a source of knowledge, therefore instead of just collecting and referencing them (or just googling only to find a reference to the book) as needed. I decided to work through them. Page by page. In my estimation, the best method to do this is to use Evernote for note taking. But why horde notes? I’ll share the notes, and hopefully someone finds them useful.
Feb 042012
Recently a friend rooted his Android device and asked “What should I install now?”
Here is a short list (Will clean it up, provide groupings and short descriptions later) that links to a public google docs spreadsheet. Please add your favorite applications!
May 122011
I just finished a Backtrack 5 install on my Samsung Galaxy S phone. I will detail out the steps to get it running most Android phones. While this method was ONLY testing on my Galaxy S (Vibrant) but should work with other devices.
Apr 062011
Earlier this week I received this terrible excuse for an email asking me to update my credit card information for my NetFlix account. I typically always try to click through the email to see how far I can get and gather as much information as I can. However most of the time the sites are offline when I get to them.
This particular phishing email was different, as the site was still alive…
Apr 052011
The purpose of this post (like most of mine) is to take my notes out of evernote and make them available. The goal for this post was really just a quick way to get Kismet up and running and then viewing the output quickly.
Mar 312011
Just a quick post to serve a couple of purposes. First, a reminder to go to and submit content to securityfail.com. Secondly, check out ALL the current articles there, but mainly the post I have written about Avaya 4600 series phones and Canon iR series devices.