mercoledì 16 maggio 2007

ECKBOX

Eckbox is software designed to aid in a specific type of security testing against a spying attack known as van Eck Phreaking or TEMPEST. It involves picking up radiation leaking from an electronic device, such as a monitor, and interpreting the signal to recreate the data contained in the device. This can be thought of as a sort of shoulder-surfing. Eckbox is the first and only open-source software designed that helps to test against this kind of attack. But it's still in early development, so feel free to contribute code, ideas, designs, advice, and nonthreatening e-mails .

http://eckbox.sourceforge.net/

Hardware


Updated: March 22, 2004

This is where I explain how to build the hardware necessary to utilize the eckbox software. Don't worry, it's not too expensive.

First, here are the materials you'll need: an 8 bit analog/digital converter (available as a free sample from many online wholesalers), Some wire, a (cheap) AM/FM radio, a spare speaker, a male audio connector, and a 25 pin M/F parallel port extender cable. Some solder and a breadboard might come in handy too.

Notes on AD converter selection: pick out a 1 channel, 8 bit converter with an insanely high number of samples per second. 1 GSPS if possible. Also, look at a diagram of the ADC you have chosen and make sure that it is in the DIP format (two rows of pins). If it isn't DIP, you probably won't be able to solder it, just because the wires are too small and close together.

I've always been a fan of the acronym RTFM. So get the docs that came with your specific A/D converter. In it should be a listing of the function of each individual pin. Locate the analog input pin, and solder it to the analog output lead of the audio connector. The analog output is the inner wire, if you were to look at a cross-section of the wire. Connect the outer wire of the line out to a ground. If you've done all of this right, you should have a radio with an audio jack stuck into it, which is then giving input to your ADC.

After this, again you'll want to RTFM some more about your specific ADC to find out which pins are the 8 digital outputs. Connect these to pins 2-9 of your 25 pin parallel port extender cable. Be sure that output lead #8 goes to pin #9 on your parallel cable, #7 goes to #8 and soforth. If you don't know which pins are which on your parallel port, I can help with that, just have a look at the below highly sophisticated, CAD modeled diagram of the pin labels:

Citazione:
_________________________________________
\13 12 11 10 09 08 07 06 05 04 03 02 01 /
\ 25 24 23 22 21 20 19 18 17 16 15 14 /
Ok, so at this point, you have data going into your radio, from the radio to your ADC, and out to the parallel port. Next, we just need to tune the radio, and get some power running to it and your ADC. I'm sure you can figure out the radio on your own, and by examining the docs on your ADC, you can figure that out too. On the tuning, tune your radio to the highest frequency of FM that it can go that does NOT have a station. If you have tuned it right, it will be at about 108 MHz (roughly), and white noise will be coming from its speakers. After this, you're done. Just put the radio next to the target monitor and run Eckbox, and it will display (roughly) the image displayed on the target monitor. woot for you.

If you're not getting good reception, then you might want to modify the antenna on your radio. See the paper by Markus Kuhn in the Other Resources page for ideas. If it doesn't work at all, you'll want to check all of the connections, but especially check the connection from the radio to the ADC (You can check this connection by disconnecting the line out from the ADC, and connecting the line out to a speaker. If noise comes out, the connection is good). If all of the connections are good, verify that the ADC works by unhooking the ADC from the parallel port, and connecting a grounded LED in its place.

http://sourceforge.net/projects/eckbox
__________________

Nessun commento: