what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files from Gerhard Klostermeier

First Active2016-07-29
Last Active2019-07-04
WolfVision Cynap 1.18g / 1.28j Hardcoded Credential
Posted Jul 4, 2019
Authored by Gerhard Klostermeier, Manuel Stotz | Site syss.de

WolfVision Cynap versions 1.18g and 1.28j suffer from a hardcoded credential vulnerability.

tags | exploit
advisories | CVE-2019-13352
SHA-256 | d6b2f3a38c59dff4dc8014904e4bc9fb7be3b0831749657f9c23488cc4c0a1ff
ABUS Secvest 3.01.01 Cryptographic Issues
Posted May 2, 2019
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest wireless alarm system can easily be cloned and used to deactivate the alarm system in an unauthorized way. Version 3.01.01 is affected.

tags | advisory
advisories | CVE-2019-9861
SHA-256 | 9aa96c7e78ac0cc59dc8c9762e90be180a231028ffcc00fc5372b502ed7fcf6c
Rikki Don't Lose That Bluetooth Device
Posted Jul 11, 2018
Authored by Matthias Deeg, Gerhard Klostermeier

In this article, the authors want to present an example of exploiting a trust relationship between two technical devices that can put the confidentiality of sensitive data or the integrity of a computer system at risk. This trust relationship they exploit exists between two Bluetooth devices: On the one side a computer system you want to remain secure and you don't want to be compromised, for example your laptop, or your smartphone, and on the other side a Bluetooth device you usually do not consider worth protecting with special diligence as it simply is an output device of a specific kind and does not persistently store any of your valuable data locally, for example headphones.

tags | paper
SHA-256 | b73346666342349f472c954f5a015752063415c14b1cc1ea74d10fb17608bf4a
Case Study: Security Of Modern Bluetooth Keyboards
Posted Jun 22, 2018
Authored by Matthias Deeg, Gerhard Klostermeier

This whitepaper is a case study that analyzes the security of modern bluetooth keyboards. In the course of this research project, SySS GmbH analyzed three currently popular wireless keyboards using Bluetooth technology that can be bought on the Amazon marketplace for security vulnerabilities. The following three devices were tested for security issues from different attacker perspectives: 1byoneKeyboard, LogitechK480, and MicrosoftDesignerBluetoothDesktop (Model1678 2017).

tags | paper, vulnerability
SHA-256 | c3809eac9d774959095aaa64f57d5970b03ee8190b8247907992919c1953a04e
Of Mice And Keyboards
Posted Jun 1, 2017
Authored by Matthias Deeg, Gerhard Klostermeier

Whitepaper call Of Mice and Keyboards. This write up gives you an overview on the security of modern wireless desktop sets.

tags | paper
SHA-256 | a23b6c71f4bc4c2bb5db90ee5bab0a7cd56644257573acdf96d51e19d1e89e12
EASY HOME Alarmanlagen-Set MAS-S01-09 Cryptographic Issues
Posted Nov 24, 2016
Authored by Gerhard Klostermeier | Site syss.de

SySS GmbH found out that the 125 kHz RFID technology used by the EASY HOME MAS-S01-09 wireless alarm system has no protection by means of authentication against rogue/cloned RFID tokens. The information stored on the used RFID tokens can be read easily in a very short time from distances up to 1 meter, depending on the used RFID reader. A working cloned RFID token is ready for use within a couple of seconds using freely available tools.

tags | advisory
SHA-256 | f2b5958d04f9bcacb801da8a3f95c98a49142000d47cd1feadd0ebc033c088f0
M2B GSM Wireless Alarm System Replay Attacks
Posted Nov 24, 2016
Authored by Gerhard Klostermeier | Site syss.de

Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to replay attacks.

tags | advisory
SHA-256 | b19e73ae566f67141fff01b385e124ffe916d02b99d2f4b1eb6581a9331a10b9
M2B GSM Wireless Alarm System Brute Force Issue
Posted Nov 24, 2016
Authored by Gerhard Klostermeier | Site syss.de

Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to brute-force attacks.

tags | advisory
SHA-256 | a33d718d22481da6180fc9af25a09eb7609ae79013ec68a0eb5bd6fddea35071
Microsoft Wireless Desktop 2000 Cryptography Issues
Posted Oct 11, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Microsoft Wireless Desktop 2000 version A suffers from cryptographic issues and replay attacks.

tags | advisory
SHA-256 | 5b91e6090047fef94d34dd0fd973cc4e86a6c54ee1ac8d86d8a8818ca9bfdeca
Wireless Keyboard Set LX901 GK900 Replay Attack
Posted Oct 10, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Wireless Keyboard Set LX901 model GK900 is missing protection against replay attacks.

tags | advisory
SHA-256 | 76381a4aa95212b548a5c57eb1416134f9c09f4ceba809253b945b2d5b315328
Microsoft Wireless Desktop 2000 Insufficent Protection
Posted Oct 10, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Microsoft Wireless Desktop 2000 version A suffers from insufficient protection of code (firmware) and data (cryptographic key).

tags | advisory
SHA-256 | a2e84bef4f1b103936ce31df00ad89196bd85c85162d189f4577c1a150082ee0
Perixx PERIDUO-710W KG-1027 Spoof Attack
Posted Sep 30, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

The Perixx PERIDUO-710W KG-1027 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof
SHA-256 | f4bc0516c208b0307fe50d327f89c8d288ef83ffc61506179cd54509362894b3
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Spoof Attack
Posted Sep 30, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

The CHERRY B.UNLIMITED AES JD-0400EU-2/01 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof
SHA-256 | 1638ec208f8e37eaf9b5a1c43ce2ce9035fedf7e2ee03ce599899ee97a9d2669
Logitech M520 Y-R0012 Spoof Attack
Posted Sep 30, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

The Logitech M520 Y-R0012 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof
SHA-256 | b5b536b4797a8eff1eb40c967a4bdf37db110f16f71fc0a6f0da5e15e92a9b27
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Crypto Issues / Replay Attacks
Posted Jul 30, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and replay attack vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 3737c6b837cb5779da05eb65eeceaa868fb36d30c20fac2a630e28c5168f4313
Microsoft Wireless Desktop 2000 Insufficent Verification / Mouse Spoofing
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Microsoft Wireless Desktop 2000 suffers from insufficient verification of data authenticity and mouse spoofing vulnerabilities.

tags | advisory, spoof, vulnerability
SHA-256 | bc89d14332c2b68a2ee9f6c37aaad16729c3eaea94ed00aa4a432e5198e87c01
Perixx Computer PERIDUO-710W Keystroke Injection
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Perixx Computer PERIDUO-710W suffers from cryptographic issues and keystroke injection vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 8a417656e3f50e51e5bc8be30c76990235aac75b6972f2542d7dafd6526a1364
Perixx Computer PERIDUO-710W Insufficient Protections
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Perixx Computer PERIDUO-710W suffers from insufficient protection of code (firmware) and data (cryptographic key).

tags | exploit
SHA-256 | 38f937f8061cad43b21e684ff35b905293604b2bc0497e65235d623d04f62a1c
Perixx Computer PERIDUO-710W Crypto Issues / Replay Attacks
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Perixx Computer PERIDUO-710W suffers from cryptographic issues and replay attack vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 1a00902e3cc0b35718d10d3b1e91ac8b418d375cddc8f60c930a86c9a262dc22
Logitech K520 Crypto Issues / Replay Attacks
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Logitech K520 keyboards suffer form cryptographic issues and insufficient protection against replay attacks.

tags | exploit
SHA-256 | 02220b6a6fed68dae857d702f9529ab8a00d04c1577c2ca7f2ea7e090a2225d2
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Keystroke Injection
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and keystroke injection vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 8d783cf17d0aeb744bc415fcc3f5209b17a3b0f1fec084fd4a66af59968c352f
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Insufficient Protections
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from insufficient protection of code (firmware) and data (cryptographic key).

tags | exploit
SHA-256 | f1ff00bde501a530edae9d601cb3986ee2e1274ad3e4408f7af68bf525e7d5f6
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close