Follow Slashdot stories on Twitter


Forgot your password?
GUI Input Devices Security Software

3D Hacking Environment Links Kinect, Blender, and Metasploit 93

baxpace writes with a link describing a way to test your own security systems for vulnerabilities using Kinect-interpreted natural gestures in tandem with the Metasploit Framework and the Blender game engine, writing: "The idea is to hack into your own systems while in a 3D, first person shooter style environment that interfaces with the Kinect sensor. The game engine was built using Blender and looks to be one of the most pleasing ways of uncovering your own systems' architectural/networking vulnerabilities."
This discussion has been archived. No new comments can be posted.

3D Hacking Environment Links Kinect, Blender, and Metasploit

Comments Filter:
  • The Gibson (Score:2, Funny)

    by Anonymous Coward

    We can finally hack it!

  • Swordfish (Score:4, Insightful)

    by Ramin_HAL9001 ( 1677134 ) on Friday August 12, 2011 @05:20AM (#37066270)
    I hate Hollywood style hacking with all that fancy 3D graphics that flash around on the computer screen while the "programmer" sits in front of it typing randomly on the keyboard saying, things like "512 bit encryption", "almost, almost", "come on!", "don't do this to me", "got it!".

    So now we have an actual hacking application with actual 3D graphics that actually mean something. Too bad it doesn't look as cool as in the movies.
    • Actually, now that I think about it, it looks more like Johny Quest.
    • Prior art: Wargames, hacker types on keyboard while saying what he's typing for the benefit of the audience who aren't looking at the screen.

      "What... {bashbashbashbashbashbashbashbashbash} {bashbashbashbashbashbashbashbashbashbashbashbash} ...the primary... {bashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbash} ...goal?"

      Hollywood couldn't even do a chatbot session right back in the 80's!

    • This is what me and my friends refer to as "HOS", Hollywood Operating System
    • by Speare ( 84249 )

      How about Global Thermonuclear War? --David

      This is Unix! I know this! --Lex

      All I see now are... Blonde, Brunette, Redhead. --Cypher

    • Hmmm..... Fancy 3D graphics? Unable to describe "programmers" without the use of quotes. Frequent uses of phrases such as "Come on!" "FFS" "Don't do this to me!!".

      You do realise you are describing Window Aero? :p
    • How about creating a GUI in Visual Basic to track down someone's IP address?

  • by aglider ( 2435074 ) on Friday August 12, 2011 @05:21AM (#37066274) Homepage

    in order to audit your own systems?
    Cool, but rather complex for an audit!

    • by DarkOx ( 621550 ) on Friday August 12, 2011 @06:53AM (#37066596) Journal

      Manager: What do you think you think you're doing you can't play video games at the office, at least not during business hours!

      Jr. Network Admin: Sir I am conducting a Pen test of against our dev environment.

      Manager: Yea I think my kid likes one too, its Japanese right?

      Network Admin: Sir I am its not a game.

      Manager: Look I know you guys take you aviators seriously, but try to do it on your own time ok.

      Jr Network Admin: Sir I think you mean avatar and like I said this is actually not a game its a front end for metasploit.

      Sr Network Admin: He cut the crap Jr that interface is not scriptable at all and how many times do I have to tell you if you think you're going to do it twice, script it once! It leaves more time for slashdot.

      Manager: What is slashdot?

      Sr Network Admin: Its a um.. hmm.. I guess you'd call it a computer based continuing education tool.

      Manager: Really, that sounds great, I want the whole department spending a couple hours a day on this slashdot.

      • by Anonymous Coward

        Continuing education? I weep for the industry.

      • I informed my manager that /. is a communication tool with various other experts in the business and that it is very beneficial to find all the security concerns quickly, so I have to spend a lot of time there.

        I think I mentioned before what's the key benefit of being in IT security is, didn't I? People know even less about ITSEC than about the rest of IT, so bullshitting them is even easier.

        • I tell my boss it's where I find out about changes in patent law and important pending technology litigation.
  • Call me old school, but I'd prefer a command line. Can't see this taking off for security professionals.
    • I'm with you.
      With Compiz as your window manager, and an ordinary VT100 terminal emulator, or perhaps Emacs-GTK with a black background, you can make your computer look like a Hollywood movie hacker's computer, with it actually BEING a hacker's computer that can actually hack things. It's not the 3D that matters, it is how quick and efficient you are at searching through lots of code and modifying it. If the 3D isn't helping you be more efficient at that, get rid of it.
      • Yeah doesn't Hugh Jackman have something like kinectasploit on a PDP-10 somewhere :)
      • by eriqk ( 1902450 )

        I'm with you. With Compiz as your window manager, and an ordinary VT100 terminal emulator, or perhaps Emacs-GTK with a black background, you can make your computer look like a Hollywood movie hacker's computer, with it actually BEING a hacker's computer that can actually hack things.

        Hollywood's way ahead of you. []

      • But now you can imitate even more Hollywood movies!

    • Call me old fashioned, but I'd prefer to see rows and rows and rows of blinky lights. No practical reason for this. I just like blinky lights.
  • Gee, if you have so much time to waste, can you lend me some?
  • Damn, now I have to buy roller skates and glow sticks. Penetration testing used to be so simple!
  • by BenevolentP ( 1220914 ) on Friday August 12, 2011 @07:02AM (#37066616)
    All these times you tried to explain people that what they see in the movies is bullshit when it comes to "hacking". And now, that SOME slowly get it - bam - they will inevitably see this and think that you have no idea what you're talking about when it comes to computers.
    • by T.E.D. ( 34228 )
      Good. That'll keep them from asking me to fix theirs.
    • Good! Maybe they'll quit bugging me for help and asking stupid questions about "apps". For them to think I know nothing about computers is not the world's worst outcome....
  • How on earth is this 'a pleasing way of uncovering system architecture'?
    3D visuals? OK, I get that. However, I'd leave out crappy wall textures and 3rd grade FPS props and stick to abstract platonic and geoedic shapes with distinct colors, connected with various forms of lines and indexed with a cool looking 3D-enviroment-friendly font. ... The pointy balls aside, I'd basically do pretty much everything exactly opposite of how they did the 3D. ... This guy [] has it pretty much nailed in terms of 3D enviroment

    • I'm pretty sure this hack was done "just because" and "for fun" rather than a serious attempt at a front-end for metasploit.

    • While you visit a friend, give his kids a bootable USB stick and let THEM play the game. When they "win", show him what they just did.
  • Reminds me a little bit of the movie nirvana, with christopher lambert of highlander fame.
  • I found a trojan of some sorts in the NT kernel; someone left the message "Created by Warren Robinett". Weird, only happens when I hit this invisible spot with Metasploit in the Kinect/Blender interface. I wonder if he's still employed by Microsoft.

  • "3D Hacking Environment Links Kinect, Blender, and Metasploit"....and Zumba!

    So now I can "hack" like a scriptkiddie, while playing 'Dance Dance Revolution'?
    come to think of it, my 7 Year old goddaughter would probably be a better "hacker" than me, if it comes to this.

    The positive sideeffect is that the scriptkiddies soon will have the physique to run from the cops/feds.
    "news at eleven: Hackers fitter than jocks!" (still can't catch a fuusball, though)

  • Now that's scary.

    Hacking is going to be waaaaaay more fun with this thing... And lots of people are now going to have a go at it just for the fun of it.


  • by flok ( 24996 )
    Slightly related: it would be nice if someone wrote a program that lets you create 3d models for e.g. blender or povray using a kinect. I wrote the beginning for that ( [] ) but don't have the time to extend it so that it combines multiple angles.
    • by Khyber ( 864651 )

      How about creating a gesture-based 3d modeling program? Act like you're sculpting out stuff in a 3d space and instant model!

  • wasn't there a network management interface or something like that based on doom? supposedly you went around shooting stuff to make changes or something. i wish i could remember its name.

  • Am I the only one picturing Ed on the Bebop making little fish to munch through someone's firewall?
  • without reading any further, almost sounds like what they used in that movie 'Disclosure' with Michael Douglas; wearing the 3-D glasses and whatnot. or somewhat similar to 'Minority Report'

  • Seriously? I mean, 3D VR hacking attempt, reaching out with VR Gloves to manipulate/hack interface, face palm into VR Gloves, etc.

    And no Pr0n jokes about 3D VR Penetration testing?

    Who are you and what have you done with my SlashDot?

    • by WWWWolf ( 2428 )

      Seriously? I mean, 3D VR hacking attempt, reaching out with VR Gloves to manipulate/hack interface, face palm into VR Gloves, etc.

      "Sogo 7 Data Gloves, a GPL stealth module, one Burdine intelligent translator... Thompson iPhone."

      Well, folks didn't foresee the future in 1995. Blender is GPL, but Metasploit is BSD. And iPhones come from Apple. (And why Johnny Mnemonic would use iPhone to begin with? All that jailbreaking! Bleh.)

    • I'm with you and that there is no VR5 references yet with it's 10 levels of vr. []
  • Joey. I need you to drop your viruses, go after the worm. You're the closest. It's root slash period workspace slash period garbage period.
  • Corporations having as much power as national governments, able to hire their own police forces.

    Implants that are making steps to improving biological abilities.

    3D visual hacking.

    Shadowrun seems closer and closer every day.

  • ...and we'll finally have Neuromancer!
  • In all seriousness, "3D input", i.e. flailing limbs and gyrating in front of your computer, is a cool toy, a nice pastime and maybe even some kind of workout for kids who wouldn't think about actually going outside and move a limb, but for hacking, they just fail. Why? Because we are still far from the ability to never misunderstand a gesture. Hell, we, as humans, trained and raised as creatures to understand each other, sometimes misjudge and misunderstand each other. The very last thing I need when dealin

  • I remember seeing this and thinking "YES!!!!!" []
  • I'll use that lame 3D UI for pen testing right after they pry Backtrack 5 out of my cold, dead hands. Try and make sqlmap a better tool by giving it a flashy ui. Go ahead, make my day.

    But hey, the script kiddies will love it.

  • We all used to laugh about the ridiculous OS interface to the file system (flying through a 3D world of towers and things), the one they used to conduct their hacks.

    And now it looks like it was not far-fetched after all. Why is our future being so... regressive ... ?

"I will make no bargains with terrorist hardware." -- Peter da Silva