3D Hacking Environment Links Kinect, Blender, and Metasploit 93
baxpace writes with a link describing a way to test your own security systems for vulnerabilities using Kinect-interpreted natural gestures in tandem with the Metasploit Framework and the Blender game engine, writing: "The idea is to hack into your own systems while in a 3D, first person shooter style environment that interfaces with the Kinect sensor. The game engine was built using Blender and looks to be one of the most pleasing ways of uncovering your own systems' architectural/networking vulnerabilities."
The Gibson (Score:2, Funny)
We can finally hack it!
Re: (Score:1)
Is that a twenty eight point eight kay bee pee ess modem?
Re: (Score:1)
No, it's an active matrix LCD screen! A million psychedelic colours!
Re: (Score:2, Funny)
This is UNIX! I know this!
Re: (Score:2)
Except fsn [siliconbunny.com] was real file manager for IRIX. You can get fsv [sourceforge.net] to recreate your own favorite Jurassic Park scene from the comfort and safety of your own home.
Swordfish (Score:4, Insightful)
So now we have an actual hacking application with actual 3D graphics that actually mean something. Too bad it doesn't look as cool as in the movies.
Re: (Score:1)
Typing speed is everything! (Score:1)
Prior art: Wargames, hacker types on keyboard while saying what he's typing for the benefit of the audience who aren't looking at the screen.
"What... {bashbashbashbashbashbashbashbashbash} ...is... {bashbashbashbashbashbashbashbashbashbashbashbash} ...the primary... {bashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbash} ...goal?"
Hollywood couldn't even do a chatbot session right back in the 80's!
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Userfriendly called it Movie-OS [userfriendly.org] a decade ago.
Re: (Score:2)
How about Global Thermonuclear War? --David
This is Unix! I know this! --Lex
All I see now are... Blonde, Brunette, Redhead. --Cypher
Re: (Score:2)
This is Unix! I know this! --Lex
If I remember correctly, it actually WAS Unix.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
http://en.wikipedia.org/wiki/Fsn [wikipedia.org]
Re: (Score:2)
You just can't top this [youtube.com] in terms of utter stupidity. Yes, it's German, but the idiocy should need no translation.
But then, it's from an action show that seems to build its cars out of C4 explosives, so cut them some slack. :)
Re: (Score:2)
You do realise you are describing Window Aero?
Re: (Score:1)
And you really need all this (Score:3, Insightful)
in order to audit your own systems?
Cool, but rather complex for an audit!
Re:And you really need all this (Score:5, Funny)
Manager: What do you think you think you're doing you can't play video games at the office, at least not during business hours!
Jr. Network Admin: Sir I am conducting a Pen test of against our dev environment.
Manager: Yea I think my kid likes one too, its Japanese right?
Network Admin: Sir I am its not a game.
Manager: Look I know you guys take you aviators seriously, but try to do it on your own time ok.
Jr Network Admin: Sir I think you mean avatar and like I said this is actually not a game its a front end for metasploit.
Sr Network Admin: He cut the crap Jr that interface is not scriptable at all and how many times do I have to tell you if you think you're going to do it twice, script it once! It leaves more time for slashdot.
Manager: What is slashdot?
Sr Network Admin: Its a um.. hmm.. I guess you'd call it a computer based continuing education tool.
Manager: Really, that sounds great, I want the whole department spending a couple hours a day on this slashdot.
Re: (Score:1)
Continuing education? I weep for the industry.
Re: (Score:2)
I informed my manager that /. is a communication tool with various other experts in the business and that it is very beneficial to find all the security concerns quickly, so I have to spend a lot of time there.
I think I mentioned before what's the key benefit of being in IT security is, didn't I? People know even less about ITSEC than about the rest of IT, so bullshitting them is even easier.
Re: (Score:2)
Command line for me (Score:2)
Re: (Score:1)
With Compiz as your window manager, and an ordinary VT100 terminal emulator, or perhaps Emacs-GTK with a black background, you can make your computer look like a Hollywood movie hacker's computer, with it actually BEING a hacker's computer that can actually hack things. It's not the 3D that matters, it is how quick and efficient you are at searching through lots of code and modifying it. If the 3D isn't helping you be more efficient at that, get rid of it.
Re: (Score:1)
Re: (Score:1)
I'm with you. With Compiz as your window manager, and an ordinary VT100 terminal emulator, or perhaps Emacs-GTK with a black background, you can make your computer look like a Hollywood movie hacker's computer, with it actually BEING a hacker's computer that can actually hack things.
Hollywood's way ahead of you. [boingboing.net]
Re: (Score:1)
Re: (Score:2)
Get offa my lawn, whippersnapper! Only a young'un could poop on that whistle, it saved me thousands of dollars worth of phone bills back in the ol' days!
Re: (Score:2)
Re: (Score:2)
They're called blinkenlights.
Waste of time? (Score:2)
The hacking movies of the 90s were right! (Score:2)
Re: (Score:1)
Re: (Score:2)
Nah, that part of the movie is so unrealistic...
Re: (Score:3)
Yes! That's exactly what this reminds me of: psDooM ! http://psdoom.sourceforge.net/ [sourceforge.net] :-)
Why merely check for vulnerabilities when you can obliterate them, along with the rest of the system you're "auditing"
Re: (Score:2)
Kill 'em all and let root sort 'em out!
I know what OS they are using at least (Score:2)
It's a UNIX system!!!!!
http://www.youtube.com/watch?v=dFUlAQZB9Ng [youtube.com]
Re: (Score:2)
At least the software she was using was real.
All these times... (Score:3)
Re: (Score:2, Insightful)
I smell bullshit. No real-life colleague could make the linguistic jump from taxonomic to taxonomy unaided.
Re: (Score:1)
Perhaps the colleague was an English major?
Re: (Score:1)
or a taxonomy major :-)
Re: (Score:2)
Re: (Score:2)
Pleasing? WTF? (Score:2)
How on earth is this 'a pleasing way of uncovering system architecture'? ... The pointy balls aside, I'd basically do pretty much everything exactly opposite of how they did the 3D. ... This guy [quelsolaar.com] has it pretty much nailed in terms of 3D enviroment
3D visuals? OK, I get that. However, I'd leave out crappy wall textures and 3rd grade FPS props and stick to abstract platonic and geoedic shapes with distinct colors, connected with various forms of lines and indexed with a cool looking 3D-enviroment-friendly font.
Re: (Score:3)
I'm pretty sure this hack was done "just because" and "for fun" rather than a serious attempt at a front-end for metasploit.
Re: (Score:2)
movie (Score:1)
Works for me (Score:1)
I found a trojan of some sorts in the NT kernel; someone left the message "Created by Warren Robinett". Weird, only happens when I hit this invisible spot with Metasploit in the Kinect/Blender interface. I wonder if he's still employed by Microsoft.
Zumba? (Score:2)
"3D Hacking Environment Links Kinect, Blender, and Metasploit"....and Zumba!
So now I can "hack" like a scriptkiddie, while playing 'Dance Dance Revolution'?
come to think of it, my 7 Year old goddaughter would probably be a better "hacker" than me, if it comes to this.
The positive sideeffect is that the scriptkiddies soon will have the physique to run from the cops/feds.
"news at eleven: Hackers fitter than jocks!" (still can't catch a fuusball, though)
Scary! (Score:1)
Now that's scary.
Hacking is going to be waaaaaay more fun with this thing... And lots of people are now going to have a go at it just for the fun of it.
Hmmm
Re: (Score:2)
Re: (Score:2)
How about creating a gesture-based 3d modeling program? Act like you're sculpting out stuff in a 3d space and instant model!
Re: (Score:2)
That's not even remotely close to what I'm talking about.
I'm talking about starting with a blank space, you make a movement or gesture, a sphere appears. You start "grabbing" the sphere and start creating a model. There is nothing to interact with besides what you see on screen. You 'rotate' the sphere, it rotates on screen.
Doom (Score:2)
wasn't there a network management interface or something like that based on doom? supposedly you went around shooting stuff to make changes or something. i wish i could remember its name.
Re: (Score:2)
http://www.cs.unm.edu/~dlchao/flake/doom/chi/chi.html [unm.edu]
Re: (Score:2)
That's it! You shoot processes to kill them. Awesome.
Eduard (Score:1)
Re: (Score:1)
You mean it's not Cowboy BeBop at his computer [tvtropes.org]?
parallels in real life? (Score:1)
without reading any further, almost sounds like what they used in that movie 'Disclosure' with Michael Douglas; wearing the 3-D glasses and whatnot. or somewhat similar to 'Minority Report'
What, no Johnny Mnemonic references yet? (Score:2)
Seriously? I mean, 3D VR hacking attempt, reaching out with VR Gloves to manipulate/hack interface, face palm into VR Gloves, etc.
And no Pr0n jokes about 3D VR Penetration testing?
Who are you and what have you done with my SlashDot?
Re: (Score:1)
Seriously? I mean, 3D VR hacking attempt, reaching out with VR Gloves to manipulate/hack interface, face palm into VR Gloves, etc.
"Sogo 7 Data Gloves, a GPL stealth module, one Burdine intelligent translator... Thompson iPhone."
Well, folks didn't foresee the future in 1995. Blender is GPL, but Metasploit is BSD. And iPhones come from Apple. (And why Johnny Mnemonic would use iPhone to begin with? All that jailbreaking! Bleh.)
Re: (Score:1)
Garbage File (Score:2)
Getting closer every day (Score:1)
Corporations having as much power as national governments, able to hire their own police forces.
Implants that are making steps to improving biological abilities.
3D visual hacking.
Shadowrun seems closer and closer every day.
Re: (Score:2)
Come to think of it, the guy on the subway yesterday sure looked like a troll...
Re: (Score:2)
TRON (1982) [imdb.com]
Add some EEG... (Score:2)
Sorry, I'll stick with CLI (Score:2)
In all seriousness, "3D input", i.e. flailing limbs and gyrating in front of your computer, is a cool toy, a nice pastime and maybe even some kind of workout for kids who wouldn't think about actually going outside and move a limb, but for hacking, they just fail. Why? Because we are still far from the ability to never misunderstand a gesture. Hell, we, as humans, trained and raised as creatures to understand each other, sometimes misjudge and misunderstand each other. The very last thing I need when dealin
Done with the Doom engine 12+ years ago (Score:1)
Speaking as a security consultant... (Score:1)
I'll use that lame 3D UI for pen testing right after they pry Backtrack 5 out of my cold, dead hands. Try and make sqlmap a better tool by giving it a flashy ui. Go ahead, make my day.
But hey, the script kiddies will love it.
So Hackers (the movie) wasn't far off after all (Score:1)
And now it looks like it was not far-fetched after all. Why is our future being so... regressive