44CON 2014 - Hot or not, the hacker way, Dan Tentler Thermal imaging has been a subject that not many people get the opportunity to research, without an exceedingly high number of dollars on the table. This pet project of mine began in 2010 when I asked FLIR for a demo unit to do a series of tests in an effort to see how infrared could be used in the world of information security. Their PR people replied to me saying that they didn’t think a FLIR device could be used to read heat signatures from a computer because they weren’t sensitive enough. This year I got my hands on a FLIR E4, and hacked it to have 4x the resolution. Boy was that PR guy wrong.

1. Hot or not
The hacker way
One nerd, a flir e4, and monkey island syndrome.

2. Hot or not
The hacker way
One nerd, a flir e4, and monkey island syndrome.
I had an epiphany:
Infosec is
Monkey Island.
To win, just rub everything against everything else

3. Hot or not
The hacker way
One nerd, a flir e4, and monkey island syndrome.

4. I’m @Viss
Dan Tentler
——
• Co-Founder, Carbon Dynamics
• Sysadmin / Architect:: 10 years
• Security engineering / pentest / redteam:: 8 years
• Done some talks
• Got some press
• etc.. my resume isn’t important.
• I know, I know “we don’t care about you, get to the TOYS :D”

5. Who never thought this was cool?

6. It used to be SUPER expensive

7. Con organizer powers go!

8. #facepalm

9. Sorry, Haley.

10. Okay, wait.. how did you do that?

11. Okay, wait.. how did you do that?

13. Yes, a bunch of EE nerds
reverse-engineered
the flir E4.

14. This is how I imagine flir:
(or at least, I would hope)

15. Then pretty much it was this

16. First finding of note
80x60 320x240
Math = 16x more res.

17. Second finding of note
Unlock new modes

18. TL;DR
Flir E4 - ~$1000 US
!
Flir E8 - ~$7000 US
Though the E8 has wifi, video
more bells and whistles…

19. On to the meat.
• Lockpicking
• Wireless networking/cracking
• CPU/GPU/Cracking etc
• Networking
• .. more stuff like that

20. One is doing evil.
Buuuut, you can’t really tell :(

21. Raspi!

22. Lockpicking

23. Wireless
(wep is pretty much dead so this
becomes kind of moot)

24. Wireless

25. Sigh.

26. But .. surprises!

27. As it turns out..
They’re kinda glorious for
redteam engagements.

28. Cameras!
From the business end, this time

29. Cameras!

30. Cameras!

31. Cameras on the
same lan?

32. Cameras!

33. Cars!

34. Cars!

35. What do you see?

36. What do you see?

37. A better view

38. A better view

39. Some editorial..

40. … footprints?!

41. … footprints?!

42. Physical Security

43. Physical Security

44. Physical Security

45. Physical Security

46. Physical Security

47. Physical Security

48. Physical Security

49. Spot the phone

50. Scada gear runs hot!

51. Scada gear runs hot!

52. And now for something
Completely different.

53. Entertaining and useful
Not really security related

54. Cooling silliness.

55. Coffee!

56. Oven top / microwave
exhaust fan

57. Sunburns!

58. English Muffins!

59. Face.. hugger?

60. Quad UAV!

61. Legs?

62. Clothing

63. Guess :D

64. Original intended use

65. Addons!
Zinc Selenide lenses

66. Addons!

67. Addons!
Thanks robotroom.com!

68. Questions?

69. Thank you very much!