Author Archives: Jason

Hack This!

In honor of Cyber Security Awareness Month, here is a challenge for anyone interested in database security, encryption, algorithms, etc.  We have a vendor-supplied application which connects to a production database as the owner of its own schema.  That is, the application has full access and privileges to select/insert/update/delete any application data.  Privileges for application users are controlled within the application itself.  This, by the way, is a very common practice for database applications.

One problem with this particular application, however, is that for some reason it stores a copy of the login credentials for the database for each application user.  These are the same credentials the application itself uses to connect to the production database, so the username and password fields for each application user should be the same.  Obviously it would be better to store a single copy of those credentials and reference them for each user.

That isn’t the big problem, however!  The big problem is that anyone with access to that table can retrieve the encrypted passwords and decrypt them if they can figure out the algorithm.  Once decrypted, they can then connect as the application (schema owner) and wreak all sorts of havoc.  I am posting this as a caution — even “read-only” access can be dangerous if users can use that information to get a higher level of access.  Keep in mind that most attacks come from inside a company!

So, the challenge here is to find the algorithm to decrypt the passwords.  Here is a list of some of the encrypted values:


To help you along, I will give you up to twenty-five encrypted values for strings that you provide.  That should be more than double the number you need.  The strings you choose are a vital part of the solution, so choose wisely!  You may leave them in a comment.  Comments are moderated, so nobody else will get a hint by seeing the strings you’ve chosen and I will send the encrypted values to you via e-mail, so please use a real e-mail address if you want to participate.

Your task is to describe an algorithm to decrypt the passwords, write code (in any language you wish) to decrypt them, and successfully decrypt the passwords above plus three more I will provide after you successfully decrypt those.

I was able to crack this pretty easily and will post my code (written in PL/SQL) once some others have had a chance to play.  Good luck!



Automated Coop Door

A recent raccoon attack, in which we lost two of our dear hens, emphatically reminded us just how important it is to close our coop door at dusk before the night predators come looking for dinner. An automated door also helps maximize the daylight the girls receive which boosts egg production. We still check daily to make sure the system is functioning properly, but don’t have to rush home at dusk or hope that our 10-year-old grandson remembered to close the door.

Here are the parts used:

  • Add-a-Motor D20 Chicken Coop Motor – Amazon
  • Amico DC 12V Timer – Amazon ($9.80)
  • Aluminum step plate, 12″x24″ – Lowe’s (about $10)
  • 1x3x36″ Red Oak – Lowe’s (about $4)
  • 16″ Drawer slides – Home Depot (about $13)
  • Used car battery, still good – From someone who bought a battery when they needed an alternator, paid their “core charge” ($10)
  • 2×3 lumber for sides and top of door – reused from previous door
  • 1/8″ lattice strips – reused from previous door
  • Adhesive weather stripping – already on hand
  • 12V trailer light and toggle switch for manual override – Walmart (about $6 total)
  1. The 2x3s have the lattice strips attached to them on the back/out side.  This is the side which would be against the interior wall of the coop, so the screws are countersunk.  This provided a channel for the door to slide between the 2x3s and the wall in the previous design, but the door would catch on the wood at times, even after rounding the corners.  Now that space is used for weatherstripping since the door is set about 3/32″ off the wall. Outside of door
  2. The opening on our coop is about 10″W x 15″H, so I cut the aluminum plate down to 12″x16″ using a jigsaw and a straight edge guide.  The oak 1×3 was cut into two 16″ pieces and attached to the edges using #6×3/4″ wood screws.  The screws were countersunk here as well to provide clearance against the wall (see previous photo).  I highly recommend doing this with the countersink bit in a drill press using a depth stop.  I tried it with a hand drill and it would catch unexpectedly and tear out the holes.  Drawer slides were attached to the 2x3s and 1x3s.  I attached a section of 1×2 and a strip of oak ripped to 3/8″ to the top of the door for attaching the line from the motor.
    Interior view of door
  3. The spool on the motor is about 1.5″ from the wall, so the hole in the top beam and the spacer on the top edge of the door were set to keep everything in the same vertical plane.  The motor uses braided 100# fishing line which it attached to the door using a rubber sealing washer.  The line is not tied, it is only held by pressure between the rubber and the oak — the idea being that if the door gets stuck the line will slip out instead of burning out the motor.  That is why I used oak for the spacer — that screw needs to be tight.
    Top view of motor and door
  4. Even though the timer has a “manual” button to activate the switch, it is difficult to see whether you’ve set it back to “auto” so I wanted an override switch to make things easier for my wife/grandson to open the door manually.  I also wanted a red reminder light because if the switch is left “on” the timer will not operate the door.  Finally, I also added an automotive dome light (not pictured) that can be turned on independently to help see the display when adjusting the timer.
  5. It works!
    Automated Coop Door (YouTube)
  6. In the near future I will be adding a solar panel to keep the battery charged.  The motor doesn’t use much power so an inexpensive “battery maintainer” will work.

DIY Noise Reduction Headphones (JHKG3000)

These are noise reduction headphones, designed for listening to audio while using outdoor power equipment or working in a noisy environment, such as a modern “open” office. They are cobbled together from a pair of hearing protection ear muffs and a pair of inexpensive headphones. The only tools required are a drill, soldering iron, and a knife or small screwdriver.

Please note that you can buy items like this for about $20 more, so if you don’t have the tools it is probably not worth the time. Since I already have a nice soldering station, it was worth it for me for a few reasons. First, I saved $20. My time is valuable, but this was fun to do so I basically got paid to play. Also, the pre-built versions have features I specifically do not want, such as a built-in radio or audio passthrough which allows outside noises to come through at a reduced level. I prefer quiet. Finally, the biggest benefit for me is that they allow me to listen to music at a reasonable level, rather than blasting it to overpower small engines or loud coworkers.

I have seen plans for similar projects online, but what I like about this one is that it requires very little manipulation of the headphone speakers and does not require you to remove the delicate parts from their plastic housing.

Hear are the parts required:
Read more »


Covers – A Love/Hate Relationship

I have a love/hate relationship with covers.  If the artist is attempting to be serious and cover one of my favorite songs, I am usually disappointed or annoyed.  On the other hand, when the original song is stupid in the first place or immensely popular, I get a strange pleasure from hearing the song get butchered.

I am experimenting with a few flash-based mp3 players on this site, and will be adding playlists for my various cover song collections as I get around to it.  To get things started here are some of my favorite “punk/humorous” covers.

Jason’s Favorite Punk/Humorous Covers

Here is another playlist.  This is a Carpenters tribute album with some great tracks, particularly “Superstar” by Sonic Youth.  They really bring out the dark, co-dependent, depressing nature of most Carpenters lyrics.  Very sad…

If I Were a Carpenter


New Arduino Project

I finished one of my first Arduino projects last night.  It isn’t terribly exciting to watch, but it employs a number of things that will be invaluable in future projects.  Basically it cycles a large, seven-segment LED display through the numbers 0-9.  Yes, any digital clock can do that, but that wasn’t the point.

The first obstacle when driving large LEDs or motors from the Arduino is power.  The Arduino outputs are only 5 volts at a maximum of 40 milliamps.  While this is fine for driving single, small LEDs, it is not enough for larger loads.  To overcome this, it is common to use a transistor as a switch — using a small current from the microcontroller to turn on a larger current.  Since I have several devices to control all at once, up to eight displays with seven segments each, I used a couple of integrated circuits which contain a number of transistors in a small, convenient, inexpensive package.

For this project, I used a UDN2982A for the anodes and a ULN2003A for the cathodes.  The LED displays are common-anode, so I really only needed one of the eight available channels on the 2982 and could have used a single transistor instead.  Also, since I only have one display, I could have omitted the transistor on the anode completely by wiring the common anode directly to my 12V source.  However, since this is simply a proof-of-concept for a larger project, I used transistor arrays on both ends.  The larger project will include up to eight displays, so I will need to control both the anodes and cathodes for multiplexing purposes.

Here is a photograph and a schematic.  This was my first time to use TinyCAD as well, so please excuse my drawing skills.

Arduino Prototyping Board with Second Breadboard and Digit in Background

TinyCAD Schematic

The video is on YouTube: Arduino – Seven-Segment LED Display Test

Finally, here is the source code: SevenSegTest.pde