Hacking the D-Link DSP-W215 Smart Plug


The D-Link DSP-W215 Smart Plug, a wireless home automation device for monitoring and controlling electrical outlets has just been hacked. Even though it isn’t readily available from Amazon or Best Buy yet, the firmware is already up on D-Link’s web site. The very well detailed write-up explains all the steps that led to this exploit creation.

First, the firmware was unpacked to examine the file system contents. It was found that the smart plug doesn’t have a normal web-based interface as users are expected to configure it using D-Link’s Android/iOS app. The apps however, appear to use the Home Network Administration Protocol (HNAP) to talk to the smart plug running a lighthttpd server. A look at the latter’s configuration file revealed the functions that could be called without any authentication. Another revealed that the firmware could accept an unlimited amount of POST request bytes which were copied in a fix length buffer without any performed checks. We’ll let our readers head to the original article to see where the author went from this point.

Introducing Mirobot, a DIY WiFi Robot for Children



We’re quite sure that fathers parents people reading Hackaday wonder how to introduce their children acquaintances to the wonderful world of electronics. The Mirobot (Kickstarter link) might just be a good way to do so. As you may see in the picture above the Mirobot is a small WiFirobotics kit that children can build themselves to learn about technology, engineering and programming.

The laser cut chassis is assembled by snapping it together. All the electronics are left exposed to the outside so children may try to figure out which component does what. The robot is configured over your home WiFi via a Scratch-like visual programming tool. Everything (PCB, Arduino code, user interface) is open source.

The platform is based around the Arduino compatible ATMega328, two stepper motors, a Wifi module that can behave as a client or access point and 5 AA batteries. The campaign stretch goals include a collision detection sensor, line following functionality and finally a sound add-on.

Thanks [nickjohnson] for the tip.

Developed on Hackaday: License Incompatibilities and Project State

mooltipass top pcb

It has been a while since we wrote an article about our ongoing offline password keeper project, aka the Mooltipass. Our last post was asking our dear readers to vote for their favorite card art, so what have we been doing since then?

For the last few weeks we’ve mostly been improving our current PCBs and case design for the production process to go smoothly. The final top PCB shown above has been tweaked to improve his capacitive touch sensing capabilities, you may even see a video of the system in action in the Mooltipass project log on hackaday.io. We’ve also spent some time refining the two most popular card art designs so our manufacturers may print them correctly. We’ll soon integrate our updated USB code (allowing the Mooltipass to be detected as a composite HID keyboard / HID generic) into the main solution which will then allow us to work on the browser plugin.

It’s also interesting to note that we recently decided to stop using the GPL-licensed avrcryptolib. Our current project is CDDL licensed, allowing interested parties to use our code in their own project without forcing them to publish all the remaining code they created. The GPL license enforces the opposite, we therefore picked another AES encryption/decryption implementation. This migration was performed and checked by our dedicated contributor [Miguel] who therefore ran the AES NESSIE / CTR tests and checked their output, in less than a day.

We’re about to ship the first Mooltipass prototypes to our active contributors and advisers. A few weeks later we’ll send an official call for beta testers, just after we shown (here on Hackaday) what the final product looks like. Don’t hesitate to ask any question you may have in the comments section, you can also contact us on the dedicated Mooltipass Google group.

An Open Source Cortex-M0 Halogen Reflow Oven Controller With LCD

reflow oven controller

Homemade reflow ovens are a great inexpensive way to quickly solder multiple prototypes at once. [Andy] may just have built one of the best ones we’ve featured so far on Hackaday. For his project a £25 1300W 12litre halogen oven was chosen because of its low cost and fast heating time, the latter being required to follow typical reflow profile ramp-up stages.

To control the AC power [Andy] first bought a chinese Fotek Solid State Relay (SSR) on ebay, which was quickly replaced by an american one after reading concerning reports on the internet. He then made the same ‘mistake’ by buying the typical MAX6675 thermocouple-to-digital converter from the same website, as he spent much time understanding why the measurements were wrong when the IC was just defective. His final build is based around a 640×360 TFT LCD that he previously reverse engineered, the cortex-M0 STM32F051C8T7, a SPI flash, some power regulators and buttons. The firmware was written in C++ and we’ll let our readers visit [Andy]‘s page to see how well  his oven performs.

Sending Open-Source Satellites to Space

An anonymous reader tipped us about two Argentinian satellites (satellite one, satellite two) that were sent in 2013 to space. What is interesting about them? They are both based on commercial off-the-shelf (COTS) components, and the team released the framework & flight computer software for their main platform (named cubesat, GitHub link). Gunter’s space page not only impresses us by showing the quantity of small/amateur satellites sent each month to space, but also lets us know that the hardware source files for CudeBug 1/2 are meant to be released. In the meantime we can only gather that they’re using a Texas Instruments TMS570 running FreeRTOS. Nevertheless, the two different web pages (in spanish and english) offer us a very interesting glimpse of what it takes to send an electronic project to space and how it later behaves.

You may also be interested in checking out ArduSat, a successful kickstarter campaign aimed at sending Arduino experiments in space.

A Z80 Retro Microcomputer for the Papilio Pro FPGA Board


[Will] wrote a 128MHz Z80-based retro microcomputer which runs on a Papilio Pro board. For those who don’t know, the latter is built around a Spartan-6 LX9 FPGA so you may imagine that much work was required to implement all the computer features in VHDL. The T80 CPU core was taken from opencores, the SDRAM controller was imported from Mike Field’s work but [Will] implemented several additional functions on his own:

- a 4KB paged Memory Management Unit to translate the 16-bit (64KB) logical address space into a 26-bit (64MB) physical address space.

- a 16KB direct mapped cache to hide the SDRAM latency, using the FPGA internal block RAM

- a UART interface for external communications

He also ported CP/M-2.2, MP/M-II and UZI (a UNIX system) to the computer. His project is completely open-source and all the source code can be downloaded at the end of [Will]‘s write up.

Thanks [hamster] for the tip.

uMotio: An Arduino Compatible 3D Gesture Controller


The Mooltipass project USB code contributor [Tom] and his friend [Ignatius] recently launched their Indiegogo campaign: meet the 3D gesture controller uMotio (Indiegogo link). As [Tom] has been spending much of his personal time helping the Mooltipass community, we figured that a nice way to thank him would be to try making their great open project one step closer to a disseminated product.

As you can see in the video embedded after the break, the uMotio is a plug and play system (detected as a USB HID joystick & keyboard with a CDC port) that can be used in many different scenarios: gaming, computer control, domotics, music, etc… The platform is based around an ATMega32u4 and the much discussed MGC3130 3D tracking and gesture controller. This allows a 0 to 15cm detection range with a resolution of up to 150dpi. uMotio is Arduino compatible so adapting it to your particular project can be done in no time especially using its dedicated expansion header and libraries. The uMotio blue even integrates an internal Li-ion battery and a Bluetooth Low Energy module.

[Read more...]