Beating Super Hexagon with OpenCV and DLL Injection

Every few months a game comes along which is so addictive, players can’t seem to put it down – no matter how frustrating it may get. Last year one of those games was Super Hexagon. After fighting his way through several levels, [Val] decided that designing a bot to beat the game would be more efficient than doing it himself. Having played a few rounds of Super Hexagon ourselves, we can’t fault him on that front!

At its core, Super Hexagon is a simple game. Walls move from the screen edges toward a ship located near the center of the screen. The player uses the arrow keys to “orbit” the ship around a central shape. Avoid getting crushed by the walls, and you’re golden. However, the entire game board is constantly spinning, expanding, contracting, flashing, and generally doing things to disorient the player while ever more complex wall patterns move in to kill you. In short, Super Hexagaon makes Touhou bullet hell games look like a cakewalk.

The first step in beating the game is to capture the screen. [Val] tried Fraps and VLC, but lags of 2 seconds or more were not going to work. Then [Val] turned to DLL Injection. Super Hexagon calls the OpenGL function glutSwapBuffers() to implement double buffering. Every frame of the game is rendered in the background. Once rendering is complete glutSwapBuffers() is called to swap the buffers, and the process starts over again. [Val] changed the game code such that his own frame capture function would be called instead of glutSwapBuffers(). Once he was done capturing the game’s video buffer, [Val] then called the real glutSwapBuffers() function. It worked perfectly.

Now that he had an image, [Val] used OpenCV to process it. Although game is graphically very noisy, there are only a few colors used at any one time. It didn’t take much work to come up with an algorithm which would create a binary image of the walls and the ship itself.

step5[Val] cast rays from the center of each wall through the center of the screen. The ray which was longest before intersecting another wall would be the best escape route. This simple solution worked, but only for about 40 seconds. At that point, Super Hexagon would start throwing more complex patterns, and the AI would fail. The final solution was to create an accessibility condition which also took into account how much space was available between the various approaching walls. This new version of the AI was able to beat the game.

So was this a more efficient method than grinding through Super Hexagon manually? Since [Val] now knows all about DLL injection and OpenCV, we sure think it was!

Click past the break to see the [Val’s] bot in action!

Continue reading “Beating Super Hexagon with OpenCV and DLL Injection”

Walk Like A Xenomorph

[James Bruton] is busy working on his latest project, a “scrap metal sculpture”-inspired Alien Xenomorph suit.  However, he wanted to get a boost in height as well as a digitigrade stance. To that end, [James] 3D-printed a pair of customized stilts. Each stilt consisted of a lifter with several parts laminated together using acetone. He bolted an old pair of shoes onto the stilts, adding straps across the toes to keep the shoes from lifting up.

While the stilts worked very well, [James] wanted to add soles to them to give him some traction as he walked – falling while in a Xenomorph costume composed of sharp plastic sounds painful enough! He decided to hybrid print the soles using ABS and Ninjaflex. The ABS part of the sole was then acetone-welded to the bottom of the stilts.

[James] hopes to add some claws for effect, so long as they don’t impede his walking too much. He has already completed a good amount of the 3D-printed suit. We know the finished project is going to be amazing: [James] has created everything from Daleks to Iron Man!

Continue reading “Walk Like A Xenomorph”

Raspberry Pi GSM Hat

The Spark Electron was released a few days ago, giving anyone with the Arduino IDE the ability to send data out over a GSM network. Of course, the Electron is just a GSM module tied to a microcontroller, and you can do the same thing with a Pi, some components, and a bit of wire.

The build is fairly basic – just an Adafruit Fona, a 2000 mah LiPo battery, a charge controller, and a fancy Hackaday Perma-Proto Hat, although a piece of perf board would work just as well in the case of the perma-proto board. Connections were as simple as power, ground, TX and RX. With a few libraries, you can access a Pi over the Internet anywhere that has cell service, or send data from the Pi without a WiFi connection.

If you decide to replicate this project, be aware you have an option of soldering the Fona module right side up or upside down. The former gives you pretty blinking LEDs, while the latter allows you to access the SIM. Tough choices, indeed.

Adam Savage’s First Order of Retrievability Tool Boxes

Let’s face it, we’re all a bit obsessed with tools. Whether it’s an oscilloscope or a screwdriver, having just the right tool can be the difference between loving what you are doing, or dreading it. But oddly enough, not much is talked about tool organization. We tend to think that how you organize your tools is just as import as the tools themselves.

[Adam Savage] of Mythbusters fame might just be the king of tool organization. In this thread on the Replica Props Forum, [Adam] shares the design and construction of two sets of mobile tool boxes he built while working at Industrial Light and Magic. The idea is simple: First Order Retrievability. That is, you should never have to move one tool to get to another. That in turn affords the fastest, most efficient way of working.

The evolution of this idea started with medical bags (the kind doctors would use, back in the day when doctors still made house calls), but as [Adam’s] tool collection grew, the leather was no match for 50 pounds of tools. So, he stepped up to two aluminum tool boxes. Adding wheels and a scissor lift allowed for a moveable set, at just the right height, that are always in reach. Perfect for model making, where being able to move to different parts of a model, and taking your tools with you is key. If you’re looking for a list of what’s inside [Adam]’s box of wonder, here you go.

What are some of your favorite ways of organizing your tools? What tips or tricks do you have? Post a picture or description in the comments.  I’m sure we all could learn a bit from one another.

DSP 01: Real, Legit Audiophile Goodness

About six months ago, we saw [tshen2]’s work on the DSP 01, a 2-input, 6-output DSP and crossover for extreme audiophiles, and we’re not talking about oxygen free rooms here. The DSP 01 turns a USB audio output into six outputs that will give you perfectly flat eq across bass, mids, and highs, integrates with a 6x100W amplifier, and compensates for room noise. There was a huge update to the project recently and [tshen] is more than happy to share the details

Getting to this phase of the project hasn’t been without its problems. To get the DSP communicating to a computer through a USB port, [tshen2] found a potential solution in the CP2114 USB to I2S Bridge. This device should function as a USB audio sink, translating digital audio into something the DSP understands. This chip did not work in [tshen]’s design. The CP2114 simply does I2S wrong; the I2S spec says the clock must be continuous. This chip implements I2S with a SPI, firmware, and a few other things, making it incompatible with to-spec I2S.

While there was some problems with getting audio in to the device, the core of the device has remained unchanged. [tshen2] is still using the Analog Devices DSP, with the interesting SigmaStudio being used to compensate for the frequency response of the room. This real, legit, science-based audiophile territory here, and an impressive development for a field that – sometimes understandably – doesn’t get the respect it deserves.

Stumbling Upon an Uber Vulnerability

[Nathan] is a mobile application developer. He was recently debugging one of his new applications when he stumbled into an interesting security vulnerability while running a program called Charles. Charles is a web proxy that allows you to monitor and analyze the web traffic between your computer and the Internet. The program essentially acts as a man in the middle, allowing you to view all of the request and response data and usually giving you the ability to manipulate it.

While debugging his app, [Nathan] realized he was going to need a ride soon. After opening up the Uber app, he it occurred to him that he was still inspecting this traffic. He decided to poke around and see if he could find anything interesting. Communication from the Uber app to the Uber data center is done via HTTPS. This means that it’s encrypted to protect your information. However, if you are trying to inspect your own traffic you can use Charles to sign your own SSL certificate and decrypt all the information. That’s exactly what [Nathan] did. He doesn’t mention it in his blog post, but we have to wonder if the Uber app warned him of the invalid SSL certificate. If not, this could pose a privacy issue for other users if someone were to perform a man in the middle attack on an unsuspecting victim.

[Nathan] poked around the various requests until he saw something intriguing. There was one repeated request that is used by Uber to “receive and communicate rider location, driver availability, application configurations settings and more”. He noticed that within this request, there is a variable called “isAdmin” and it was set to false. [Nathan] used Charles to intercept this request and change the value to true. He wasn’t sure that it would do anything, but sure enough this unlocked some new features normally only accessible to Uber employees. We’re not exactly sure what these features are good for, but obviously they aren’t meant to be used by just anybody.

ChipWhisperer Hits Kickstarter

Even the most well designed crypto algorithms can be broken if someone is smart enough to connect an oscilloscope to a processor. Over the last 15 years or so, an entire domain of embedded security has cropped up around the techniques of power and side channel analysis. The tools are expensive and rare, but [Colin O’Flynn] and the ChipWhisperer are here to bring a new era of hardware security to the masses.

The ChipWhisperer was the second place winner of last year’s Hackaday Prize. It’s an interesting domain of security research, and something that was previously extremely expensive to study. If you’re looking for a general overview of what the ChipWhisperer does, you might want to check out when we bumped into [Colin] at DEFCON last year.

While the original goal of the ChipWhisperer was to bring the cost of the tools required for power and side channel analysis down to something a hackerspace or researcher could afford, this was still too expensive for a Kickstarter campaign. To that end, [Colin] designed the ChipWhisperer Lite, a cut-down version, but still something that does most of what the original could do.

There are two parts to the ChipWhisperer Lite – the main section contains a big microcontroller, a big FPGA, and a high gain, low noise amplifier. This is the core of the ChipWhisperer, and it’s where all the power analysis happens. The other part is a target board containing an XMega microcontroller. This is where you’ll run all your encryption algorithms, and where you’ll find out if they can be broken by power analysis. The main board and target board are held together by a break-away connection, so if you want to run a power analysis on another board, just snap the ChipWhisperer in half.

[Colin] is offering up a ChipWhisperer Lite for around $200 USD – far, far less than what these tools cost just a year ago. We’re looking forward to a successful campaign and all the neat findings people with this board will find.