Using HID Tricks to Drop Malicious Files

[Nikhil] has been experimenting with human interface devices (HID) in relation to security. We’ve seen in the past how HID can be exploited using inexpensive equipment. [Nikhil] has built his own simple device to drop malicious files onto target computers using HID technology.

The system runs on a Teensy 3.0. The Teensy is like a very small version of Arduino that has built-in functionality for emulating human interface devices, such as keyboards. This means that you can trick a computer into believing the Teensy is a keyboard. The computer will treat it as such, and the Teensy can enter keystrokes into the computer as though it were a human typing them. You can see how this might be a security problem.

[Nikhil’s] device uses a very simple trick to install files on a target machine. It simply opens up Powershell and runs a one-liner command. Generally, this commend will create a file based on input received from a web site controlled by the attacker. The script might download a trojan virus, or it might create a shortcut on the user’s desktop which will run a malicious script. The device can also create hot keys that will run a specific script every time the user presses that key.

Protecting from this type off attack can be difficult. Your primary option would be to strictly control USB devices, but this can be difficult to manage, especially in large organizations. Web filtering would also help in this specific case, since the attack relies on downloading files from the web. Your best bet might be to train users to not plug in any old USB device they find lying around. Regardless of the methodology, it’s important to know that this stuff is out there in the wild.

Improving the Parallax Propeller in an FPGA

The Parallax Propeller is an interesting chip that doesn’t get a lot of love, but since the entire chip was released as open source, that might be about to change: people are putting this chip inside FPGA and modifying the binaries to give the chip functions that never existed in the original.

Last August, Parallax released the source for the P8X32A, giving anyone with an FPGA board the ability to try out the Prop for their own designs. Since then, a few people have put some time in, cleaning up the files, unscrambling ROM images, fixing bugs, and all the general maintenance that an open source microcontroller core requires.

[Sylwester] has grabbed some of the experimental changes found on the Parallax forum and included them as a branch of the Propeller source. There is support for a second 32-bit port, giving the new chip 64 I/O pins, multiply instructions, video generators, hard-coded SD card libraries, and a variant called a microProp that has four cores instead of eight.

You can grab all the updated sources right here and load them up on a DE0 Nano FPGA board. If you’re exceptionally lucky and have the Altera DE2-115 dev board, you’ll also be able to run the upcoming Propeller 2.

A Complete C64 System, Emulated on an STM32

The Commodore 64 is the worlds bestselling computer, and we’re pretty sure most programmers and engineers above a certain age owe at least some of their career to this brown/beige keyboard that’s also a computer. These engineers are all grown up now, and it’s about time for a few remakes. [Jeri Ellisworth] owes her success to her version, there are innumerable pieces of the C64 circuit floating around for various microcontrollers, and now [Mathias] has emulated everything (except the SID, that’s still black magic) in a single ARM microcontroller.

On the project page, [Mathais] goes over the capabilities of his board. It uses the STM32F4, overclocked to 235 MHz. There’s a display controller for a 7″ 800×480 TFT, and 4GB of memory for a library of C64 games. Without the display, the entire project is just a bit bigger than a business card. With the display, it’s effectively a C64 tablet, keyboard not included.

This is a direct emulation of the C64, down to individual opcodes in the 6510 CPU of the original. Everything in the original system is emulated, from the VIC, CIAs and VIAs, serial ports, and even the CPU of the 1541 disk drive. The only thing not emulated is the SID chip. That cherished chip sits on a ZIF socket for the amazement of onlookers.

You can check out some images of the build here, or the video demo below.

Continue reading “A Complete C64 System, Emulated on an STM32″

Hackaday Links: August 24, 2014


Remember those ‘cocktail’ arcade cabinets? The Ikea Lack table has existed for years, so why not make one into an arcade table? Raspberry Pi with RetroPie as the brains,  and an ancient 4:3 monitor as the display.

Old Unixes! Running on PDPs, Novas, and IBMs! Thanks to Simh, you can emulate these old machines. [Matt] put up a guide to getting Simh running on a Pi that includes running Unix V5 on an emulated PDP-11.

Ever wanted to run your own telecom? The folks at Toorcamp did just that, 50 lines, 10,000 feet of 1-pair, and 1,500 feet of 2-pair. There’s a facebook album of all the pics.

Remember last week when Sparkfun said they shipped 2000 Microviews without a bootloader? Make interviewed [Marcus Schappi], the guy behind the MicroView. There’s also a tutorial on how to fix the issue.

Barbie needs an exorcism.

Remember the [Lord Vetinari] clock from way back when? It’s a clock that ticks 86400 times a day, but the interval between each second is just slightly random and enough to drive people insane. Here’s a kit on Tindie that makes it pretty easy to build a Ventinari clock, or a variety of other clocks that are sufficiently weird. There’s also a martian clock that’s 39 minutes and 36 seconds longer than normal, perfect for the folks at JPL.

0x1f 0x000 IZO EMESS 1407981609

FPGA with Open Source Propeller 1 Running Spin


Open Sourcing something doesn’t actually acquire meaning until someone actually uses what has been unleashed in the wild. We’re happy to see a working example of Propeller 1 on an FPGA dev board. That link takes you to a short description and some remapping of the pins to work with a BeMicro CV board. But you’ll want to watch the video below, or rather listen to it, for a bit more explanation of what [Sylwester] did to get this working.

You’ll remember that Parallax released the Propeller 1 as Verilog code a few weeks back. This project first loads the code onto the FPGA, then proves it works by running SIDcog, the Commodore 64 sound emulation program written in Spin for p8x32a processors.

We do find this to be an interesting first step. But we’re still waiting to see what type of hacks are made possible because of the newly available Verilog code. If you have a proof of concept working on other hardware, certainly tell us about it below. If you’ve been hacking on it and have something you want to show off, what are you waiting for?

Continue reading “FPGA with Open Source Propeller 1 Running Spin”

Raspberry Pi: the perfect machine for old DOS games


There’s a treasure trove of excellent yet ancient games made for DOS that are nearly unplayable on modern computers. Awesome games like the Lucasarts SCUMM adventures, the original Civilization and SimCity, Starflight, the King’s Quest series and even Leisure Suit Larry aren’t played much today because of the near impossibilities of getting them to run on modern hardware or setting up an emulator with proper sound.

[Patrick] has been doing his best to help out classic gamers with an x86 emulator for the Raspberry Pi. It’s designed to be a very capable DOS box with 20 MB of extended memory, a 640×480 display with 256 colors, an ~20MHz 486 emulated CPU, and a Soundblaster 2.0 sound card.

There’s still a lot of work to be done, but outside of finding a 20-year-old computer, emulation on a Raspberry Pi it probably the most authentic DOS gaming experience you’ll get.

Simulating CRT or Vector displays for more realistic emulation

simulated-crt-monitor-for-emulatorsScaled down it’s not as obvious that this image isn’t a crystal clear rendering of Mortal Kombat gameplay. But we’ve linked it to the full size version (just click on the image) so that you can get a better look. Notice the scan lines? This is the result of an effort to more accurately mimic the original hardware displays used in classic games. [Jason Scott] takes a look at the initiative by describing what he thinks is missing with the picture perfect quality of modern emulators.

One such effort is being mounted for MAME (Multiple Arcade Machine Emulator). There is a series of filters available — each with their own collection of settings — that will make your modern LCD display look like it’s a run-of-the-mill CRT. This is a novelty if you’re a casual gamer who dusts off the coin-op favorites twice a year. But if you’re building a standalone game cabinet this may be a suitable alternative to sourcing a working display that’s already decades old.