[Filipe] has been playing around with custom firmware for inexpensive IP cameras. Specifically, he has been using cameras based on a common HI3815 chip. When you are playing around with firmware like this, a major concern is that you may end up bricking the device and rendering it useless. [Filipe] has documented a relatively simple way to backup and restore the firmware on these cameras so you can hack to your heart’s content.
The first part of this hack is hardware oriented. [Filipe] cracked open the camera to reveal the PCB. The board has labeled serial TX and RX pads. After soldering a couple of wires to these pads, [Filipe] used a USB to serial dongle to hook his computer up to the camera’s serial port.
Any terminal program should now be able to connect to the camera at 115200 baud while the camera is booting up. The trick is to press “enter” during the boot phase. This allows you to log in as root with no password. Next you can reset the root password and reboot the camera. From now on you can simply connect to the phone via telnet and log in as root.
From here, [Filipe] copies all of the camera’s partitions over to an NFS share using the dd command. He mentions that you can also use FTP for this if you prefer. At this point, the firmware backup is completed.
Knowing how to restore the backup is just as important as knowing how to create it. [Filipe] built a simple TFTP server and copied the firmware image to it in two chunks, each less than 5MB. The final step is to tell the camera how to find the image. First you need to use the serial port to get the camera back to the U-Boot prompt. Then you configure the camera’s IP address and the TFTP server’s IP address. Finally, you copy each partition into RAM via TFTP and then copy that into flash memory. Once all five partitions are copied, your backup is safely restored and your camera can live to be hacked another day.
The D-Link DSP-W215 Smart Plug, a wireless home automation device for monitoring and controlling electrical outlets has just been hacked. Even though it isn’t readily available from Amazon or Best Buy yet, the firmware is already up on D-Link’s web site. The very well detailed write-up explains all the steps that led to this exploit creation.
First, the firmware was unpacked to examine the file system contents. It was found that the smart plug doesn’t have a normal web-based interface as users are expected to configure it using D-Link’s Android/iOS app. The apps however, appear to use the Home Network Administration Protocol (HNAP) to talk to the smart plug running a lighthttpd server. A look at the latter’s configuration file revealed the functions that could be called without any authentication. Another revealed that the firmware could accept an unlimited amount of POST request bytes which were copied in a fix length buffer without any performed checks. We’ll let our readers head to the original article to see where the author went from this point.
After going through the original quick list we tossed together, people were chiming in like crazy. We felt another 10 might help satiate the desire to smirk at the silliness of tech portrayed in movies and TV. Gathering examples from your comments, we have compiled part 2. While I would have loved to narrow this down to a specific item like incorrect lingo or screen grabs, I didn’t quite have enough specific scenes to do it yet. Be sure to keep the comments coming and be specific, I haven’t seen many of these till someone points it out.
Continue reading “Top 10 Hacking Failures in movies: part 2″
There is no single and definitive definition of what hacking is. We all have different versions of similar ideas in our head, but depending on your background and area of enthusiasm, hacking means something different. While dictionary.com has many definitions of the word itself, none seem to cover what we see on a daily basis.
We set out to define “hacking” ourselves. We tossed around words like “modify”, “kludge”, “explore”, and “create”. Each time we committed an increasingly vague definition onto the page, we decided it was too narrow and tossed it in the proverbial trash. The variations were just too many.
What we do know is that “hacking” seems to breed advancement and innovation. Much like mutations in an evolutionary chain, each hack pushes the topic in a slightly new direction, inspiring others and thereby perpretuating the evolutary event. In a very short time we’ve witnessed hacking bring forth the evolution of wagons to cars, kites to airplanes, and the creation of the computer.
We at Hackaday would like to declaire August 11th to be “International Hack Day”. A day to celebrate hacking in all of its diverse forms. From soldering to sewing, coding to carbonating, knitting to knurling, we want you to keep on hacking. Take August 11th as a day to show pride in your hacking. Waive your hacker flag high and educate those around you.
We have asked many of our friends to contribute their personal definition of hacking. Here they are, in the order they were received.
Continue reading “Announcing: International Hack Day, August 11th.”
Sometimes it helps to have an entire set of tools with you to tackle a problem, and sometimes it helps to take the discreet route. [StenoPlasma] took the latter of these approaches, and stuffed a USB hub, a 16 GB flash drive, and an Atheros based USB wireless adapter into a regular looking USB mouse to make a Linux bootable system in a mouse. Because he chose the Atheros adapter, he is also capable of doing packet injection with tools like Aircrack-ng, which can invaluable in a security audit or (white hat) hacking situation.
This is the only photo we have, so it could be possible that the mouse is no more than a mouse, however we know all of what [StenoPlasma] claims is 100% possible, so we’ll give him the benefit of the doubt, and hope this inspires others to hack up your own mouse kits. Be sure to check out the full parts list after the break.
Continue reading “Security Audit Kit in a Mouse”
For those out there who would enjoy a quick and interesting weekend project, this odometer made by [PeckLauros] is for you. Featured on Instructables it is made from the simplest of materials including some cardboard, a calculator, wires, glue, hot glue, magnetic drive key, an old CD and a reader, and a rubber band. The magnets, when attached to the CD work in a calculation to add 0.11m to the calculator when a magnet closes the circuit. [PeckLauros] points out that since it is a homebrewed device, it does have flaws such as adding 0.11m twice when the CD is rotated too slowly. It is easily fixed by simply running faster. The video is below the break.
Continue reading “Make Your Own Odometer from Scraps”
When a new virus or other piece of malware is identified, security researchers attempt to get a hold of the infection toolkit used by malicious users, and then apply this infection into a specially controlled environment in order to study how the virus spreads and communicates. Normally, these toolkits also include some sort of management console commonly used to evaluate successfulness of infection and other factors of the malware application. In the case of the EFTPS Malware campaign however, the admin console had a special trick.
This console was actually a fake, accepting a number of generic passwords and user accounts, and provide fake statistics to whoever looked in to it. All the while, the console would “call home” with as much data about the researcher as possible. By tricking the researchers in this way, the crooks would be able to stay one step ahead of anti-virus tools that would limit the effectiveness of any exploit. Thankfully though, the researchers managed to come out on top this time.