Kickstarting Router-Based Development Boards

[Squonk] is rather famous in the world of repurposed routers, having reverse engineered the TL-WR703N wireless router from TP-Link a few years ago. With that knowledge, he’s developed an open platform for Things on the Internet called Domino. It’s pretty much exactly what you would get by cracking open a router bought on AliBaba, only in a much more convenient package with many more pins broken out.

The Domino builds on [Squonk]’s reverse engineering efforts of the TP-Link TL-WR703N wireless router, the router that has stolen the thunder from the Linksys WRT54G for all those sweet, sweet, embedded hacks. Both the 703N and the Domino are built around the Atheros AR9331. While the router version of this chipset only breaks out a few GPIOs and other interesting pins, the Domino breaks out just about everything – GPIO, JTAG, I2S, UART, SPI, USB, and Ethernet can be found on the device.

The basic Domino can hopefully be had with a $25 pledge to the Kickstarter campaign. That’s a little less than the normal price for a WR-703N, and if you’re putting a router in a hat it might be worth your while. There are a few advanced versions that include an ATMega32u4 microcontroller, making it compatible with the Arduino Yun as well.

D-Link Fails at Strings

Small Office and Home Office (SOHO) wireless routers have terrible security. That’s nothing new. But it is somewhat sad that manufacturers just keep repurposing the same broken firmware. Case in point: D-Link’s new DIR-890L, which looks like a turtled hexapod. [Craig] looked behind the odd case and grabbed the latest firmware for this device from D-Link’s website. Then he found a serious vulnerability.

D-Link's DIR-890 Router

The usual process was applied to the firmware image. Extract it, run binwalk to find the various contents of the firmware image, and then extract the root filesystem. This contains all the code that runs the router’s various services.

The CGI scripts are an obvious place to poke for issues. [Colin] disassembled the single executable that handles all CGI requests and started looking at the code that handles Home Network Administration Protocol (HNAP) requests. The first find was that system commands were being built using HNAP data. The data wasn’t being sanitized, so all that was needed was a way to bypass authentication.

This is where D-Link made a major error. They wanted to allow one specific URL to not require authentication. Seems simple, compare string A to string B and ensure they match. But they used the strstr function. This will return true if string A contains string B. Oops.

So authentication can be bypassed, telnetd can be started, and voila: a root shell on D-Link’s most pyramid-shaped router. Oh, and you can’t disable HNAP. May we suggest OpenWrt or dd-wrt?

Homemade 3D Carving Duplicator

[Frank] is a guitar builder and has to make a quantity of acoustic guitar bridges that wouldn’t make sense to do manually by hand each time. He wanted a way of duplicating bridges quickly and precisely but he didn’t want to go to a CNC machine. Instead, he build a 3D duplicating machine.

The machine has 3 perpendicular axes, just like a milling machine. Mounted to the Z Axis is an air powered spindle that can reach 40,000 RPM. All 3 axes are moved by the operators hands. Normally, free-hand cutting something like this would be very difficult. [Frank’s] solved this in his machine by using a stylus that is offset from the cutting bit. The stylus is the same effective length and diameter of the cutting bit and is guided over a finished bridge pattern. While the stylus is tracing the pattern, the spindle and bit are removing material from a bridge blank. The stylus is continually moved over the entire pattern bridge until the spindle is finished carving out a new bridge out of the blank.

To aid in lifting the heavy Z Axis and spindle, [Frank] added a counter balance to make tracing the pattern extremely easy. Once the new bridge is carved, it only requires minor sanding to remove the tool marks before being installed on a guitar! [Frank] admits his linear bearings and rails are very rigid but also very expensive. If you’re interested in a less-expensive 3D duplicator, check out this project.

Is The Arduino Yun Open Hardware?

According to [Squonk42], nope. And we think he’s probably right.

The Yun is an Arduino Leonardo with an Atheros AR9331 WiFi SoC built in. It’s a great idea, pairing the Arduino with a tiny WiFi router that’s capable of running OpenWRT.  But how is this no longer Open Source Hardware? Try getting an editable board layout. You can’t.

Or at least [Squonk42] couldn’t. In Sept. 2013, [Squonk42] posted up on the Arduino forums requesting the schematics and editable design files for the Arduino Yun, and he still hasn’t received them or even a response.

Now this dude’s no slouch. He’s responsible for the most complete reverse-engineering of the TP-Link TL-WR703N pocket router, which is, not coincidentally, an Atheros AR9331-based reference design. And this is where the Arduini ran into trouble, [Squonk42] contends.

[Squonk42]’s hypothesis is that Arduino must have done what any “sane” engineer would do in this case when presented with a super-complex piece of hardware and a potentially tricky radio layout: just use the reference design (Atheros AP-121). That’s what everyone else in the industry did. And that’s smart, only the rest of the consumer electronics industry isn’t claiming to be Open Source Hardware while the reference design is protected by an NDA.

So it looks like Arduino’s hands are tied. They, or their partner Dog Hunter, either signed the NDA or downloaded the PDF of the reference design that’s floating around on the Interwebs. Either way, it’s going to be tough to publish the design files under a Creative Commons Attribution Share-Alike license.

Is this a change of strategy for the Arduino folks or did they just make a mistake? We won’t know until they respond, and that answer’s a year and a half in coming. Let’s see what we can do about that. And who knows, maybe Arduino can lean on Atheros to open up their reference design? It’s already an open secret at best.

But before you go out lighting up your righteous Open Source Hardware pitchforks and sharpening up your torches, read through [Squonk42]’s case and then dig through the primary sources that he’s linked to make up your own mind. You’ll make your case more eloquently if you’re making it yourself.

Good luck, [Squonk42]! We hope you at least get your answer. Even if you already know it.

A Router Table with Height Control

The wood router is a versatile power tool which can be picked up at a low price. Nicer router setups are mounted underneath a table, with the cutting head poking through. This makes it easier and safer to work with the tool.

[Paul] combined his interest in electronics and woodworking by making a router table with automated controls [translation]. The neat part of this build is the automated height control, which ensures accurate cutting depth.

The router is mounted to a threaded rod, which allows it to be moved up and down by a motor. A low cost L298 motor driver provides the power to the motor, which is controlled by an Arduino Uno. A VCNL4020 based sensor board is used to measure distance and accurately set the router height. This tiny proximity sensor looks like a nifty chip, providing distance measurements up to 200 mm and an ambient light sensor in one package.

The routing table has an LCD display and buttons, allowing the user to dial in their desired height. The entire thing was built using recycled bits and well under $100 in new parts.

Hacklet 31 – Software Tools

For every computer error, there are two human errors, and one of them is blaming the computer. Whenever a human blames a computer for something, there are two tools, and one of them is the computer.

Not all of your nifty tools need to be fancy robots, CNC machines, or nifty Robertson screwdrivers; a computer is equally capable of being a fantastic tool, provided it has the right software. For this week’s Hacklet, we’re going through some of the best software tools on

6653681421957570397[Alan] was inspired to build a software tool for making sewing patterns. Sewing patterns are usually designed for the ‘average’ person, but if you’re making custom wearables, you should end up with a piece of clothing that fits perfectly.

The first project [Alan] is using this tool for is a fleece cap that fits the contour of his head. He captured a 3D mesh of his head, imported the mesh into Blender, and unwrapped the resulting mesh. The two halves of the hat were then plotted with a Silhouette Cameo, cut out of fleece, and sewn together. The result is a beanie that fits perfectly around [Alan]’s head. It’s an extremely cool and novel application of 3D modeling, and if you ever need to wrap a 3D object with a 2D material, this is the project you want to check out.

5869061407871295021 And you thought the autorouter in Eagle was bad.

[Anderson] built a tool called Pyrite that will take a schematic and build a layout in three-dimensional space. He calls them Volumetric Circuits, and it’s basically the point-to-point wiring found in old radios and amplifiers taken to the next level. We featured this project before, and there haven’t been many updates since then. Maybe giving [Anderson]’s project a few skulls will help motivate him to get back to the project.

133031421839442989 Not satisfied with the existing free and open source CAM programs, [Snegovick] started work on his own.

[Snegovick] calls his project BCAM, and it’s exactly what you need to mill holes in PCBs, cut gears with a CNC router, engrave plastic, and anything else a 2.5 axis CNC machine can do. The project is written in Python, and yes, the source is available. Supported operations include drilling, path following, offset path following, and pocketing.

Write enough microcontroller projects, and you’ll eventually come up with your own library of common code that does one thing and one thing well. If you’re smart, you’ll reuse that code in future projects. [ericwazhung] is cutting through the hard part of developing all this code and released some things that are useful in a whole lot of projects.

Included in the commonCode library are the usual ‘heartbeat LED’, non-blocking input, a standard interface for AVR timers, bitmaps of text characters, DC motor control, and a whole bunch more. Extremely useful in any event.

That’s it for this round of the Hacklet, bringing you the best has to offer.

Bypassing Broken SIP ALG Implementations

The SIP protocol is commonly used for IP telephone communications. Unfortunately it’s notorious for having issues with NAT traversal. Even some major vendors can’t seem to get it right. [Stephen] had this problem with his Cisco WRVS4400N router. After a bit of troubleshooting, he was able to come up with a workaround that others may find useful.

The router had built in SIP ALG functionality, but it just didn’t work. [Stephen] was trying to route SIP traffic from a phone to an Asterisk PBX system behind the router. The router just couldn’t properly handle these packets regardless of whether SIP ALG was enabled or disabled.

[Stephen] first tried to change the SIP port on the external VOIP phone from the default of 5060 to something else. Then he setup port forwarding on the router to the Asterisk box to forward the traffic to the Asterisk system on the original port. This sort of worked. The calls would go through but they would eventually drop after about 20 seconds.

The only thing that [Stephen] could get to work completely was to change the SIP port in Asterisk’s sip.conf file using the “bindport” directive. He changed it to some random unused high port number. Then he setup port forwarding on the router to forward incoming UDP packets on that port to the Asterisk system. This worked fine, but now all of the original phones behind the router stopped working because they were configured to use the default port of 5060.

Rather than re-configure all of the phones in the organization, [Stephen] made one change on the Asterisk system. He setup an iptables rule to forward all incoming traffic on UDP port 5060 to the new SIP port. Now all of the phones are working with minimal changes across the organization. It’s a lot of hassle to go through just because the router couldn’t handle SIP correctly, but it gets the job done.