Keeping The Family Off The Net With An Undocumented Backdoor

memetics

When [Eloi] was home for Christmas, he faced one of the most difficult problems man has ever faced: his entire family, equipped with smartphones and laptops, siphoning all the Internet through a 1Mb/s connection. For any technically minded person, the fix for this problem is to limit the bandwith for all those Facebook and Twitter-heads, while leaving [Eloi]‘s battlestation unaffected. [Eloi] had originally set up the Linksys WAG200G router in the family home a few years ago but had since forgotten the overly complex admin password. No worries, then, because apparently the WAG200G is open as wide as a barn door with a completely undocumented backdoor.

Without the password to the admin panel of the router, [Eloi] needed a way in. After pointing nmap at the router, he found an undocumented service running on port 32764. Googling this observation resulted in a lot of speculation, so the only option was to download the router’s firmware, look for the service, and figure out a way in.

[Eloi] eventually got a shell on the router and wrote a very short Python script to automate the process for all WAG200G routers. As for where this backdoor came from, it appears a SerComm device on the router is responsible. This means a whole bunch of routers with this specific SerComm module also have this backdoor, and we’d assume anything with a service running on port 32764 is suspect.

If you’re looking for a fix for this backdoor, your best bet is probably installing OpenWRT or Tomato. The OpenWAG200 project, an open firmware specifically designed for [Eloi]‘s router, still has this vulnerability, though.

Software Advice for Anyone Thinking About a CNC Router

cnc-router-software-tricks

Excellent results can come from a small CNC router, but don’t forget the software!

CNC tools, whatever their flavor, can greatly enhance your “making” or DIY ability. My current tool of choice is a CNC router. Being familiar with a manual milling machine, the concept seemed similar, and the price of these is quite reasonable when compared to some other tools. As described in this post, my machine is a Zen Toolworks model, but there are certainly other options to visit like this Probotix V90 model noted recently in this post.

Although any number of CNC router models look great in videos and pictures, rest assured that even the best machines require some patience to get one running satisfactorily. Setting up the machine can be a challenge, as well as figuring out what your machine is capable of, but one thing that might slip peoples’ minds is the software involved. Read on to find out all you need to know the basics of what goes on behind the scenes to “magically” produce interesting parts. [Read more...]

Getting SPI on a router

router

Cheap routers such a s the TP-LINK 703n and the TP-LINK MR3020 (seen above) can be used for much more than just connecting your laptop to your cable modem. They’re actually very small Linux boxes and with OpenWRT, you can control every aspect of these tiny pocket-sized computers. It’s frequently been suggested that these routers are awesome substitutes for the usual methods of getting Internet on a microcontroller, but how do you actually do that? The onboard serial port is a great start, but this also dumps output from the Linux console. What you need here is an SPI connection, and [ramcoderdude] has just the solution for you.

Linux already has a few SPI modules, but these are only accessible with kernel drivers. Traditionally, the only way to access SPI is to recompile the kernel, but [coderdude] created a kernel module that allows any device running the Attitude Adjustment OpenWRT image to dynamically allocate SPI busses.

He’s already submitted this patch to the OpenWRT devs, and hopefully it will be included in future updates. Very cool, we think, and something that can open a whole lot of doors for hacking up routers very easily.

Briefcase mill

briefcase-mill

Take the machine shop with you; that’s the mantra which drove [Ryan] to build this CNC mill in a briefcase. That album will give you a taste of the final product. But you’ll want to dig through two pages of his forum thread starting with this post in order to behold the build process.

The image above is only part way through the fabrication, but we thought it gave the best overall view of his work. It’s missing the cables which connect to the control circuitry in the lid. The bed has also not been installed and this was before he fabricated the protective case for the PCBs.

Getting everything to fit inside of a folding case was quite a trick. Of course he used CAD to make sure it was possible. There are several places where the clearance when closed is about 2mm. We’re shocked by the build quality of the mill itself. It’s a novel idea to make it portable, but the accuracy and reliability of the machine didn’t suffer for the concept.

If you need a desktop mill that’s not quite as portable here’s a project which will dish out some inspiration.

ShapeOko build log — it’s a CNC mill in a box

shapeoko-build-log

We’re not blatantly trying to promo this product. It’s just that the build log covering a ShapeOko assembly process taken on by [Anool] is like crack for those of us who have yet to acquire our own desktop CNC mills.

Like the title says, this thing is basically a mill in a box. But [Anool] decided to order the version of the kit that doesn’t come with any motors or control electronics. He also planned for future upgrades by ordering additional extruded rail to increase the size of the ShapeOko. After assembling the frame his decision to source stepper motors locally bit him as they were out of stock. But there was still plenty to do preparing control electronics during the wait. He based his system on a Raspberry Pi which talks to an Arduino to address the motors and monitor the sensors.

Once all the parts were finally accounted for he tested the rig as a pen plotter. The pen was eventually replaced with the router motor and that ring light PCB seen above was the first thing he milled with it.

[Thanks Justin]

Console radio given new life with a WiFi router retrofit

tube-radio-wifi-router-retrofit

[Craig] did a great job of restoring the case of his antique console radio. But he wanted to bring the guts up to modern standards. The fix ended up being rather easy when it comes to hardware. He based his internet radio retrofit around a wireless router.

We laughed when we heard that he removed about eighty pounds of original electronics from this beast. He then cut a piece of MDF to serve as a mounting platform for the replacement hardware. The WiFi router takes care of audio playback from several sources and offers him the ability to control the stereo from a smart phone or a computer. It has a USB port to which he connected a hub to make room for the USB sound card and a thumb drive which holds his music library. The black box in the upper right is an amp which feeds the NHT stereo speakers housed in the lower half of the cabinet.

It doesn’t make use of the original knobs like the recent tube-amp conversion we looked at. But [Craig] did add some LEDs which illuminate the dial to help keep that stock look.

Upgrading a router with impeccable soldering skills

router

[Necromant] recently acquired a router that was nearly free. Looking his gift horse in the mouth, he hooked up a serial port to see if it could run some updated firmware such as OpenWRT. The initial findings were promising; it used the same CPU as the very popular WR703N, but this free router only had 2 MiB of Flash and 8 MiB of RAM – barely enough to do anything. His solution to this problem is in the true hacker tradition: just solder some more chips onto the router.

Upgrading the RAM was comparatively easy; [Necromant] found an old stick of RAM, desoldered one of the chips, and replaced the measly 8 MiB chip with a new 64 Megabyte chip.

The Flash, though, proved more difficult. Without the right code in the Flash for the radio test, the router wouldn’t be useful at all. The solution was to read the original 2 MiB chip, read the Flash from a  WR703, and combined the two with a simple dd command. This was written to a new SPI flash chip with a buspirate and a home etched board.

Follow

Get every new post delivered to your Inbox.

Join 93,915 other followers