There’s a great game of capture-the-flag that takes place every year at HITCON. This isn’t your childhood neighborhood’s capture-the-flag in the woods with real flags, though. In this game the flags are on secured servers and it’s the other team’s mission to break into the servers in whatever way they can to capture the flag. This year, though, the creators of the game devised a new scoreboard for keeping track of the game: a lightsaber.
In this particular game, each team has a server that they have to defend. At the same time, each team attempts to gain access to the other’s server. This project uses a lightsaber stand that turns the lightsabers into scoreboards for the competition at the 2015 Hacks In Taiwan Conference. It uses a cheap OpenWRT Linux Wi-Fi/Ethernet development board, LinkIt Smart 7688 which communicates with a server. Whenever a point is scored, the lightsaber illuminates and a sound effect is played. The lightsabers themselves are sourced from a Taiwanese lightsabersmith and are impressive pieces of technology on their own. As a bonus the teams will get to take them home with them.
While we doubt that this is more forced product integration advertisement from Disney, it certainly fits in with the theme of the game. Capture-the-flag contests like this are great ways to learn about cyber security and how to defend your own equipment from real-world attacks. There are other games going on all around the world if you’re looking to get in on the action.
Continue reading “Capture the Flag with Lightsabers”
There are numerous instances where we need to know our location, but cannot do so due to GPS / GSM signals being unavailable and/or unreachable on our Smart Phones. [Blecky] is working on SubPos to solve this problem. It’s a WiFi-based positioning system that can be used where GPS can’t.
SubPos does not need expensive licensing, specialized hardware, laborious area profiling or reliance on data connectivity (connection to database/cellphone coverage). It works independently of, or alongside, GPS/Wi-Fi Positioning Systems (WPS)/Indoor Positioning Systems (IPS) as an additional positioning data source by exploiting hardware commonly available.
As long as SubPos nodes are populated, all a user wishing to determine their location underground or indoors needs to do is use a Wi-Fi receiver. This can be useful in places such as metro lines, shopping malls, car parks, art galleries or conference centers – essentially anyplace GPS doesn’t penetrate. SubPos defines an accurate method for subterranean positioning in different environments by exploiting all the capabilities of Wi-Fi. SubPos Nodes or existing Wi-Fi access points are used to transmit encoded information in a standard Wi-Fi beacon frame which is then used for position triangulation.
The SubPos Nodes operate much like GPS satellites, except that instead of using precise timing to calculate distance between a transmitter and receiver, SubPos uses coded transmitter information as well as the client’s received signal strength. Watch a demo video after the break.
Continue reading “Hackaday Prize Entry : Subterranean Positioning System”
There’s a new piece of electronics from China on the market now: the USR-HTW Wireless Temperature and Humidity Sensor. The device connects over Wi-Fi and serves up a webpage where the user can view various climate statistics. [Tristan] obtained one of these devices and cracked open the data stream, revealing that this sensor is easily manipulated to do his bidding.
Once the device is connected, it sends an 11-byte data stream a few times a minute on port 8899 which can be easily intercepted. [Tristan] likes the device due to the relative ease at which he could decode information, and his project log is very detailed about how he went about doing this. He notes that the antenna could easily be replaced as well, just in case the device needs increased range.
There are many great reasons a device like this would be useful, such as using it as a remote sensor (or in an array of sensors) for a homemade thermostat, or a greenhouse, or in any number of other applications. The sky’s the limit!
Just before the days where every high school student had a cell phone, everyone in class had a TI graphing calculator. In some ways this was better than a cell phone: If you wanted to play BlockDude instead of doing trig identities, this was much more discrete. The only downside is that the TI calculators can’t easily communicate to each other like cell phones can. [Christopher] has solved this problem with his latest project which provides Wi-Fi functionality to a TI graphing calculator, and has much greater aspirations than helping teenagers waste time in pre-calculus classes.
The boards are based around a Spark Core Wi-Fi development board which is (appropriately) built around a TI CC3000 chip and a STM32F103 microcontroller. The goal of the project is to connect the calculators directly to the Global CALCnet network without needing a separate computer as a go-between. These boards made it easy to get the original Arduino-based code modified and running on the new hardware.
After a TI-BASIC program is loaded on the graphing calculator, it is able to input the credentials for the LAN and access the internet where all kinds of great calculator resources are available through the Global CALCnet. This is a great project to make the math workhorse of the classroom even more useful to students. Or, if you’re bored with trig identities again, you can also run a port of DOOM.
Most Hackaday readers may remember the Spark Core, an Arduino-compatible, Wi-Fi enabled, cloud-powered development platform. Its Kickstarter campaign funding goal was 10k, but it ended up getting more than half a million. The founder and CEO of Spark [Zach Supalla] recently published an article explaining why Kickstarter projects are always delayed as the Spark core project currently is 7 weeks behind schedule.
[Zach] starts off by mentioning that most founders are optimistic, making them want to embark in this kind of adventure in the first place. In most presentation videos the prototypes shown are usually rougher than they appear, allowing the presenters to skip over the unfinished bits. Moreover, the transition from prototype to “manufacturable product ” also adds unexpected delays. For example, if a product has a plastic casing it is very easy to 3D print the prototype but much harder to setup a plastic injection system. Last, sourcing the components may get tricky as in the case of Spark core the quantities were quite important. Oddly enough, it was very hard for them to get the sparkcore CC3000 Wifi module.
[Dmitry] read about hacking the Transcend WiFi cards, and decided to give it a try himself. We already covered [Pablo’s] work with the Transcend card. [Dmitry] took a different enough approach to warrant a second look.
Rather than work from the web interface and user scripts down, [Dmitry] decided to start from Transcend’s GPL package and work his way up. Unfortunately, he found that the package was woefully incomplete – putting the card firmly into the “violates GPL” category. Undaunted, [Dmitry] fired off some emails to the support staff and soldiered on.
It turns out the card uses u-boot to expand the kernel and basic file system into a ramdisk. Unfortunately the size is limited to 3MB. The limit is hard-coded into u-boot, the sources of which transcend didn’t include in the GPL package.
[Dmitry] was able to create his own binary image within the 3MB limit and load it on the card. He discovered a few very interesting (and scary) things. The flash file system must be formatted FAT32, or the controller will become very upset. The 16 (or 32)GB of flash is also mounted read/write to TWO operating systems. Linux on the SD card, and whatever host system the card happens to be plugged in to. This is dangerous to say the least. Any write to the flash could cause a collision leading to lost data – or even a completely corrupt file system. Continue reading “Advanced Transcend WiFi SD Hacking: Custom Kernels, X, and Firefox”
[Pablo] is a recent and proud owner of a Transcend WiFi SD Card. It allows him to transfer his pictures to any WiFi-enabled device in a matter of seconds.
As he suspected that some kind of Linux was running on it, he began to see if he could get a root access on it… and succeeded.
His clear and detailed write-up begins with explaining how a simple trick allowed him to browse through the card’s file system, which (as he guessed correctly) is running busybox. From there he was able to see if any of the poorly written Perl scripts had security holes… and got more than he bargained for.
He first thought he had found a way to make the embedded Linux launch user provided scripts and execute commands by making a special HTTP POST request… which failed due to a small technicality. His second attempt was a success: [Pablo] found that the user set password is directly entered in a Linux shell command. Therefore, the password “admin; echo haxx > /tmp/hi.txt #” could create a hi.txt text file.
From there things got easy. He just had to make the card download another busybox to use all the commands that were originally disabled in the card’s Linux. In the end he got the card to connect a bash to his computer so he could launch every command he wanted.
As it was not enough, [Pablo] even discovered an easy way to find the current password of the card. Talk about security…