Using Router SoCs as WiFi Modules (Yet Again)

8-bit AVRs and 32-bit ARMs do one thing, and one thing well: controlling other electronics and sensors while sipping power. The Internet of Things is upon us and with that comes the need for connecting to WiFi networks. Already, a lot of chips are using repackaged System on Chips to provide an easy way to connect to WiFi, and the USR-WIFI232-T is the latest of the bunch. It’s yet another UART to WiFi bridge, and as [2XOD], it’s pretty easy to connect to an AVR.

The module in question can be had through the usual channels for about $11, shipped straight from China, and the only purpose of this device is to provide a bridge between a serial port and a wireless network. They’re not that powerful, and are only meant for simple tasks,

[2XOD] got his hands on one of these modules and tested them out. They’re actually somewhat interesting, with all the configuration happening over a webpage served from the device. Of course the standard AT commands are available for setting everything up, just like the ESP8266.

With a month of testing, [2XOD] has found this to be a very reliable device, logging temperatures every minute for two weeks. There’s also a breakout board available to make connection easy, and depending on what project you’re building, these could be a reasonable stand-in for some other popular UART -> WiFi chips.

A Development Board for the ESP8266

[Necromant] is ready to dip his toes into the world of firmware development for everyone’s favorite WiFi chip, the ESP8266. Before that begins, it would be a good idea to make a nifty little breakout board for this chip. Here it is, a board with a USB to UART converter with board art that’s compatible with a toner transfer process.

Since this is just a board that turns USB into something the ESP8266 can understand, the most reasonable course of action would be to throw an FTDI chip in there and call it a day. We wouldn’t suggest that. Instead, [necromant] is using a Prolific PL2303HX. The RTS/DTR pins on the serial chip aren’t used, but only because the ESP8266 forums haven’t yet decided on how to connect them to the WiFi chip. GPIOs on the Prolific are broken out for some other projects [necromant] has in mind, with a userspace driver to make everything work.

[Necromant] is the creator of Antares, a build system for microcontrollers and a Hackaday Prize entry. He intends to make his build system compatible with this WiFi chip, just as soon as everyone else figures out an easy way to make it work.

An ESP8266 Based Smartmeter

During these last weeks we’ve been talking a lot about the ESP8266, a $4 microcontroller based Wifi module. As the SDK was recently released by Espressif a lot of cheap Internet of Things applications were made possible.

[Thomas] used one module to make a simple smartmeter measuring the active time of his heater together with the outside temperature. He added 2 AT commands starting/stopping the logging process and used one GPIO pin to monitor the heater’s oil pump state. The measurements are then periodically pushed via a TCP connection to his data collecting server, which allows him to generate nice graphs.

In the video embedded below you’ll see [Thomas] demoing his system. On his hackaday.io project page he put up a very detailed explanation on how to replicate his awesome project. All the resources he used and create can also be downloaded on the project’s GitHub page.

Continue reading “An ESP8266 Based Smartmeter”

Reverse Engineering the D-Link WPS Pin Algorithm

sub_4D56F8

A router with WPS requires a PIN to allow other devices to connect, and this PIN should be unique to every router and not derived from other easily accessible data found on the router. When [Craig] took a look at the firmware of a D-Link DIR-810L 802.11ac router, he found exactly the opposite; the WPS PIN was easily decipherable because it was generated entirely from the router’s MAC address and could be reverse engineered by sniffing WiFi.

When [Craig] was taking a look at the disassembled firmware from his router, he noticed a bit of code that accessed the NVRAM used for storing device-specific information like a serial number. This bit of code wasn’t retrieving a WPS pin, but the WAN MAC address instead. Instead of being unique to each device and opaque to every other bit of data on the router, the WPS pin was simply generated (with a bit of math) from the MAC address. This means anyone upstream of the router can easily derive the WPS pin of the router, and essentially gives everyone the keys to the castle of this router.

A few years ago, it was discovered the WPS pin was extremely insecure anyway, able to be brute-forced in a matter of minutes. There are patches router manufacturers could apply to detect these brute force attacks, closing that vulnerability. [Craig]’s code, though, demonstrates that a very large number of D-Link routers effectively broadcast their WPS PIN to the world. To make things even worse, the BSSID found in every wireless frame is also derived from the WAN MAC address. [Craig] has literally broken WPS on a huge number of D-Link routers, thanks to a single engineer that decided to generate the WPS PIN from the MAC address.

[Craig] has an incomplete list of routers that are confirmed affected on his site, along with a list of confirmed unaffected routers.

An SDK for the ESP8266 WiFi Chip

The ESP8266 is a chip that turned a lot of heads recently, stuffing a WiFi radio, TCP/IP stack, and all the required bits to get a microcontroller on the Internet into a tiny, $5 module. It’s an interesting chip, not only because it’s a UART to WiFi module, allowing nearly anything to get on the Internet for $5, but because there’s a user-programmable microcontroller in this board. If only we had an SDK or a few libraries…

The ESP8266 SDK is finally here. A complete SDK for the ESP8266 was just posted to the Expressif forums, along with a VirtualBox image with Ubuntu that includes GCC for the LX106 core used in this module.

Included in the SDK are sources for an SSL, JSON, and lwIP library, making this a solution for pretty much everything you would need to do with an Internet of Things thing. As far as LX106 core is concerned, there’s example code for using the spare pins on this board as GPIOs, I2C and SPI busses, and a UART.

This turns the ESP8266 into something much better than a UART to WiFi module; now you can create a Internet of Things thing with just $5 in hardware. We’d love to see some examples, so put those up on hackaday.io and send them in to the tip line.

The ESP8266 Becomes a Terrible Browser

The ESP8266 are making their way over from China and onto the benches of tinkerers around the world for astonishing web-enabled blinking LED projects and the like. [TM] thought he could do something cooler with his WiFi to UART module and decided to turn one into a web browser.

There’s no new code running on the ESP8266 – all the HTML is being pushed through an Arduino Mega, requesting data from a server (in this case our fabulous retro edition), and sending the data to the Arduino serial console. The connection is first initiated with a few AT commands to the ESP module, then connecting to the retro server and finally dumping everything received to the console.

It’s not much – HTML tags are still displayed, and images are of course out of the question. The result, however, isn’t that much different from what you would get from Lynx, meaning now the challenge is open for an Arduino port of this ancient browser.

GCC for the ESP8266 WiFi Module

When we first heard about it a few weeks ago, we knew the ESP8266 UART to WiFi module was a special beast. It was cheap, gave every microcontroller the ability to connect to a WiFi network, and could – possibly – be programmed itself, turning this little module into a complete Internet of Things solution. The only thing preventing the last feature from being realized was the lack of compiler support. This has now changed. The officially unofficial ESP8266 community forums now has a working GCC for the ESP8266.

The ESP8266 most people are getting from China features a Tensilica Xtensa LX3 32-bit SOC clocked at 80 MHz. There’s an SPI flash on the board, containing a few dozen kilobytes of data. Most of this, of course, is the code to run the TCP/IP stack and manage the radio. There are a few k left over – and a few pins – for anyone to add some code and some extended functionality to this module. With the work on GCC for this module, it’ll be just a few days until someone manages to get the most basic project running on this module. By next week, someone will have a video of this module connected to a battery, with a web-enabled blinking LED.

Of course that’s not the only thing this module can do; at less than $5, it will only be a matter of time until sensors are wired in, code written, and a truly affordable IoT sensor platform is created.

If you have a few of these modules sitting around and you’d like to give the new compiler a go, the git is right here.