On a shopping trip at Aldi [Aaron Christophel] came across this Medion streaming device which connects to your home network via WiFi and works as an Internet radio. He couldn’t resist buying one, and managed to do quite a bit of hacking on the device (translated) once he got it home.
His first order of business was a hardware teardown. An inspection of the board showed what was obviously an unpopulated footprint for a USB mini jack. He added the component, thinking it would allow him to connect it to a computer, but that didn’t work. To investigate the issue further he connected to the device’s serial port using the hard-to-guess credentials root and password. It’s running a Linux kernel and the lsusb command revealed that the USB is enabled as host mode. This mean you can attach mass storage… sweet!
He also did some firmware hacking. Above is the confirmation screen for flashing his altered image file. This resulted in a custom splash screen when it boots up.
Interesting article. I always love it when these devices are unmasked for more fun :) Thanks for the info, Aaron!
So what was the point of doing that, and what was the point of this article if it didn’t
reveal the point of the original hack?
Nevermind, sorry, I just followed the link to answer my questions!
I love these kind of articles, nice to see someone taking something good and making it better.
i take everything apart what i get in hands :D
this is really nice, congratulations !
Great work indeed. I do not have Aldi in my country, does this device appear under different brands too or is it sold exclusively at Aldi?
I would expect to find it elsewhere as well. Aldi is a discount/generic grocery store. A few years ago, they started carrying a few small consumer electronics. Everything in the store is a generic brand, so I presume their electronics are standard chinese parts that get stamped with a hundred different names.
Medion is one of aldi’s brand names that they use for their electronic goods. They badge their laptops with this name as well – at least in their Australian stores.
Whoops just realised that didn’t actually answer anything. Lol :-)
Did he connect to an onboard serial port, or telnet over WiFi?
i connect it via telnet over WiFi
telnet over wifi
user: root
password: password
who would have tought ..
it seems that beat also supports iPods ..
I think i will get one from ebay as aldi has no stock and goods are always available for a week or two before they sell out :(
Great hack. I can’t wait until ALDI carries this wonderful device in Denmark for the next time.
Aldi is a great place for a lot of super-cheap items that can easily be modified to make them just as good or better than name-brand items. Sometimes, it’s things, much like this, that could be factory seconds with parts removed or just left out to make them less expensive.
Lidl also sells Medion stuff. Medion is not chinese. It actually sells good quality products at a lower price. sure not high end stuff but it’s good.
Now this is hacking! Good work!
the missing components around the usb connector are probably some anti ESD components like an VBUS053CZ and some decoupling caps and resistors
@AAron: How did you find out the password? What price did you pay at that time?
@Pedro: Medion is just a brand name for no-name (typically chinese) products. They do the brainding, testing and certification, AFAIK. I don’t think they do any production and judging by my email exchanges with tech support they are pretty unaware of what the products are made of.
@one:
Its not hard to guess a password, 90+% of embedded linux devices: Phones (http://hackaday.com/2012/11/01/playing-video-games-on-your-office-phone/), routers, access points, printers, set top boxes, this wifi music player (almost any streaming wifi connected device is linux nowadays) is usually set to one of these 6 username:password combinations.
root:root
root:password
root:(no password)
root:admin
admin:admin
admin:password
linux is very secure, but manufacturers never choose a secure password, it’s all about making the cheapest device possible.