The Terrible Devices Of The Internet Of Wrongs

Last week was Bsides London, and [Steve Lord] was able to give a talk about the devices that could pass for either a terrible, poorly planned, ill-conceived Internet of Things Kickstarter, or something straight out of the NSA toolkit. [Steve] built the Internet of Wrongs, devices that shouldn’t exist, but thanks to all this electronic stuff, does.

The WOL Box

WOL-eOriginally a project to assess the Arduino as a possible IoT platform, [Steve] created a horrible practical joke called the Wake On Lan box. [Steve]’s flatmate was convinced Apple makes superior hardware because his fully charged Macbook would last all day. As hardware (not software, never software) engineers are wont to do, [Steve] decided to salt the apple orchard and play a practical joke on his friend with a device that would constantly send Wake On Lan packets to Apple devices.

With an Arduino and a TI CC3000 WiFi shield, [Steve] set up this stack of boards to send out a Wake On Lan packet – basically a broadcast MAC address to a broadcast IP address with a destination port of 9. You will note this device could send Wake On Lan packets to every device on a network. Don’t do that. What did the device accomplish? Evil, but it also taught [Steve]’s flatmate about the merits of power management.

Thunderblade

Too many people on your network? Build a deauth box! This tiny device will look for DNS requests and responses on open WiFi networks. If certain keywords exist in the request or response, that device is deauthenticated from the network.

[Steve]’s Thunderblade deauth box is built around the Raspberry Pi Zero (yet another person in the pockets of Big Raspberry Pi, I guess), with a few lines of Python taking care of the job. Don’t build this device, either.

Loss over 1000 ft: 0.0dB

wifisdr-300x300[Steve] was playing around with the RTL-SDR TV Tuner dongle, the best way to get started in Software Defined Radio. One of the big problems with these radio dongles is simply getting the signal to a computer. You don’t want to do long coax runs, and the connectors on these TV tuner dongles are universally terrible.

Instead of losing half the signal in 10 feet of cable, [Steve] is simply plugging the RF end of the dongle directly into an antenna, and the USB end into a cheap router running OpenWrt. Run the rtlsdr package on the router, and you can work your SDR over the network with zero loss over coax.

These are cheap, simple, and stupid devices, but they’re not as cheap as they could be. [Steve] has been working with the $2 ESP8266 WiFi Module, and this tiny chip could easily replicate the functionality of the $30, Arduino-based WOL box. Need a WOL box and a deauth box? That’s the same price. Building terrible electronics has never been cheaper, and the devices have never been more disposable. Just don’t do it around us.

22 thoughts on “The Terrible Devices Of The Internet Of Wrongs

    1. I was thinking the minimal processing power of the router could cause a lot of functional limitations…still an interesting idea. I wonder if there’s a way to forward the USB traffic over the network and have a conventional PC handle the processing?

      1. Not sure if this would work.

        USB/IP: http://usbip.sourceforge.net
        >USB/IP Project aims to develop a general USB device sharing system over IP network. To share USB devices between computers with their full functionality, USB/IP encapsulates “USB I/O messages” into TCP/IP payloads and transmits them between computers.

        Too bad that they haven’t kept the Win32 side up to date as it went into Linux kernel.

      2. You’d probqbly do better just with a USB extension cable. You can get powered repeater cables if you need a lot of length. Dunno if there’s a limit. If the repeater re-syncs the pulses, there should be none.

          1. Argh, typo and hit post too early. 5 meter length limit for USB2.0. You CAN daisy-chain hubs or powered cables as long as you limit to 127 devices on the root hub. The “practical” limit is daisy-chaining 4 hubs, and if you do you will need to supply power to the hubs. In addition, there are a lot of devices that won’t work at that distance either way. USB3 has a “practical” limit of 3 meters, but will sometimes work longer for some devices. Same concerns regarding daisy-chaining, as far as I know.

          2. While the spec for USB 2.0 states 5 meters as the maximum cable length, with a USB over cat5 extender I’ve seen the maximum distance pushed out to 100 meters. We’ve had a few of these at my workplace and they’ve performed like champs in bending the rules.

      3. Erp, the rtlsdr stuff can forward the data over the network which is received by an application on the PC such as SDRSharp. The program on the PC is what does the processing. I’ve had this setup before.

  1. What’s so “terrible” about the SDR thing? Seems like a great idea in general. You might want to put a *little* bit of coax in line though. You’re going to want to keep the digital stuff as far away from the antenna as you can tolerate.

    1. I was wondering the same thing, but reading his blog post he says:

      “The RTL2832 chip is a common cheap chipset used in cheap USB DVB-T sticks. … There are many things you can do with these devices, but most of them are sadly unlawful where I live.”

      So I’m assuming he’s restricted to what he can receive where he lives in England.

      Very cool project though, I’d like to try it.

      1. As an aside, it’s difficult to tell from the picture, but in his blog post he mentions that he is using a GL.iNet 6416A router. He also says that the model AR150 uses the same chipset and has slightly better wifi.

        A quick search shows that both routers are commonly available on Amazon, eBay and Aliexpress for about the same price.

  2. These are the evilest thing i could imagine!
    Other wrongs: SSID DoS, SSID cursing, evil twin, phishing(please log in with google account on a free network), SSID data transfer protocol.
    Attaching a relay to a RPi switching off itself.

  3. “yet another person in the pockets of Big Raspberry Pi, I guess” or “I guess” the OP is in arduino’s pocket (or biased against PI for some other reason…)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.