WiFiWart Linux Pentesting Device Gets First PCBs

July 3, 2021 by Tom Nardi 15 Comments

When we last checked in on the WiFiWart, an ambitious project to scratch-build a Linux powered penetration testing drop box small enough to be disguised as a standard phone charger, it was still in the early planning phases. In fact, the whole thing was little more than an idea. But we had a hunch that [Walker] was tenacious enough see the project through to reality, and now less than two months later, we’re happy to report that not only have the first prototype PCBs been assembled, but a community of like minded individuals is being built up around this exciting open source project.

Now before you get too excited, we should probably say that the prototypes didn’t actually work. Even worse, the precious Magic Smoke was released from the board’s Allwinner A33 ARM SoC when a pin only rated for 2.75 V was inadvertently fed 3.3 V. The culprit? Somehow [Walker] says he mistakenly ordered a 3.3 V regulator even though he had the appropriate 2.5 V model down in the Bill of Materials. A bummer to be sure, but that’s what prototypes are for.

Even though [Walker] wasn’t able to fire the board up, the fact that they even got produced shows just how much progress has been made in a relatively short amount of time. A lot of thought went into how the 1 GB DDR3 RAM would get connected to the A33, which includes a brief overview of how you do automatic trace length matching in KiCad. He’s also locked in component selections, such as the RTL8188CUS WiFi module, that were still being contemplated as of our last update.

Multiple boards make better use of vertical space.

Towards the end of the post, he even discusses the ultimate layout of the board, as the one he’s currently working on is just a functional prototype and would never actually fit inside of a phone charger. It sounds like the plan is to make use of the vertical real estate within the plastic enclosure of the charger, rather than trying to cram everything into a two dimensional design.

Want to get in on the fun, or just stay updated as [Walker] embarks on this epic journey? Perhaps you’d be interested in joining the recently formed Open Source Security Hardware Discord server he’s spun up. Whether you’ve got input on the design, or just want to hang out and watch the WiFiWart get developed, we’re sure he’d be happy to have you stop by.

The first post about this project got quite a response from Hackaday readers, and for good reason. While many in the hacking and making scene only have a passing interest in the security side of things, we all love our little little Linux boards. Especially ones that are being developed in the open.

An OSHW IR Remote Control Powered By The ATtiny13A

July 2, 2021 by Tom Nardi 15 Comments

The new hotness in consumer electronics might be RF remotes based on protocols like Bluetooth Low Energy, but there’s still plenty of life left in the classic infrared remote. Especially with projects like TinyRemoteXL from [Stefan Wagner], which let you build and program an IR “clicker” of your own. Whether you want to spin up your own custom universal remote or create a beefed up version of the TV-B-Gone, this open source effort is a great place to start.

As you might have guessed from the name, this project is actually a larger version of the TinyRemote that [Stefan] put together previously. The documentation for that project goes a bit more into the nuts and bolts of talking IR, and is definitely worth a read if you’re into the low level stuff. For the original five button TinyRemote, the hardware consists of little more than a ATtiny13A microcontroller, a pair of IR LEDs, and the transistors to drive them.

But on the XL, things are a bit trickier as there are now twelve buttons for the ATtiny13A to read. Obviously there aren’t enough pins to read so many buttons directly, but with a combination of BAS16TW diode arrays and resistors, [Stefan] is able to detect what button was pressed using the chip’s interrupt pin and ADC. Certainly a handy trick to have in the back of your mind, and the open source nature of this project gives you a great chance to see how it’s implemented.

Between this project and the impressive development board [Djordje Mandic] released recently, it seems we’re looking at something of an infrared hacking revival. Earlier this year we even saw the commercial release of an IR-equipped ESP8266 board.

This Horrifying Robot Is Here To Teach You A Lesson

July 1, 2021 by Tom Nardi 8 Comments

No, despite what it might look like, this isn’t some early Halloween project. The creepy creation before you is actually a tongue-in-cheek “robot” created by the prolific [Nick Bild], a topical statement about companies asking their remote workers to come back into the office now that COVID-19 restrictions are being lifted. Why commute every day when this ultra realistic avatar can sit in for you?

OK, so maybe it’s not the most impressive humanoid creation to ever grace the pages of Hackaday. But if you’re looking to spin up a simple telepresence system, you could do worse than browsing through the Python source code [Nick] has provided. Using a Raspberry Pi 4, a webcam, and a microphone, his client-server architecture combines everything the bot sees and hears into a simple page that can be remotely accessed with a web browser.

Naturally this work from home (WFH) bot wouldn’t be much good if it was just a one-way street, so [Nick] has also added a loudspeaker that replays whatever he says on the client side. To prevent a feedback loop, his software includes a function that toggles which direction the audio stream goes in by passing the appropriate commands to the bot over SSH; a neat trick to keep in mind for your own, less nightmarish, creations.

If you’re looking for something a bit more capable and have some cardboard laying around, this DIY telepresence mount for your phone might be a good place to start.

Continue reading “This Horrifying Robot Is Here To Teach You A Lesson” →

ESP32 Turned Handy SWD Flasher For NRF52 Chips

July 1, 2021 by Tom Nardi 9 Comments

Got an nRF52 or nRF51 device you need to flash? Got an ESP32 laying around collecting dust? If so, then firmware hacking extraordinaire [Aaron Christophel] has the open source code you need. His new project allows the affordable WiFi-enabled microcontroller to read and write to the internal flash of Nordic nRF52 series chips via their SWD interface. As long as you’ve got some jumper wires and a web browser, you’re good to go.

In the first video below [Aaron] demonstrates the technique with the PineTime smartwatch, but the process will be more or less the same regardless of what your target device is. Just connect the CLK and DIO lines to pins GPIO 21 and GPIO 19 of the ESP32, point your web browser to its address on the local network, and you’ll be presented with a straightforward user interface for reading and writing the chip’s flash.

As demonstrated in the second video, with a few more wires and a MOSFET, the ESP32 firmware is also able to perform a power glitch exploit on the chip that will allow you to read the contents of its flash even if the APPROTECT feature has been enabled. [Aaron] isn’t taking any credit for this technique though, pointing instead to the research performed by [LimitedResults] to explain the nuts and bolts of the attack.

We’re always excited when a message from [Aaron] hits the inbox, since more often that not it means another device has received an open source firmware replacement. From his earlier work with cheap fitness trackers to his wildly successful Bluetooth environmental sensor hacking, we don’t think this guy has ever seen a stock firmware that he didn’t want to immediately send to /dev/null.

Continue reading “ESP32 Turned Handy SWD Flasher For NRF52 Chips” →

Pi Pico Game Boy Flash Cart Gets Slim RP2040 Upgrade

July 1, 2021 by Tom Nardi 10 Comments

The story for this one starts a few months ago, when [John Green] released his PICO-GB project. His code allowed the Raspberry Pi Pico to stand in for a Game Boy cartridge, complete with a simple text menu that let the user select between ROMs that had been baked into the microcontroller’s firmware. The project was particularly notable for the fact that it was entirely a software solution; while a custom breakout cartridge made for a handy temporary solution, you could have permanently wired the Pico’s pins directly to the Game Boy’s cartridge connector if you wanted to.

PICO-GB running on the full-size Pi Pico

Then in early June, the RP2040 chip that powers the Pi Pico went up for sale in single unit quantities. That opened up the possibility of building the PICO-GB functionality into a cartridge small enough to actually fit inside the Game Boy. So [Martin “HDR” Refseth] got to work creating the slick cartridge PCB you’re seeing now.

The RP2040 is joined by a trio of Texas Instruments TXB0108 level shifters, and there’s a spot for adding a SPI flash chip. The RP2040 supports a maximum of 16 MB of external flash, but given the size of Game Boy games were generally measured in kilobytes, that shouldn’t pose much of a problem.

Looking ahead, the original PICO-GB documentation mentions enhancements like loading ROMs from SD card, as well as hardware additions like a real-time-clock for the more advanced games that supported it. We assume those concepts will become part of [Martin]’s PCB eventually, but these are still early days.

We’ve seen Game Boy cartridge emulation with a microcontroller in the past, but we’re exited to see how the unique capabilities of the Raspberry Pi Foundation’s custom silicon can improve the state-of-the-art.

[Thanks to Itay for the tip.]

Handheld Hackintosh Runs Mac OS On LattePanda

June 30, 2021 by Tom Nardi 16 Comments

We’ve seen a huge influx of bespoke portable computers over the last couple of years thanks to availability of increasingly powerful single-board computers. The vast majority of these have been ARM powered using something like the Raspberry Pi 4, and naturally, run Linux. Only a handful have run on x86 hardware, usually because whoever built it wanted to be able to run Windows.

But this handheld x86 Hackintosh running the latest Mac OS on the LattePanda Alpha is truly something unique. Creator [iketsj] claims it to be a world’s first, and after a bit of searching, we’re inclined to agree. While others have installed Mac OS on the LattePanda to create Hackintosh laptops, this would indeed appear to be the first handheld computer to utilize this particular hardware and software blend.

Like other custom portables we’be seen, this one starts with a 3D printed enclosure. The overall design reminds us a bit of the YARH.IO we covered last year, and even borrows the trick of reusing the membrane and PCB of one of those miniature keyboard/pointer combos. Which in this case ends up being especially important, as in keeping with Apple’s own portable Mac OS machines, the screen on this handheld doesn’t support touch.

We especially like how the integrated Arduino on the LattePanda is being used in conjunction with some MOSFETs to control power to the handheld’s LCD, keyboard, and fans. While it sounds like the fans are currently running at full throttle, [iketsj] mentions he does intend on adding automatic speed control in the future. A dedicated “chassis controller” like this makes a lot of sense, and is something we imagine will only become more common as these portable builds become increasingly complex.

Now that we’ve seen a custom portable computer running Mac OS, are we due to see a whole new wave of cyberdecks sporting Cupertino’s software in the future? Maybe not. As [iketsj] points out at the end of this video, Apple’s switch from x86 to their own in-house silicon will almost certainly mean the death of the Hackintosh project within the next few years, bringing a fascinating era of computer hacking to a close.

Continue reading “Handheld Hackintosh Runs Mac OS On LattePanda” →

SMART Response XE Turned Pocket BASIC Playground

June 29, 2021 by Tom Nardi 13 Comments

Ever since the SMART Response XE was brought to our attention back in 2018, we’ve been keeping a close lookout for projects that make use of the Arduino-compatible educational gadget. Admittedly it’s taken a bit longer than we’d expected for the community to really start digging into the capabilities of the QWERTY handheld, but occasionally we see an effort like this port of BASIC to the SMART Response XE by [Dan Geiger] that reminds us of why we were so excited by this device to begin with.

This project combines the SMART Response XE support library by [Larry Bank] with Tiny BASIC Plus, which itself is an update of the Arduino BASIC port by [Michael Field]. The end result is a fun little BASIC handheld that has all the features and capabilities you’d expect, plus several device-specific commands that [Dan] has added such as BATT to check the battery voltage and MSAVE/MLOAD which will save and load BASIC programs to EEPROM.

To install the BASIC interpreter to your own SMART Response XE, [Dan] goes over the process of flashing it to the hardware using an AVR ISP MkII and a few pogo pins soldered to a bit of perboard. There are holes under the battery door of the device that exposes the programming pads on the PCB, so you don’t even need to crack open the case. Although if you are willing to crack open the case, you might as well add in a CC1101 transceiver so the handy little device can double as a spectrum analyzer.

Continue reading “SMART Response XE Turned Pocket BASIC Playground” →