This Week In Security: Firewall 0-day, Apple’s Response, And An Android Bluetooth Bug

May 1, 2020 by 8 Comments

Sophos firewall appliances are actively being attacked by a 0-day exploit chain that originates with a SQL injection. That injection is a nasty one, as it can be launched from the WAN user portal. The observed attack used that vulnerability to inject a shell command into the device database, where it would eventually be run automatically. If you have an affected Sophos device, go check that the hotfix was automatically installed.

While the vulnerability was a bad one, Sophos’ response here is laudable. They publicly disclosed the attack less than 24 hours after they were notified of it’s existence in the wild, and began rolling a fix out within three days. Additionally, Sophos engineers did a really detailed write-up (linked above) giving us all the details of the attack. The hotfix that closes the vulnerability also attempts to clean up the infection, although there are some additional manual steps that are suggested if your device was compromised. Continue reading “This Week In Security: Firewall 0-day, Apple’s Response, And An Android Bluetooth Bug”

Custom Bluetooth Joystick In A Nunchuk Shell

April 26, 2020 by 2 Comments

With the Wii’s unique controller, Nintendo not only provided new gaming experiences to players, but gave hardware hackers a platform for experimentation that’s still going strong. Case in point, this modification of a third party Wii “Nunchuk” by [Giliam de Carpentier] that turns the accessory into a stand-alone wireless controller powered by a ATtiny44A.

Milling a new home for the AVR

It turns out there’s a considerable amount of free space inside the Nunchuk case, so [Giliam] found adding in the new hardware wasn’t nearly as difficult as you might expect. Of course, it helps that the diminutive SMD ATtiny44A and its support hardware are housed on a very neatly milled PCB that attaches to the back of the original board.

Most of the other hardware comes in the form of modular components, like the Bluetooth transmitter and TP4056 charge controller for the 300 mAh battery. A micro USB charging port is mounted where the original Nunchuk cable entered the case, making the whole thing look very professional.

Even if you aren’t interested in making your own controller, [Giliam] covers many interesting topics in this write-up such as handling different methods of Bluetooth connectivity and various power management techniques to eke out as much life from the relatively small battery as possible. It’s not only a fascinating read, but a great example of what thorough project documentation should look like.

In the past we’ve seen Bluetooth conversions for the Wii Nunchuck, but traditionally they left the original electronics in place. On the other side of the spectrum, we’ve also seen the internals get replaced with something as powerful as the Raspberry Pi Zero.

Continue reading “Custom Bluetooth Joystick In A Nunchuk Shell”

ESP32 Refines Game Boy Bluetooth Adapter

April 21, 2020 by 6 Comments

Last year we brought word of a project from [Shyri Villar] that turned a stock Game Boy Advance into a Bluetooth controller by exploiting the system’s “multiboot” capability. The prototype hardware was a bit ungainly, but the concept was certainly promising. We’re now happy to report that the code has been ported over to the ESP32, making the project far more approachable.

To clarify, the ESP32 is now theĀ only component required for those who want to play along at home. Just five wires connect the microcontroller to the GBA’s Link Cable connector, which is enough to transfer a small ROM over to the system and ferry user input to the Bluetooth hardware. Even if you aren’t interested in using it as a game controller, this project is an excellent example of how you can get your own code running on a completely stock GBA.

While the original version of the hardware was a scrap of perfboard dangling from the handheld’s expansion connector, reducing the part count to one meant [Shyri] was able to pack everything into a tidy enclosure. Specifically, a third party GBA to GameCube link cable. This not only provides a sleek case for the microcontroller that locks onto the handheld with spring loaded tabs, but also includes a male Link Cable connector you can salvage. It looks as though there’s a bit of plastic trimming involved to get the ESP32 to fit, but otherwise its a very clean installation.

The GBA will be 20 years old soon, but that doesn’t mean the hardware and software exploration is over. The original Game Boy is over 30, and people are still giving talks about it.

Bluetooth Intervalometer Makes Time Lapses Easy

February 21, 2020 by 5 Comments

Taking timelapses is a fun pastime of many a photographer. While most modern cameras have some features to pull this off, if you want to get really into it, you’ll want an intervalometer to run the show. Chasing just that, [Zach] decided that rather than buying off-the-shelf, a DIY build was in order.

The build relies on an Arduino Nano to run the show, in combination with the popular HC-05 Bluetooth module. The Bluetooth module allows the device to communicate with a smartphone app which [Zach] created using RoboRemo. This is a platform that makes creating custom USB, WiFI and Bluetooth apps easy for beginners. The app sends instructions to the intervalometer regarding the number of photos to take, and the time to wait between each shot. Then, it triggers the time lapse, and the Arduino triggers the camera by shorting the relevant pins on a TRS plug inserted into the camera.

It’s a straightforward build that most hackers could probably complete with parts from the junk box. Plus, building your own offers the possibility of customising it exactly to your needs. Of course, you can eschew modernity and do things mechanically instead. Video after the break.

Continue reading “Bluetooth Intervalometer Makes Time Lapses Easy”

Emulating A Bluetooth Keyboard With The ESP32

February 13, 2020 by 15 Comments

Most people associate the ESP family of microcontrollers with WiFi, which makes sense as they’ve become the solution of choice for getting your project online quickly and easily. But while the WiFi capability might be the star of the show, the ESP32 also comes equipped with Bluetooth; we just don’t see people using it nearly as often. If you’re looking to get started using Bluetooth on the ESP32, then this simple wireless macro keypad from [Brian Lough] would be a great way to get started.

From a hardware standpoint, this project is incredibly straightforward. All you need to do is connect a membrane keypad up to the GPIO pins on the ESP32. Adding in a battery is a nice touch, and you probably would want to put it into a enclosure of some sort, but as a proof of concept it doesn’t get much easier than this. In this case [Brian] is using the TinyPICO board, but your personal ESP32 variant of choice will work just as well.

The rest of the project is all software, which [Brian] walks us through in the video after the break. There’s a preexisting library for Bluetooth Human Interface Device (HID) emulation on the ESP32, but it needs to be manually installed in the Arduino IDE. From there, he demonstrates how you can build up a functioning keyboard, including tricks such as sending multiple virtual keys at once.

In the past we’ve seen the ESP32 used to create a Bluetooth game controller, but the ability to emulate a keyboard obviously offers quite a bit more flexibility. With a practical demonstration of how easy as it is to turn this low-cost microcontroller into a wireless input device, hopefully we’ll start seeing more projects that utilize the capability.

Continue reading “Emulating A Bluetooth Keyboard With The ESP32”

How To Hack A Portable Bluetooth Speaker By Skipping The Bluetooth

February 4, 2020 by 54 Comments

Portable Bluetooth speakers have joined the club of ubiquitous personal electronics. What was once an expensive luxury is now widely accessible thanks to a prolific landscape of manufacturers mass producing speakers to fit every taste and budget. Some have even become branded promotional giveaway items. As a consequence, nowadays it’s not unusual to have a small collection of them, a fertile field for hacking.

But many surplus speakers are put on a shelf for “do something with it later” only to collect dust. Our main obstacle is a side effect of market diversity: with so many different speakers, a hack posted for one speaker wouldn’t apply to another. Some speakers are amenable to custom firmware, but only a small minority have attracted a software development community. It doesn’t help that most Bluetooth audio modules are opaque, their development toolchains difficult to obtain.

So what if we just take advantage of the best parts of these speakers: great audio fidelity, portability, and the polished look of a consumer good, to serves as the host for our own audio-based hacks. Let’s throw the Bluetooth overboard but embrace all those other things. Now hacking these boxes just requires a change of mindset and a little detective work. I’ll show you how to drop an Arduino into a cheap speaker as the blueprint for your own audio adventures.

Continue reading “How To Hack A Portable Bluetooth Speaker By Skipping The Bluetooth”

Poking Around The Wide World Of Bluetooth

January 30, 2020 by 8 Comments

Bluetooth is a technology with a very interesting history. When it first came around in the late 1990s, it promised to replace the mess of wires that was tucked behind every desk of the day. Unfortunately, the capabilities of early Bluetooth didn’t live up to the hype, and it never quite took off. It wasn’t until the rise of the smartphone more than a decade later that Bluetooth, now several versions more advanced, really started to make sense.

As [Larry Bank] explains in a recent blog post, that means there’s a whole lot to learn if you want to really understand Bluetooth hacking. For example, the Bluetooth versions that were used in the 1990s and 2000s are actually a completely different protocol from that which most modern devices are using. But the original protocol, now referred to as “Classic”, is still supported and in use.

That means to really get your head wrapped around working with Bluetooth, you need to learn about the different versions and all the tools and tricks associated with them. To that end, [Larry] does a great job of breaking down the primary versions of Bluetooth and the sort of tools you might find yourself using. That includes microcontrollers such as the ESP32 or Arduino Nano 33 BLE.

But the post isn’t just theory. [Larry] also goes over a few real-world projects of his that utilize Bluetooth, such as getting a portable printer working with his Arduino, or figuring out how to use those tiny mobile phone game controllers for his own purposes. Even if you don’t have these same devices, there’s a good chance that the methods used and lessons learned will apply to whatever Bluetooth gadgets you’ve got your eye on.

Readers may recall [Larry] from our previous coverage of his exploits, such as his efforts to increase the frame rate of the SSD1306 OLED display or his wireless bootloader for the SMART Response XE. Whenever we see his name pop up in the Tip Line, we know a fascinating hardware deep dive isn’t far behind.