This Week In Security: OpenOffice Vulnerable, IOS Vulnerable, Outlook… You Get The Idea

October 1, 2021 by 13 Comments

We start this week with a good write-up by [Eugene Lim] on getting started on vulnerability hunting, and news of a problem in OpenOffice’s handling of DBase files. [Lim] decided to concentrate on a file format, and picked the venerable dbase format, .dbf. This database format was eventually used all over the place, and is still supported in Microsoft Office, Libreoffice, and OpenOffice. He put together a fuzzing approach using Peach Fuzzer, and found a handful of possible vulnerabilities in the file format, by testing a very simple file viewer that supported the format. He managed to achieve code execution in dbfview, but that wasn’t enough.

Armed with a vulnerability in one application, [Lim] turned his attention to OpenOffice. He knew exactly what he was looking for, and found vulnerable code right away. A buffer is allocated based on the specified data type, but data is copied into this buffer with a different length, also specified in the dbase file. Simple buffer overflow. Turning this into an actual RCE exploit took a bit of doing, but is possible. The disclosure didn’t include a full PoC, but will likely be reverse engineered shortly.

Normally we’d wrap by telling you to go get the update, but OpenOffice doesn’t have a stable release with this fix in it. There is a release candidate that does contain the fix, but every stable install of OpenOffice in the world is currently vulnerable to this RCE. The vulnerability report was sent way back on May 4th, over 90 days before full disclosure. And what about LibreOffice, the fork of OpenOffice? Surely it is also vulnerable? Nope. LibreOffice fixed this in routine code maintenance back in 2014. The truth of the matter is that when the two projects forked, the programmers who really understood the codebase went to LibreOffice, and OpenOffice has had a severe programmer shortage ever since. I’ve said it before: Use LibreOffice, OpenOffice is known to be unsafe. Continue reading “This Week In Security: OpenOffice Vulnerable, IOS Vulnerable, Outlook… You Get The Idea”

Giant working NERF gun runs on Arduino.

Giant Working NERF Gun Runs On Tiny Arduino

October 1, 2021 by 8 Comments

Well, here it is: a shoe-in for the new world’s largest NERF gun. (Video, embedded below.) The Guinness people haven’t shown up yet to award [Michael Pick], but at 12.5 feet, this baby is over twice as long as the current record holder, which belongs to former NASA mechanical engineer Mark Rober and his now-puny six-foot six-shooter.

We have to wonder if it is technically bigger than the six-shooter, because they seem to be roughly the same scale, except that [Michael] chose a much bigger model to start from. The main body is made from wood, and there are a ton of 3D-printed details that make it look fantastically accurate. The whole thing weighs over 200 pounds and takes at least two people to move it around. We especially love the DIY darts that [Michael] came up with, which are made from a PVC tube inside a section of pool noodle, topped off with a 3D printed piece for that distinctive orange cap.

Propelling those darts at around 50 MPH is a 3,000 PSI air tank connected to an Arduino Pro Mini that controls the trigger and the air valves. While [Michael] hasn’t run the thing quite that high, it does plenty of damage in the neighborhood of 40-80 PSI. As you’ll see in the video after the break, this is quite the ranged weapon. Watch it blow a hole clean through a sheet of drywall and much more.

Want to build something with a bit more stealth? Make it death from above with a NERF quadcopter.

Continue reading “Giant Working NERF Gun Runs On Tiny Arduino”

Awesome Python Video Tutorials Keep You Motivated

October 1, 2021 by 21 Comments

Programming languages are one of those topics that we geeks have some very strong and often rather polarised opinions about. As new concepts in computing are dreamt up, older languages may grow new features, if viable, or get left behind when new upstarts come along and shake things up a bit. This scribe can remember his early days programming embedded systems, and the arguments that ensued when someone came along with a project that required embedded C++ or worse, Java, when we were mostly diehard C programmers. Fast forward a decade or two, and things are way more complicated. So much choice, so much opinion.

So it’s really nice to come across some truly unique and beautifully made Python tutorial videos, that are engaging and fun to watch. Fronted by Canadian actress [Ulka Simone Mohanty] who some may recognise from such lofty titles as the game “Magic: The Gathering Arena” and various films and TV shows, she delivers a dead-pan avatar-like presentation of the most important areas of Python. We were particularly amused by the comment “Loopus Interruptus” as the exception condition iterating off the end of a list. 

Continue reading “Awesome Python Video Tutorials Keep You Motivated”

The Ultimate BRRRT Simulator: Fully Featured A-10 Warthog Cockpit

September 30, 2021 by 26 Comments

The Fairchild Republic A-10 “Warthog” with its 30 mm rotary cannon has captured the imagination of friendly soldiers and military aviation enthusiasts on the ground for as long as it’s been flying. One such enthusiast created the Warthog Project, a fully functional A-10 cockpit for Digital Combat Simulator, that’s almost an exact copy of the real thing.

It started as a four monitor gaming cockpit, with a Thrustmaster Warthog H.O.T.A.S. The first physical instrument panels were fuel and electrical panels bought through eBay, and over time more and more panels were added and eventually moved to dedicated left and right side units. All the panels communicate with the main PC over USB, either using Arduinos or purpose-made gaming interface boards. The Arduinos take input from switches and control knobs, but also run 7-segment displays and analog dials driven by servos. The panels were all laser-cut using MDF or perspex and backlit using LEDs.

The main instrument panel is a normal monitor masked with laser-cut MDF and Thrustmaster multi-function display bezels. The cockpit is run by the open source Helios Cockpit Simulator for DCS. The main monitors were replaced by a large custom-built curved projection panel lit up by a pair of projectors. It seems this is one of those projects that is never quite finished, and small details like a compass get added from time to time. Everything is documented in detail, and all the design files are available for free if you want to build your own.

We’ve seen a few impressive simulator cockpit builds from hardcore enthusiasts over the years, including a Boeing 737, P-51 Mustang, and even a Mech cockpit for Steel Battalion. Continue reading “The Ultimate BRRRT Simulator: Fully Featured A-10 Warthog Cockpit”

Fourier Transforms (and More) Using Light

September 30, 2021 by 16 Comments

Linear transforms — like a Fourier transform — are a key math tool in engineering and science. A team from UCLA recently published a paper describing how they used deep learning techniques to design an all-optical solution for arbitrary linear transforms. The technique doesn’t use any conventional processing elements and, instead, relies on diffractive surfaces. They also describe a “data free” design approach that does not rely on deep learning.

There is obvious appeal to using light to compute transforms. The computation occurs at the speed of light and in a highly parallel fashion. The final system will have multiple diffractive surfaces to compute the final result.

Continue reading “Fourier Transforms (and More) Using Light”

Super 8 Camera Brought Back To Life

September 30, 2021 by 32 Comments

The Super 8 camera, while a groundbreaking video recorder in its time, is borderline unusable now. Even if you can get film for it (and afford its often enormous price), it still only records on 8mm film which isn’t exactly the best quality of film around, not to mention that a good percentage of these cameras couldn’t even record audio. They were largely made obsolete by camcorders in the late ’80s and early ’90s, although some are still used for niche artistic purposes. If you’d rather not foot the bill for the film, though, you can still put one of these to work with the help of a Raspberry Pi.

[befinitiv] has a knack for repurposing antique analog equipment like this while preserving its aesthetic. While the bulk of the space inside of this camera would normally be used for housing film, this makes a perfect spot to place a Raspberry Pi Zero, a rechargeable battery, and a power converter circuit all in a 3D printed enclosure that snaps into the camera just as a film roll would have. It uses the Pi camera module but still makes use of the camera’s built in optics which include a zoom function. [befinitiv] also incorporated the original record button so that from the outside this looks like a completely unmodified Super 8 camera.

The camera can connect to a WiFi network and can stream live video to a computer, or it can record video files to an internal SD card. As a bonus, thanks to the power converter circuit, it is also capable of charging a cell phone. [befinitiv] notes that many of the aesthetic properties of 8 mm film seem to be preserved when using this method, and he has several theories as to why but no definitive answer. If you’d like to take a look at some of his other projects like this, check out this analog camera that is now able to take digital pictures. Continue reading “Super 8 Camera Brought Back To Life”

Expanding On The Creation Of Collapsible Containers

September 30, 2021 by No comments

You might remember that industrial designer [Eric Strebel] tried to make a collapsible silicone container with 3D printed molds a few weeks ago, and was finally successful after dozens of attempts. Someone commented that commercial containers are molded in the collapsed position instead of the expanded position, so naturally, [Eric] had to try it once he saw the photographic proof of these molds.

Adding sand to a partially-cured silicone piece so it will take the shape of the expanded mold.This time around, [Eric] made things easier on himself by adding some handles to the mold and using both wax and spray mold release before pouring in the degassed silicone. The first one was a failure —  he had let it cure the whole time in the collapsed mold, and it just didn’t want to stay expanded. On the second attempt, [Eric] decided to pull the piece while it was curing, about 5 1/2 hours into the process.

After carefully de-molding the piece, he pressed it into the grooves of one of the older molds from the days of molding containers in the expanded state. Then he filled it with sand and let it cure the rest of the way. That worked out quite well, but even so, [Eric] made a third attempt that he pulled after 3.5 hours or so when the silicone was still sticky.  He did the sand trick again, but this time, he ran a piece of string up the wall and over the edge so that the air that gets trapped under the sand can escape. The final result looks great, albeit a little bit floppy, but [Eric] fits the final product into a frame that makes them much sturdier. Check out the process in the video after the break.

Did you miss the first installment? It’s worth a look into the science of creating collapsible walls.

Continue reading “Expanding On The Creation Of Collapsible Containers”