Extracting The WiFi Firmware And Putting Back A Keylogger

July 20, 2021 by 35 Comments

In the interest of simplification or abstraction, we like to think of the laptop on the kitchen table as a single discrete unit of processing. In fact, there is a surprisingly large number of small processors alongside the many cores that make up the processor. [8051enthusiast] dove into the Realtek rtl8821ae WiFi chip on his laptop and extracted the firmware. The Realtek rtl8821ae chip is a fairly standard Realtek chip as seen in this unboxing (which is where the main image comes from).

True to his name, [8051enthusiast] was pleased to find that the rtl8821ae was clearly based on the Intel 8051. The firmware was loaded on startup from a known file path and loaded onto the chip sitting in an M.2 slot. Careful consideration, [8051enthusiast] reasoned that the firmware was using RTX51 Tiny, which is a small real-time kernel.

The firmware is loaded at 0x4000 but it calls to code below that address, which means there is a ROM on the chip that contains some code. The easiest way to extract it would be to write some custom code that just copies the masked ROM back to the main CPU via the shared memory-mapped config space, but the firmware is checksummed by the masked ROM code. However, the checksum is just a 16-bit XOR. With a tweak in the kernel to allow accessing the shared config space from userspace, [8051enthusiast] was on his way to a complete firmware image.

Next, [8051enthusiast] looked at what could be done with his newfound hackability. The keyboard matrix is read by the Embedded Controller (EC), which happens to be another 8051 based microcontroller. There also happens to be an RX and a TX trace from the EC to the m.2 slot (where the rtl8821ae is). This has to do with 0x80 postcodes from the processor being routed out somewhere accessible via the EC. With a bit of custom code on both the EC and the WiFi chip, [8051enthusiast] had a keylogger that didn’t run on the main processor broadcasting the PS/2 keystrokes as UDP packets.

Of course, there are plenty of other 8051 based devices out there just waiting to be discovered. Like this 8051 based e-ink display controller.

[Main image source: Realtek RTL8821AE unboxing on YouTube by Евгений Горохов]

The Gatwick Drone: Little By Little, The Story Continues To Unravel

July 20, 2021 by 96 Comments

If you remember the crazy events in the winter of 2018 as two airports were closed over reports of drone sightings, you might be interested to hear that there’s still a trickle of information about those happenings making it into the public domain as Freedom of Information responses.

Three Christmases ago the news media was gripped by a new menace, that of rogue drones terrorising aircraft. The UK’s Gatwick airport had been closed for several days following a spate of drone sightings, and authorities thundered about he dire punishments which would be visited upon the perpetrators when they were caught. A couple were arrested and later quietly released, and after a lot of fuss the story quietly disappeared.

Received Opinion had it that a drone had closed an airport, but drone enthusiasts, and Hackaday as a publication in their sphere, were asking awkward questions about why no tangible evidence of a drone ever having been present had appeared. Gradually the story unravelled with the police and aviation authorities quietly admitting that they had no evidence of a drone, and a dedicated band of drone enthusiasts has continues to pursue the truth about those few winter nights in 2018. The latest results chase up the possibility that the CAA might have received a description of the drone, and why when a fully functional drone detection system had been deployed and detected nothing they continued with the farce of closing the airport.

Perhaps the saddest thing about these and other revelations about the incident which have been teased from the authorities is that while they should fire up a scandal, it seems inevitable that they won’t. The police, the government, and the CAA have no desire to be reminded of their mishandling of the event, neither except for a rare bit of mild questioning do the media wish to be held to account for the execrable quality of their reporting. The couple who were wrongly arrested have not held back in their condemnation, but without the attention of any powerful vested interests it seems that some of the measures brought in as a response will never be questioned. All we can do is report any new developments in our little corner of the Internet, and of course keep you up to date with any fresh UK police drone paranoia.

Smart Mirror Talks To 3D Printers

July 19, 2021 by 2 Comments

As time goes by, it’s only getting easier to make a magic mirror. You know, a mirror connected to the internet that shows information like news, weather, or whatever you want, right there on top of your stunning visage. In [Forsyth Creations]’ case, that data includes 3D printer activity on the network — something that’s way more relevant to daily life than say, headlines about Kim Jong Un’s weight loss progress. The build video is embedded below.

Thanks to projects like [MichMich]’s MagicMirror, everything is done with modules, including really useful things such as OctoMirror that let you keep an eye on your 3D printer(s) using OctoPrint.

The electronics are pretty simple here — [Forsyth Creations] used the guts of an old monitor for the display and a Raspberry Pi to serve up the modules as a web page. The only tricky part is power, because the LCD is going to need so much more voltage than the Pi and the absolutely necessary LEDs around the edge, but a couple of buck converters do the trick.

After stripping the monitor of all of its unnecessary plastic, [Forsyth Creations] cut rear and front frames to support the electronics. That isn’t a piece of mirror glass, it’s actually one-way acrylic which is lighter and somewhat cheaper. [Forsyth Creations] designed and printed some corner support brackets that double as leveling screw holders to get the acrylic panel dialed in just right, and you can get these for yourself from GitHub. We think this would be a good early woodworking project or something for a long weekend. [Forsyth Creations] built this in three days on an apartment balcony using a minimum of tools.

We especially admire that once it was done, he hung it up with a French cleat. Those are so useful.

Continue reading “Smart Mirror Talks To 3D Printers”

Software Defined… CPU?

July 19, 2021 by 45 Comments

Everything is better when you can program it, right? We have software-defined radios, software-defined networks, and software-defined storage. Now a company called Ascenium wants to create a software-defined CPU. They’ve raised millions of dollars to bring the product to market.

The materials are a bit hazy, but it sounds as though the idea is to have CPU resources available and let the compiler manage and schedule those resources without using a full instruction set. A system called Aptos lets the compiler orchestrate those resources.

Continue reading “Software Defined… CPU?”

DIY Camera Dolly Costs More Time Than Money

July 19, 2021 by 14 Comments

A camera dolly can be fantastic filmmaking tool, and [Cornelius] was determined to create his own version: the “Dope” DIY Dolly. The result not only upped his production quality, but was also entirely in line with his DIY approach to filmmaking in general.

A basic dolly design is straightforward enough: a flat platform with wheels, and some aluminum tubing upon which to roll. But while dolly assemblies are easy to purchase or rent, [Cornelius] found that his DIY version — which used easily sourced parts and about 80 hours worth of 3D printing — provided perfectly acceptable results, while opening the door to remixing and sharing with like-minded filmmakers.

Interested? Download the STL files to get started on your own version. As for the track, smooth metal pipe is best, but sometimes track made from PVC can do the job. [Cornelius] has a few additional STL files for those planning to make a base from 1″ PVC pipe, and those are on a separate download link near the bottom of the project page (here’s that link again.) Watch the Dope Dolly in action in the brief video embedded below.

On the other hand, if you prefer your DIY camera equipment to be on the smaller and more complicated end of the spectrum, be sure to check out this multi-axis camera slider.

Continue reading “DIY Camera Dolly Costs More Time Than Money”

Reimagine Supportive Tech For The Newest Hackaday Prize Challenge

July 19, 2021 by 7 Comments

Beginning right now, the 2021 Hackaday Prize challenges you to Reimagine Supportive Tech. Quite frankly, this is all about shortcuts to success. Can we make it easier for people to learn about science and technology? Can we break down some barriers that keep people from taking up DIY as a hobby (or way of life)? What can we do to build on the experience and skill of one another?

For instance, to get into building your own electronics, you need a huge dedicated electronics lab, right? Of course that’s nonsense, but we only know that because we’ve already been elbow-deep into soldering stations and vacuum tweezers. To the outsider, this looks like an unclimbable mountain. What if I told you that you could build electrics at any desk, and make it easy to store everything away in between hacking sessions? That sounds like a job for [M.Hehr’s] portable workbench & mini lab project. Here’s a blueprint that can take a beginner from zero to solder smoke while having fun along the way.

What about breaking down complex topics into something us newbies can swallow? Radio signals are all around us, but again the barriers to getting into SDR are many and varied. A great bit of supportive tech would be a project that shows simple hardware and shares a virtual machine with the open source software toolchain already set to go. A beginner could pick something like this up and be listening for transponders from airplanes passing by in a matter of hours.

If you’re reading this, chances are you’ve spent countless joyful hours learning how to do some difficult and fascinating stuff. Share the wealth!  Take an existing hardware concept and make it modular and easy to use. Refine an existing design to make it more approachable for users with any range of mobility challenges. Or pull together a beginner-friendly project to move STEM education forward.

Ten finalists from this round will win $500 and be shuttled onto the final round judging in October for a chance at the $25,000 Hackaday Prize and four other top prizes. Start your project page on Hackaday.io and use the dropdown in the left sidebar to enter it into the 2021 Hackaday Prize.

The HackadayPrize2021 is Sponsored by:

An OLED Photo Frame Powered By The ATtiny85

July 19, 2021 by 10 Comments

Rolling your own digital picture frame that loads images from an SD card and displays them on an LCD with a modern microcontroller like the ESP32 is an afternoon project, even less if you pull in somebody else’s code. But what if you don’t have the latest and greatest hardware to work with?

Whether you look at it as a practical application or an interesting experiment in wringing more performance out of low-end hardware, [Assad Ebrahim]’s demonstration of displaying digital photographs on an OLED using the ATtiny85 is well worth a look. The whole thing can put put together on a scrap of perfboard with a handful of common components, and can cycle through the five images stored on the chip’s flash memory for up to 20 hours on a CR2032 coin cell.

As you might expect, the biggest challenge in this project is getting all the code and data to fit onto the ATtiny85. To that end [Assad] wrote his own minimal driver for the SSD1306 OLED display, as the traditional Adafruit code took up too much space. The driver is a pretty bare bones implementation, but it’s enough to initialize the screen and get it ready for incoming data. His code also handles emulating I2C over Atmel’s Universal Serial Interface (USI) at an acceptable clip, so long as you bump the chip up to 8 MHz.

For the images, [Assad] details the workflow he uses to take the high-resolution color files and turn them into an array of bytes for the display. Part of that it just scaling down and converting to 1-bit color, but there’s also a bit of custom Forth code in the mix that converts the resulting data into the format his code expects.

This isn’t the first time we’ve seen somebody use one of these common OLED displays in conjunction with the ATtiny85, and it’s interesting to see how their techniques compare. It’s not a combination we’d necessarily chose willingly, but sometimes you’ve got to work with whats available.