Reverse Engineering A Modern IP Camera

March 28, 2019 by 51 Comments

Security cameras used to be analog devices feeding back into a room full of tiny screens and commercial grade VCRs. As technology moved forward, IP cameras began to proliferate. Early models simply presented a video stream and configuration page to the local network. Modern models aimed at the home market differ however. More often than not, configuration is through a strange smartphone app, and video is accessed through third-party servers. It’s all a bit oblique, and so [Alex] decided to take a look under the hood. 

The exploration begins externally, with [Alex] capturing data sent to and from the camera with Wireshark. Straight away, red flags are raised. For as yet unknown reasons, the camera attempts to resolve Google, Facebook and Alibaba servers over DNS. Disassembly then follows, revealing that a serial terminal with root access is available. [Alex] uses this to probe around, uncovering the firmware update script and a way to decrypt said updates.

The work thus is a great example of how to approach hacking a given device from first principles. The overall goal is to find a way to gain complete control over the camera, reprogramming it to serve up video as [Alex] wishes, rather than to a distant third party server. It’s not the first time we’ve seen an IP camera hacked, and we doubt it will be the last. If you’ve got one cracked, be sure to let us know.

Ammo Can Holds A 14,000 Lumen LED Flashlight

March 28, 2019 by 10 Comments

For most people, a flashlight is just something you keep in a drawer in the kitchen in case the power goes out. There’s even a good chance your “flashlight” is just an application on your phone at this point. But as we’ve seen many times before from mechanical keyboards to Power Wheels, hardcore niche communities can develop around the most innocuous pieces of hardware; and the lowly flashlight is no different.

Case in point, this 14,000 lumen LED flashlight built by [Bryson Hicks]. Designed around a 100 watt module from Stratus LED, the flashlight uses a number of 3D printed components to make itself at home in a suitably hardcore enclosure: a metal ammo can. With the addition of some modular electronics and a rather slick little control panel, his light is ready to deliver an unreasonable level of brightness anywhere he wishes.

The Stratus LED module includes its own driver, and just needs to be hooked up to a suitably beefy power source to do its thing. [Bryson] went with a 4500 mAh LiPo battery that he says gets him about a one hour runtime at full brightness. For somewhat less intense operation, he’s added a potentiometer which interfaces with the module’s driver board to control the LED output. Considering how fast the light sucks down the juice, adding a small LCD battery charge indicator to the top of the device seems like it was a prudent decision.

To prevent you from cooking anyone’s eyes at close range, the light requires you to first “arm” it by flipping the military style protected switch. Once the switch is in the on position, an illuminated push button is used to actually turn the LED module on and off. You can also snap the toggle switch back into the closed and covered position if you needed to kill the light in a hurry.

This isn’t the first preposterously bright LED flashlight we’ve seen around these parts. There’s something of an arms-race between hackers and makers to develop increasingly bright lights they can carry around, on the off chance they need to illuminate an entire neighborhood.

An Air Quality Monitor That Leverages The Cloud

March 28, 2019 by 9 Comments

Air quality has become an increasing concern in many urban areas, due to congestion and our ever-increasing energy use. While there are many organisations that task themselves with monitoring such data, it’s also something anyone should be able to take on  at home. [Chrisys] is doing just that, with some impressive logging to boot.

The build starts with a Raspberry Pi Zero W, which offers the requisite computing power and Internet connectivity in a compact low-power package. For determining air quality, the Bosch BME680 sensor is used. This offers temperature, pressure, and humidity readings, along with the ability to sense the presence of volatile organic compounds, or VOCs. These can be harmful to human health, so it’s useful to have an idea of the levels in your home.

The hardware is incredibly refined. It’s simple enough for the newbie, but just begs for the more experienced hacker to expand on.

On the software side, data is accessible through the Balena cloud service. Sensor readings are stored in an InfluxDB instance, with Grafana providing the visually attractive graphs and monitoring. It’s all very slick and Web 2.0, and can be accessed from anywhere through a web browser.

The project is a great example of combining a basic DIY Raspberry Pi setup with the right software tools to create a polished and effective end product. Of course, if you’re looking for something more portable, this project might be more your style. 

WOPR: Security Loses Some Of Its Obscurity

March 28, 2019 by 11 Comments

As we’ve seen time and time again, the word “hacker” takes on a different meaning depending on who you’re talking to. If you ask the type of person who reads this fine digital publication, they’ll probably tell you that a hacker is somebody who likes to learn how things work and who has a penchant for finding creative solutions to problems. But if you ask the average passerby on the street to describe a hacker, they might imagine somebody wearing a balaclava and pounding away at their laptop in a dimly lit abandoned warehouse. Thanks, Hollywood.

The “Hollywood Hacker” Playset

Naturally, we don’t prescribe to the idea of hackers being digital villains hell-bent on stealing your identity, but we’ll admit that there’s something of rift between what we call hacking versus what happens in the information security realm. If you see mention of Red Teams and Blue Teams on Hackaday, it’s more likely to be in reference to somebody emulating Pokemon on the ESP32 than anything to do with penetration testing. We’re not entirely sure where this fragmentation of the hacking community came from, but it’s definitely pervasive.

In an attempt bridge the gap, the recent WOPR Summit brought together talks and presentations from all sections of the larger hacking world. The goal of the event was to show that the different facets of the community have far more in common than they might realize, and featured a number of talks that truly blurred the lines. The oscilloscope toting crew learned a bit about the covert applications of their gadgets, and the high-level security minded individuals got a good look at how the silicon sausage gets made.

Two of these talks which should particularly resonate with the Hackaday crowd were Charles Sgrillo’s An Introduction to IoT Penetration Testing and Ham Hacks: Breaking into Software Defined Radio by Kelly Albrink. These two presentations dealt with the security implications of many of the technologies we see here at Hackaday on what seems like a daily basis: Bluetooth Low Energy (BLE), Software Defined Radio (SDR), home automation, embedded Linux firmware, etc. Unfortunately, the talks were not recorded for the inaugural WOPR Summit, but both presenters were kind of enough to provide their slides for reference.

Continue reading “WOPR: Security Loses Some Of Its Obscurity”

Casting Car Emblems Via 3D Printing

March 28, 2019 by 10 Comments

Casting is a process that can be quite demanding for the first timer, but highly rewarding once the basic techniques are mastered. It then becomes possible to quickly and reliably produce metal parts en masse, and with impressive tolerances if the right method is chosen. [VegOilGuy] has been experimenting with lost PLA casting, and decided to see if it could be applied to car emblems. 

The process begins with 3D models of various car emblems, primarily sourced from Thingiverse. These are printed in PLA, with sprues added to assist with the casting process. The parts are sanded to avoid unsightly print lines on the finished product, and any voids filled with wax. The various emblems are then assembled onto a casting tree, with extra sprues added to improve metal flow with wax and further PLA parts.

The investment mold is then created with plaster, and baked to remove water and melt out the PLA. This is crucial, as any water left in the mold can react explosively with the molten aluminium bronze.  The mold is then filled with metal and then allowed to cool. The plaster mold is destroyed, and the parts can then be removed. Final processing involves a trip through a rock tumbler before final polish with sandpaper.

[VegOilGuy] gets impressive results, with the parts looking excellent in their bronze colour. This is an unconventional color for a car emblem, but it’s noted that this material is an excellent candidate for chrome plating to get a more OEM finish.

You might find your lost PLA casting experiments could benefit from the help of a microwave, too. Video after the break.

Continue reading “Casting Car Emblems Via 3D Printing”

Arduino Converts Serial To Parallel: The Paralleloslam

March 28, 2019 by 34 Comments

After a youth spent playing with Amigas and getting into all sorts of trouble on the school computer network, I’ve always had a soft spot in my heart for hardware from the 80s and 90s. This extends beyond computers themselves, and goes so far as to include modems, photocopiers, and even the much-maligned dot matrix printer.

My partner in hacking [Cosmos2000] recently found himself with a wonderful Commodore MPS 1230 printer. Its parallel interface was very appropriate in its day, however parallel ports are as scarce as SID chips. Thankfully, these two interfaces are easy to work with and simple in function. Work on a device to marry these two disparate worlds began.

Enter: The Paralleloslam

While I was gallivanting around the Eastern coast of Australia, [Cosmos2000] was hard at work. After some research, it was determined that it would be relatively simple to have an Arduino convert incoming serial data into a parallel output to the printer. After some testing was performed on an Arduino Uno, a bespoke device was built – in a gloriously plastic project box, no less.

An ATMEGA328 acts as the brains of the operation, with a MAX232 attached for level conversion from TTL to RS232 voltage levels. Serial data are received on the hardware TX/RX lines. Eight digital outputs act as the parallel interface. When a byte is received over serial, the individual bits are set on the individual digital lines connected to the printer’s parallel port. At this point, the strobe line is pulled low, indicating to the attached device that it may read the port. After two microseconds, it returns high, ready for the next byte to be set on the output lines. This is how parallel interfaces operate without a clock signal, using the strobe to indicate when data may be read.

At this point, [Cosmos2000] reached out – asking if I had a name for the new build.

“Hm. Paralleloslam?”

“Done. Cheers!”

Continue reading “Arduino Converts Serial To Parallel: The Paralleloslam”

Office Depot And OfficeMax Find Malware That Isn’t There

March 28, 2019 by 72 Comments

Sometimes we are rebuilding a RAID array or replacing a BIOS chip and we wonder how ordinary people keep their computes running. Then we realize that most of them come to someone like us for help. But what if you don’t have a family member or friend who is computer savvy? No problem! Plenty of stores — including big box office stores such as Office Depot and OfficeMax — will be glad to help you. Why most of them will be willing to test your computer for free. Sounds nice until you find out that at least in some cases these tests were showing problems that didn’t need fixing so users would pay for services they didn’t need. The Federal Trade Commission (FTC) has fined Office Depot (who owns OfficeMax) $25 million and plans to use the funds to issue refunds. In addition, a vendor, Support.com, will pay $10 million to support the refunds.

The free check used software to detect problems on a PC. However, during the scan the user is asked if their computer has any of the following symptoms. For example, if their PC has become slow or frequently reboots. If you said yes to any of these questions, the software would produce a report claiming to have found evidence of malware and offering fixes that could cost significant amounts of money even if there was no other evidence.

Continue reading “Office Depot And OfficeMax Find Malware That Isn’t There”