WOPR: Security Loses Some Of Its Obscurity

March 28, 2019 by 11 Comments

As we’ve seen time and time again, the word “hacker” takes on a different meaning depending on who you’re talking to. If you ask the type of person who reads this fine digital publication, they’ll probably tell you that a hacker is somebody who likes to learn how things work and who has a penchant for finding creative solutions to problems. But if you ask the average passerby on the street to describe a hacker, they might imagine somebody wearing a balaclava and pounding away at their laptop in a dimly lit abandoned warehouse. Thanks, Hollywood.

The “Hollywood Hacker” Playset

Naturally, we don’t prescribe to the idea of hackers being digital villains hell-bent on stealing your identity, but we’ll admit that there’s something of rift between what we call hacking versus what happens in the information security realm. If you see mention of Red Teams and Blue Teams on Hackaday, it’s more likely to be in reference to somebody emulating Pokemon on the ESP32 than anything to do with penetration testing. We’re not entirely sure where this fragmentation of the hacking community came from, but it’s definitely pervasive.

In an attempt bridge the gap, the recent WOPR Summit brought together talks and presentations from all sections of the larger hacking world. The goal of the event was to show that the different facets of the community have far more in common than they might realize, and featured a number of talks that truly blurred the lines. The oscilloscope toting crew learned a bit about the covert applications of their gadgets, and the high-level security minded individuals got a good look at how the silicon sausage gets made.

Two of these talks which should particularly resonate with the Hackaday crowd were Charles Sgrillo’s An Introduction to IoT Penetration Testing and Ham Hacks: Breaking into Software Defined Radio by Kelly Albrink. These two presentations dealt with the security implications of many of the technologies we see here at Hackaday on what seems like a daily basis: Bluetooth Low Energy (BLE), Software Defined Radio (SDR), home automation, embedded Linux firmware, etc. Unfortunately, the talks were not recorded for the inaugural WOPR Summit, but both presenters were kind of enough to provide their slides for reference.

Continue reading “WOPR: Security Loses Some Of Its Obscurity”

Build Your Own Dial-up ISP With A Raspberry Pi

February 16, 2019 by 30 Comments

The bing-bongs, screeches, and whiirings of a diai-up modem are long forgotten now. For good reason. Dial up was slow, and if you’re one of those unlucky people reading this and waiting for the animated gif above this paragraph to load, you have our condolences. But still, nostalgia. It bit [Doge Microsystems] hard, and now there’s a dial-up ISP on [Doge]’s desk.  Why? For fun, probably, and if you’re going to retrocompute, you might as well go the whole way.

The setup for this astonishing feat of dial-up networking is an ISA modem inside a ‘lunchbox’ computer running what is probably Windows 98. The ‘homebrew POTS’ system is a SIP ATA (which is most certainly obsolete and out of stock, but this one will get you close), and a Raspberry Pi clone running Asterisk.  There’s a serial modem and a USB to serial adapter involved, and a PPP daemon running on the Pi clone answers the incoming call, negotiates authentication, and does the NAT. It’s a networking geek’s dream.

As for what good this is, anyone who asks the question is missing the point entirely. Dial up is slow, horrible, and there’s a reason we don’t use it anymore. However, and there’s always a however, if you’re developing your own serial modem hardware for some weird project, I guess this setup would come in handy. If you’d like to test out a wooden modem, this is the setup for you. Yes, it’s ancient technology no one wants anymore, but that’s how you do it if you want.

This Tiny Router Could Be The Next Big Thing

February 1, 2019 by 22 Comments

It seems like only yesterday that the Linksys WRT54G and the various open source firmware replacements for it were the pinnacle of home router hacking. But like everything else, routers have gotten smaller and faster over the last few years. The software we run on them has also gotten more advanced, and at this point we’ve got routers that you could use as a light duty Linux desktop in a pinch.

But even with no shortage of pocket-sized Linux devices in our lives, the GL-USB150 “Microrouter” that [Mason Taylor] recently brought to our attention is hard to ignore. Inside this USB flash drive sized router is a 400 MHz Qualcomm QCA9331 SoC, 64 MB of RAM, and a healthy 16 MB of storage; all for around $20 USD. Oh, and did we mention it comes with OpenWRT pre-installed? Just plug it in, and you’ve got a tiny WiFi enabled Linux computer ready to do your bidding.

On his blog [Mason] gives a quick rundown on how to get started with the GL-USB150, and details some of the experiments he’s been doing with it as part of his security research, such as using the device as a remote source for Wireshark running on his desktop. He explains that the diminutive router works just fine when plugged into a USB battery bank, offering a very discreet way to deploy a small Linux box wherever you may need it. But when plugged into a computer, things get really interesting.

If you plug the GL-USB150 into a computer, it shows up to the operating system as a USB Ethernet adapter and can be used as the primary Internet connection. All of the traffic from the computer will then be routed through the device to whatever link to the Internet its been configured to use. Depending on how you look at it, this could be extremely useful or extremely dangerous.

For one, it means that something that looks all the world like a normal USB flash drive could be covertly plugged into a computer and become a “wiretap” through which all of the network traffic is routed. That’s the bad news. On the flip side, it also means you could configure the GL-USB150 as a secure endpoint that lets you quickly and easily funnel all the computer’s traffic through a VPN or Tor without any additional setup.

We’ve seen all manner of hacks and projects that made use of small Linux-compatible routers such as the TP-Link TL-MR3020, but we expect the GL-USB150 and devices like it will be the ones to beat going forward. Let’s just hope one of them doesn’t show up uninvited in your network closet.

Five Year Old Bug Spawns Router Botnet Monster

November 23, 2018 by 38 Comments

In the news has been yet another router botnet. [Hui Wang] and [RootKiter] of 360Netlab announced their discovery of what they call the “BCMUPnP_Hunter” rootkit. They estimate this botnet to be running on over 100,000 routers worldwide.

There are two elements of this story that I found particularly baffling. First, this botnet infects routers using a vulnerability that was first reported by Defensecode over five years ago, in 2013! The second oddity is the wide range of devices that are vulnerable and are now part of the botnet. Dozens of brands and at least 116 models have been found to be infected.

One of the details of this story hasn’t been reported entirely accurately. The bug is not built into the Broadcom chipset. Unlike Spectre and Meltdown, it’s not actually a hardware fault. Broadcom distributes a Software Development Kit (SDK) that enables device manufacturers like D-Link, TP-Link, and Linksys to quickly develop firmware for routers using Broadcom chips. The vulnerability lies in this code, rather than part of the hardware itself.

Continue reading “Five Year Old Bug Spawns Router Botnet Monster”

Hack My House: Running Raspberry Pi Without An SD Card

October 8, 2018 by 62 Comments

Many of us have experienced the pain that is a Raspberry Pi with a corrupted SD card. I suspect the erase-on-write nature of flash memory is responsible for much of the problem. Regardless of the cause, one solution is to use PXE booting with the Raspberry Pi 3. That’s a fancy way to say we’ll be booting the Raspberry Pi over the network, instead of from an SD card.

What does this have to do with Hacking My House? As I discussed last time, I’m using Raspberry Pi as Infrastructure by building them into the walls of every room in my house. You don’t want to drag out a ladder and screwdriver to swap out a misbehaving SD card, so booting over the network is a really good solution. I know I promised we’d discuss cabling and cameras. Think of this as a parenthetical article — we’ll talk about Ethernet and ZoneMinder next time.

So let’s dive in and see what the Preboot Execution Environment (PXE) is all about and how to use PXE with Raspberry Pi.

Continue reading “Hack My House: Running Raspberry Pi Without An SD Card”

Printed It: Logitech C270 Conversion

September 4, 2018 by 14 Comments

One of the most practical applications for a home 3D printer is the ability to produce replacement parts; why wait a week for somebody to ship you a little plastic widget when you’ve got a machine that can manufacture a facsimile of it in a couple of hours? But what if your skills and passion for the smell of melting PLA push you even farther? You might move on from printing replacement parts to designing and building whole new devices and assemblies. Arguably this could be considered “peak” 3D printing: using a printer to create new devices which would otherwise be difficult or impractical for an individual to manufacture by more traditional means.

A perfect example is this fantastic total conversion for the Logitech C270 webcam designed by [Luc Eeckelaert]. Officially he calls it a “tripod”, and perhaps that’s how the design started, but the final product is clearly much more than that. It puts the normally monitor-mounted Logitech camera onto an articulated arm, greatly improving the device’s usability. The conversion even includes the ability to manually adjust the focus, a feature the original hardware doesn’t have. It turns the affordable and widely available Logitech C270 into an excellent camera to have on the workbench for documenting projects, or pointing at the bed of your 3D printer.

Continue reading “Printed It: Logitech C270 Conversion”

This Is The Raspberry Pi Robot To Beat All Others

August 29, 2018 by 13 Comments

Before the introduction of the Raspberry Pi, building robots was hard. The best solution to turning motors on a chassis was repurposing an old roomba. For the brain, maybe you could throw Linux on a router and move your rover around with an old Linksys. Before that, you could buy a crappy robotics kit, thrown together in a box and sold as an ‘educational kit’. I’m sure there are a few readers out there that built robots by wire-wrapping HC11s.

Now we have 3D printers and Raspberry Pis, and with that comes a golden age of robotics. One of the best robot brains out there is the 8BitRobots Modules from [Tim Wilkinson], an entry for this year’s Hackaday Prize.

The 8BitRobots Modules are made up of a few components, not the least of which is a Pi Zero, a fantastically powerful (for its price) Linux computer that is available for five dollars. With an add-on board, cleverly named the RoBonnet, the Pi Zero gets PWM outputs for servos and ESCs, an H-bridge for motors, TTL serial, encoder inputs, a pressure and temperature sensor, an IMU, a power monitor, and everything else you need for a successful Pi robot.

But hardware is only one part of the equation. If you want to program a robot, you need a software stack that makes everything easy. That’s where the 8BitRobots distributed robot platform comes in. This is a bit of Javascript running on the Pi that allows you to program the robot in Blockly, a Scratch-like graphical programming environment that’s been adapted to run in a web browser. It’s an all-in-one solution to robotics development and programming, and an excellent addition to this year’s Hackaday Prize.

The HackadayPrize2018 is Sponsored by: