Wake, Boot, Repeat: Remote OS Selection With GRUB And ESP

March 3, 2025 by Heidi Ulrich 14 Comments

What do you do when you need to choose an OS at boot but aren’t physically near your machine? [Dakhnod]’s inventive solution is a mix of GRUB, Wake-on-LAN (WOL), and a lightweight ESP8266 running a simple HTTP server. In the past, [dakhnod] already enlightened us with another smart ESP hack. This one’s a clever combination of network booting and remote control that opens up possibilities beyond the usual dual-boot selector.

At its core, the hack modifies GRUB to fetch its boot configuration over HTTP. The ESP8266 (or any low-power device) serves up a config file defining which OS should launch. The trick lies in adding a custom script that tells GRUB to source an external config:

#!/usr/bin/env cat 
net_dhcp 
source (http,destination_ip_or_host:destination_port)/grub/config

Since GRUB itself makes the HTTP request, the system needs a running web server. That could be a Raspberry Pi, another machine, or the ESP itself. From there, a WOL-enabled ESP button can wake the PC and set the boot parameters remotely.

Is it secure? Well, that depends on your network. An open, unauthenticated web server dishing out GRUB configs is risky, but within a controlled LAN or a VLAN-segmented environment, it’s an intriguing option. Automation possibilities are everywhere — imagine remotely booting test rigs, toggling between OS environments for debugging, or even setting up kiosk machines that reconfigure themselves based on external triggers.

For those looking to take it further, using configfile instead of source allows for more dynamic menu entries, although it won’t persist environment variables. You could even combine it with this RasPi hack to control the uptime of the HTTP server. The balance between convenience and security is yours to strike.

If you’ve got your own wild GRUB customisation, let’s hear it!

A CaptionCall Phone Succumbs To Doom, Again

March 2, 2025 by Arya Voronova 11 Comments

Pour one out for yet another device conquered. This one’s a desk phone for conferences and whatnot, a colour display, a numpad, and a bog standard handset with a speaker and mic. Naturally, also running Linux. You know what to expect – [Parker Reed] has brought Doom to it, and you’d be surprised how playable it looks!

This is the second time a CaptionCall device has graced our pages running Doom — CaptionCall patched out the previous route, but with some firmware dumping and hashcat, root has been acquired once again. [Parker] has upgraded this impromptu gaming setup, too – now, all the buttons are mapped into Doom-compatible keyboard events coming from a single input device, thanks to a C program and an Xorg config snippet. Feel free to yoink for your own Doom adventures or just general CaptionCall hacking!

If you’re interested in the hacking journey, get into the exploitee.rs Discord server and follow the hack timeline from password recovery, start to finish, to Doom, to the state of affairs shown in the video. Now, as the CPU speeds have risen, should the hackerdom switch away from Doom as the go-to? Our community remains divided.

Continue reading “A CaptionCall Phone Succumbs To Doom, Again” →

Linux Fu: USB Everywhere

February 27, 2025 by Al Williams 20 Comments

It is a common problem: I have a USB device on a computer out in the shop, and I want to use it from the comfort of my office. What to do? Well, you could remote desktop into the distant machine. But, honestly, I always find any remote desktop more than ssh clunky and somewhat undesirable. Fortunately, Linux can do virtually anything if you only know how to do it. So, this time, I’ll show you how to transport a USB device over your network. Of course, I have a network that reaches out to the shop. It should be a simple matter to tell my desktop machine that one of its USB devices lives across the network. Well, it wasn’t that simple, but it is doable.

The Tools

The whole thing involves a program called usbip. That should be the end of it, but of course, it isn’t. In order for this to work, both machines on the network will need some kernel modules and a daemon on the server: the machine with the USB devices to share.

You may be able to install usbip from your package manager. On Ubuntu, it is in the linux-tools-common package, so a simple apt-get might give you everything you need. I wasn’t so lucky. Continue reading “Linux Fu: USB Everywhere” →

Give Your Animal Crossing Villagers The Gift Of Linux

February 18, 2025 by Tom Nardi 11 Comments

If you’ve played any of the versions of Nintendo’s Animal Crossing over the years, you’ll know that eventually you get to the point where you’ve maxed out your virtual house and filled it with all the furniture you could possibly want — which is arguably as close to “winning” the game as you can get.

But now thanks to the work of [decrazyo] there’s a piece of furniture that you can add to your Animal Crossing house that will never get old: an x86 emulator that boots Linux. As explained in the video below, this trick leverages the fact that Nintendo had already built a highly accurate Nintendo Entertainment System (NES) emulator into Animal Crossing on the GameCube, which could be used to run a handful of classic games from within the player’s virtual living room. But it turns out that you can get that emulator to load a user-provided ROM from the GameCube’s memory card, which opens the doors to all sorts of mischief.

Continue reading “Give Your Animal Crossing Villagers The Gift Of Linux” →

Make A Secret File Stash In The Slack Space

February 10, 2025 by Donald Papp 15 Comments

Disk space is allocated in clusters of a certain size. When a file is written to disk and the file size is smaller than the cluster(s) allocated for it, there is an unused portion of varying size between the end of the file’s data and the end of the allocated clusters. This unused space is the slack space, it’s perfectly normal, and [Zachary Parish] had an idea to write a tool to hide data in it.

The demo uses a usb drive, using the slack space from decoy files to read and write data.

[Zachary]’s tool is in Python and can map available slack space and perform read and write operations on it, treating the disparate locations as a single unified whole in which to store arbitrary files. A little tar and gzip even helps makes things more efficient in the process.

There’s a whole demo implemented on Linux using a usb drive with some decoy files to maximize the slack space, and you can watch it in action in the video embedded below. It’s certainly more practical than hiding data in a podcast!

Note that this is just a demo of the concept. The approach does have potential for handling secret data, but [Zachary] points out that there are — from a serious data forensics point of view– a number of shortcomings in its current form. For example, the way the tool currently structures and handles data makes it quite obvious that something is going on in the slack space.

[Zachary] created this a few years ago and has some ideas about how to address those shortcomings and evolve the tool, so if you have ideas of your own or just want to try it out, the slack_hider GitHub repository is where you want to go.

Continue reading “Make A Secret File Stash In The Slack Space” →

Screenshot of Linux in a PDF in a browser

Nice PDF, But Can It Run Linux? Yikes!

February 10, 2025 by Heidi Ulrich 21 Comments

The days that PDFs were the granny-proof Swiss Army knives of document sharing are definitely over, according to [vk6]. He has managed to pull off the ultimate mind-bender: running Linux inside a PDF file. Yep, you read that right. A full Linux distro chugging along in a virtual machine all encapsulated within a document. Just when you thought running DOOM was the epitome of it. You can even try it out in your own browser, right here. Mind-boggling, or downright Pandora’s box?

Let’s unpack how this black magic works. The humble PDF file format supports JavaScript – with a limited standard library, mind you. By leveraging this, [vk6] managed to compile a RISC-V emulator (TinyEMU) into JavaScript using an old version of Emscripten targeting asm.js instead of WebAssembly. The emulator, embedded within the PDF, interfaces with virtual input through a keyboard and text box.

The graphical output is ingeniously rendered as ASCII characters – each line displayed in a separate text field. It’s a wild solution but works astonishingly well for something so unconventional.

Security-wise, this definitely raises eyebrows. PDFs have long been vectors for malware, but this pushes things further: PDFs with computational power. We know not to trust Word documents, whether they just capable of running Doom, or trash your entire system in a blink. This PDF anomaly unfolds a complete, powerful operating system in front of your very eyes. Should we think lightly, and hope it’ll lead to smarter, more interactive PDFs – or will it bring us innocent looking files weaponized for chaos?

Curious minds, go take a look for yourself. The project’s code is available on GitHub.

Continue reading “Nice PDF, But Can It Run Linux? Yikes!” →

UScope: A New Linux Debugger And Not A GDB Shell, Apparently

February 7, 2025 by Dave Rowntree 7 Comments

[Jim Colabro] is a little underwhelmed with the experience of low-level debugging of Linux applications using traditional debuggers such as GDB and LLDB. These programs have been around for a long time, developing alongside Linux and other UNIX-like OSs, and are still solidly in the CLI domain. Fed up with the lack of data structure support and these tools’ staleness and user experience, [Jim] has created UScope, a new debugger written from scratch with no code from the existing projects.

GBD, in particular, has quite a steep learning curve once you dig into its more advanced features. Many people side-step this learning curve by running GDB within Visual Studio or some other modern IDE, but it is still the same old debugger core at the end of the day. [Jim] gripes that existing debuggers don’t support modern data structures commonly used and have poor customizability. It would be nice, for example, to write a little code, and have the debugger render a data structure graphically to aid visualisation of a problem being investigated. We know that GDB at least can be customised with Python to create application-specific pretty printers, but perhaps [Jim] has bigger plans?

Continue reading “UScope: A New Linux Debugger And Not A GDB Shell, Apparently” →