Network Hacks

113 Articles

A New Way To Remote Terminal

August 9, 2019 by 13 Comments

Thanks to the wonders of the internet, collaborating with others across great distances has become pretty simple. It’s easy now to share computer desktops over a network connection, and even take control of another person’s computer if the need arises. But these graphical tools are often overkill, especially if all we really need is to share a terminal session with someone else over a network.

A new project from [Elis] allows just that: to share an active terminal session over a web browser for anyone else to view. The browser accesses a “secret” URL which grants access to the terminal via a tunnel which is able to live stream the entire session. The server end takes care of all of the work of generating this URL, and it is encrypted with TLS and HTTPS. It also allows for remote control as well as viewing, so it is exceptionally well-featured for being simple and easy to run.

To run this software only a binary is needed, but [Elis] has also made the source code available. Currently he finds it a much more convenient way of administering his Raspberry Pi, but we can see a lot of use for this beyond the occasional headless server. Certainly this makes remote administration easy, but could be used collaboratively among a large group of people as well.

Doing 10 Gigabit Networking At Home, The Cheap Way

July 24, 2019 by 53 Comments

For the vast majority of us, Gigabit Ethernet is more than enough for daily tasks. The occasional big network file transfer might drag a little, but it’s rare to fall short of bandwidth when you’re hooked up over Cat 6. [Brian] has a thirst for saturating network links, however, and decided only 10 Gigabit Ethernet would do.

Already being the owner of a Gigabit Ethernet network at home, [Brian] found that he was now regularly able to saturate the links with his existing hardware. With a desire to run intensive virtual machines on his existing NAS without causing bandwidth issues, it was time for an upgrade. Unfortunately, the cost of rewiring the existing home network to Cat 6 and procuring hardware that could run 10 Gigabit Ethernet over copper twisted pair was prohibitively expensive.

It’s a little ungainly, but it does the job.

Instead, [Brian] decided to reduce the scope to connecting just 3 machines. Switches were prohibitively expensive, so each computer was fitted with twin 10 Gigabit interfaces, such that it could talk to the two other computers. Rather than rely on twisted pair, the interfaces chosen use the SFP+ standard, in which the network cable accepts electrical signals from the interface, and contains a fiber optic transciever.

[Brian] was able to get the 3 computers networked for just $120, with parts sourced from eBay. It’s an approach that doesn’t scale well; larger setups would be much better served by using a switch and a less zany network topology. But for [Brian], it works just fine, and allows his NAS to outperform a 15,000 RPM server hard disk as far as read rates go.

If you’re curious about improving your own network performance, it might pay to look at your cables first – things are not always as they seem.

Curbing Internet Addiction In A Threatening Manner

July 15, 2019 by 37 Comments

Those who have children of their own might argue that the youth of today are getting far too much internet time. [Nick] decided to put an emergency stop to it and made this ingenious internet kill switch to threaten teenagers with. Rather unassuming on the outside, the big red button instantly kills all network traffic as soon as you push it down, doing its label justice. Reset the toggle button, and the connection is restored, simple as that.

In order to achieve this, [Nick] fit inside the enclosure a Raspberry Pi Zero W, along with a battery and a wireless charging circuit for portability and completely wireless operation. The button is wired into the Pi’s GPIO and triggers a command to the router via SSH over WiFi, where a script listening to the signal tells it to drop the network interfaces talking to the outside world. It’s simple, it’s clean, and you can carry it around with you as a warning for those who dare disobey you. We love it.

Another use for big red buttons we’ve seen in the past is an AC power timer, but you can do just about anything with them if you turn one into an USB device. Check this one in action after the break.

Continue reading “Curbing Internet Addiction In A Threatening Manner”

Exploring The Dell N1108T-ON Ethernet Switch

June 17, 2019 by 24 Comments

In an era where everything seems to be getting “smarter” every year, it will probably come as no surprise to find that even relatively middling networking hardware is now packing advanced features and considerable computational power. A case in point is the Dell N1108T-ON Ethernet switch. Despite only costing around $100 USD on the second hand market, [Ben Cox] discovered this particular switch was capable of a lot more than what was advertised by poking around its onboard operating system.

It all started by plugging into the serial port on the front of the switch, which [Ben] happily notes is an integrated FTDI USB serial adapter to make life easy. Booting into recovery mode gave him local shell access, and some poking around determines it’s the sort of BusyBox-powered Linux system that you’d expect on an embedded device. The biggest discoveries were that it was running a relatively recent kernel (3.8.1), and that it apparently had Python installed.

The reverse shell Python script

From there, [Ben] found out that these switches have a feature where the administrator can install and run Python “applications” by packaging them up as tarballs and copying them from a USB flash drive. So he wrote up a simple Python program that used the socket library to open up a reverse shell to his desktop computer, and to his surprise, it worked perfectly on the first try. Now with root access, the fun really started.

The next step was getting an SSH installed and running on the switch, so that he didn’t have to do the reverse shell trick every time. He then started installing the packages necessary to turn the switch into a secure VPN tunnel with Wireguard. This took a little fiddling as [Ben] didn’t have the option of installing the normal Wireguard kernel module, but he eventually got the necessary tools modified and cross-compiled to ARM. He believes this is just the start of what’s capable on devices like this, and we’re interested in seeing where the community goes from here.

We’ve seen hackers add management capability to a “dumb” unmanaged switch in the past, but software modifications like this promise to make the creation of custom, secure, networks far easier even on a hacker’s budget. A lot has certainly changed since the last time we saw somebody really dive into a professional Ethernet switch.

ESP8266 Upgrade Gives IKEA LEDs UDP Superpowers

May 27, 2019 by 39 Comments

It can be difficult to resist the impulse buy. You see something interesting, the price is right, and even though you know you should do your research first, you end up putting it in your cart anyway. That’s how [Tobias Girstmair] ended up being the not-so proud owner of a LEDBERG RGB LED strip from IKEA, and what eventually pushed him to replace wimpy original controller with an ESP8266.

So what was the problem with the original controller? If you can believe it, it was incapable of producing white light. When IKEA says an LED is multi-color, they apparently mean it’s only multi-color. A quick check of the reviews online seem to indicate that the white version is sold as a different SKU that apparently looks the same externally and has confused more than a few purchasers.

Rather than having to pick one or the other, [Tobias] decided he would replace the original controller with an ESP-03, hoping that would give him granular enough control over the LEDs to coax a suitably white light out of them. He didn’t want to completely start from scratch, so one of the first decisions he made was to reuse the existing PCB and MOSFETs. Some handy test points on the PCB allowed him to hook the digital pins of the ESP right to the red, blue, and green LED channels.

Then it was just a matter of coming up with the software. To keep things simple, [Tobias] decided to create a “dumb” controller that simply sets the LED color and intensity according to commands it receives over a simplified UDP protocol. Anything beyond that, such as randomized colors or special effects, is done with scripts that run on his computer and fire off the appropriate UDP commands. This also means he can manually control his newly upgraded LEDBERG strips from basically anything that can generate UDP packets, such as an application on his Android phone.

It might not be the most robust implementation we’ve ever seen, but all things considered, it looks as though this modification could be a pretty good way to get some cheap network controlled RGB lighting in your life.

Bike Computer Exploration Uncovers A Hidden Android

April 29, 2019 by 26 Comments

As a happy side-effect of the smartphone revolution, the world is now awash with tiny computers that are incredibly cheap thanks to the nearly unfathomable volumes in which their components are manufactured. There wouldn’t be a $10 Raspberry Pi Zero if the billions of smartphones that were pumped out before it hadn’t dropped the cost of the individual components to literal pennies. That also means that smartphone hardware, or at least systems that are very close to it, have started to pop up in some unexpected places.

When [Joshua Wise] recently took ownership of a Wahoo ELEMNT BOLT bike computer, he wondered how it worked. With impressive list of features such as Internet connectivity, GPS mapping, and Bluetooth Low Energy support, he reasoned the pocket-sized device must have some pretty decent hardware under the hood. With some poking and prodding he found the device was powered by a MediaTek SoC and incredibly had a full-blown install of Android running in the background.

So how does one find out that their lowly bike computer is essentially a cleverly disguised smartphone? If you’re [Joshua], you listen to who it’s trying to talk do when doing a firmware update over the Internet. He used mitmproxy running between his Internet connection and a WiFi access point setup specifically for the BOLT, from there, he was able to see all of the servers it was connecting to. Seeing the device pull some data down from MediaTek’s servers was a pretty good indication of whose hardware was actually inside the thing, and when it ultimately downloaded some Android .apk files from the Wahoo website, it became pretty clear what operating system it was running underneath the customized user interface.

Further examination of the Bolt’s software brought to light a few troubling issues. It turned out that the firmware made extensive use of Apache-licensed code, for which no attribution was given. [Joshua] contacted the company and was eventually referred to the Wahoo’s CEO, Chip Hawkins. Refreshingly, Chip was not only very interested in getting the licensing issues sorted out, but even had some tips on hacking and modifying the device, including how to enable ADB.

Before the publication of this article, we reached out to Chip Hawkins (yes, he really does respond to emails) for a comment, and he told us that not only has he made sure that all of the open source packages used have now been properly attributed to their original authors, but that his team has been providing source code and information to those who request it. He says that he’s been proud to see owners of his products modifying them for their specific needs, and he’s happy to facilitate that in any way that he can.

Open source license compliance is a big deal in the hacking community, and we’ve seen how being on the wrong side of the GPL can lead to lost sales. It’s good to see Wahoo taking steps to make sure they comply with all applicable licences, but we’re even more impressed with their positive stance on customers exploring and modifying their products. If more companies took such an enlightened approach to hacking, we’d all be a lot better off.

[Thanks to Roman for the tip.]

Transcending The Stack With The Right Network Protocol

April 9, 2019 by 14 Comments

The increase in network-connected devices the past years has been something of a dual-edged sword. While on one hand it’s really nice to have an easy and straight-forward method to have devices talk with each other, this also comes with a whole host of complications, mostly related to reliability and security.

With WiFi, integrating new devices into the network is much trickier than with Ethernet or CAN, and security (e.g. WPA and TLS) isn’t optional any more, because physical access to the network fabric can no longer be restricted. Add to this reliability issues due to interference from nearby competing WiFi networks and other sources of electromagnetic noise, and things get fairly complicated already before considering which top-layer communication protocol one should use. Continue reading “Transcending The Stack With The Right Network Protocol”