Network Hacks

Hacker Heroism: Building Your Way Out of AV Hell

September 6, 2017 by 45 Comments

Many years ago, in a rainy concrete jungle on the west coast of Australia, I worked for a medium-sized enterprise doing a variety of office-based tasks. Somehow, I found myself caught up in planning a product launch event outside the official remit of my position. We got through it, but not before the audiovisual (AV) setup of the event turned into one giant hack.

The initial planning stages went remarkably smoothly until less than a month out from the big day when three weeks of frantic changes and revisions to the presentation rained down. These were some of the hardest days of my working life to date, as it seemed that we would lock in a new arrangement, only to tear it up days later as some new vital criteria came to light, throwing everything back into disarray.

Things came to a head on the night before the event. Working with two different AV teams we had planned for four projection screens and five flat screen televisions spread throughout the venue and controlled from the central AV desk. But somewhere in all those changes the televisions were set up to all display a still image, or nothing at all. I needed to show different videos on each and have the ability to black them all out.

It was at this point I realized we were screwed. The production team simply didn’t have the hardware to drive another five screens, but they could source it — for the sum of $5000. Management were furious, and were under the impression, like myself that this was what we had asked and paid for already. I was at an impasse, and beginning to wonder if I’d have a job come Monday. I wandered off to a corner to curse, and more importantly, think. After all, I’m a hacker — I can get through this.

Continue reading “Hacker Heroism: Building Your Way Out of AV Hell”

Go Wireless with This DIY Laser Ethernet Link

April 19, 2017 by 38 Comments

Most of us have Ethernet in our homes today. The real backbones of the Internet though, use no wires at all. Optical fibers carry pulses of light across the land, under the sea, and if you’re lucky, right to your door. [Sven Brauch] decided to create an optical link. He didn’t have any fiber handy, but air will carry laser pulses over short distances quite nicely. The idea of this project is to directly convert ethernet signals to light pulses. For simplicity’s sake, [Sven] limited the bandwidth to one channel, full-duplex, at 10 Megabits per second (Mbps).

The transmit side of the circuit is rather simple. An op-amp circuit acts as a constant current source, biasing the laser diode. The transmit signal from an Ethernet cable is then added in as modulation. This ensures the laser glows brightly for a 1 bit but never shuts completely off for a 0 bit.

The receive side of the circuit starts with a photodiode. The diode is biased up around 35 V, and a transimpedance amplifier (a current to voltage converter) is used to determine if the diode is seeing a 1 or a 0 from the laser. A bit more signal conditioning ensures the output will be a proper differential Ethernet signal.

[Sven] built two identical boards – each with a transmitter and receiver. He tested the circuit by pointing it at a mirror. His Linux box immediately established a link and was reported that there was a duplicate IP address on the network. This was exactly what [Sven] expected. The computer was confused by its own reflection – but the laser and photodiode circuits were working.

Finally, [Sven] connected his PC and a Raspberry Pi to the two circuits. After carefully aligning the lasers on a wooden board, the two machines established a link. Success! (But be aware that a longer distances, more sophisticated alignment mechanisms may be in order.)

Want to know more about fiber and networking? Check out this article about wiring up an older city. You can also use an optical link to control your CNC.

Networking: Pin the Tail on the Headless Raspberry Pi

April 18, 2017 by 65 Comments

Eager to get deeper into robotics after dipping my toe in the water with my BB-8 droid, I purchased a Raspberry Pi 3 Model B. The first step was to connect to it. But while it has built-in 802.11n wireless, I at first didn’t have a wireless access point, though I eventually did get one. That meant I went through different ways of finding it and connecting to it with my desktop computer. Surely there are others seeking to do the same so let’s take a look at the secret incantations used to connect a Pi to a computer directly, and indirectly.

Continue reading “Networking: Pin the Tail on the Headless Raspberry Pi”

Prisoners Build DIY Computers and Hack Prison Network

April 17, 2017 by 79 Comments

The Internet is everywhere. The latest anecdotal evidence of this is a story of prison inmates that build their own computer and connected it to the internet. Back in 2015, prisoners at the Marion Correctional Institution in Ohio built two computers from discarded parts which they transported 1,100 feet through prison grounds (even passing a security checkpoint) before hiding them in the ceiling of a training room. The information has just been made public after the release of the Inspector General’s report (PDF). This report is fascinating and worth your time to read.

This Ethernet router was located in a training room in the prison. Physical access is everything in computer security.

Prisoners managed to access the Ohio Department of Rehabilitation and Corrections network using login credentials of a retired prison employee who is currently working as a contract employee. The inmates plotted to steal the identity of another inmate and file tax returns under their name. They also gained access to internal records of other prisoners and checked out websites on how to manufacture drugs and DIY weapons, before prison officers were able to find the hidden computers. From the report:

The ODAS OIT analysis also revealed that malicious activity had been occurring within the ODRC inmate network. ODAS OIT reported, “…inmates appeared to have been conducting attacks against the ODRC network using proxy machines that were connected to the inmate and department networks.” Additionally, ODAS OIT reported, “It appears the Departmental Offender Tracking System (DOTS) portal was attacked and inmate passes were created. Findings of bitcoin wallets, stripe accounts, bank accounts, and credit card accounts point toward possible identity fraud, along with other possible cyber-crimes.”

The prisoners involved knew what they were doing. From the interview with the inmate it seems the computers were set up as a remote desktop bridge between internal computers they were allowed to use and the wider internet. They would use a computer on the inmate network and use a remote desktop to access the illicit computers. These were running Kali Linux and there’s a list of “malicious tools” found on the machines. It’s pretty much what you’d expect to find on a Kali install but the most amusing one listed in the report is “Hand-Crafted Software”.

This seems crazy, but prisoners have always been coming up with new ideas to get one over on the guards — like building DIY tattoo guns, When you have a lot of time on your hands and little responsibility, crazy ideas don’t seem so crazy after all.

Apparently Time IS Money

April 13, 2017 by 25 Comments

Some people like to tweak cars. Some like to overclock PCs. Then there are the guys like [Jack Zimmermann] who are obsessed with accurate time. He’s working on a project that will deploy NTP (Network Time Protocol) servers in different African countries and needed small, cheap, energy-efficient, and accurate servers. What he wound up with is a very accurate setup for around $200. Along the way, he built some custom hardware, and hacked a computer to sync to the GPS clock reference.

His original attempt was with a Raspberry Pi 3. However, the network adapter isn’t the fastest possible, both because it is 100 MBPS and, primarily, because it is connected via the USB bus. Network latency due to these limitations makes it difficult to serve accurate time.

His solution includes an Odroid C2. For $50 it is a very capable computer with four cores, gigabit Ethernet, and can even use eMMC storage which is faster than the usual SD card. You can still use a conventional SD card, though, if you prefer.

Continue reading “Apparently Time IS Money”

Remotely Get Root On Most Smart TVs With Radio Signals

April 6, 2017 by 72 Comments

[Rafael Scheel] a security consultant has found that hacking smart TVs takes nothing much more than an inexpensive DVB-T transmitter, The transmitter has to be in range of the target TV and some malicious signals. The hack works by exploiting hybrid broadcast broadband TV signals and widely known about bugs in web browsers commonly run on smart TVs, which seem run in the background almost all the time.

Scheel was commissioned by Cyber security company Oneconsult, to create the exploit which once deployed, gave full root privileges enabling the attacker to setup and SSH into the TV taking complete control of the device from anywhere in the world. Once exploited the rogue code is even unaffected by device reboots and factory resets.

Once a hacker has control over the TV of an end user, he can harm the user in a variety of ways, Among many others, the TV could be used to attack further devices in the home network or to spy on the user with the TV’s camera and microphone. – Rafael Scheel

Smart TV’s seem to be suffering from  IoT security problems. Turning your TV into an all-seeing, all-hearing surveillance device reporting back to it’s master is straight out of 1984.

A video of a talk about the exploit along with all the details is embedded below.
Continue reading “Remotely Get Root On Most Smart TVs With Radio Signals”

An Android Phone Makes A Better Server Than You’d Think

March 22, 2017 by 52 Comments

There was a time a few years ago when the first Android phones made it to market, that they seemed full of promise as general purpose computers. Android is sort of Linux, right, or so the story went, so of course you must be able to run Linux on an Android phone and do all sorts of cool stuff with it.

As anyone who tried to root an Android phone from 2010 will tell you, it was a painful and unrewarding process. There was normally a convoluted rooting process followed by somehow squeezing your own Linux filesystem tree onto the device, then chroot-ing into it. You’d then have to set up a VNC server and VNC into it, and eventually you’d feel immensely proud of your very slow tiny-screen Linux desktop that you’d slaved over creating. It was one of those things that’s simple in theory, but extremely convoluted in practice.

But six years have passed since those days, phones have gotten much faster and so has the software for tasks such as rooting, so maybe it’s time to return to the topic of Linux on an Android device. [Pete Scargill] gave it a try when a friend gave him a Chinese quad-core Android phone with a broken screen. He proceeded to put a Debian installation on it, upon which he runs his collection of server processes.

Rooting the phone was straightforward process using the KingRoot app, a sideloaded version as it seems there’s a bogus copy on the Play Store. Then bringing a Linux system to it could be achieved with the LinuxDeploy app. The result is surprisingly useful, after some installation steps upon which he goes into detail.

You might ask what would be the point of this exercise, given that you can do the same thing much more easily with a single board computer such as a Raspberry Pi. But to buy a Pi, SD card, screen, and UPS, as he points out you’d have to spend a lot more than you would for a second-hand phone from eBay — or a free, slightly broken, one from friends or family.

If getting more from your Android phone is your thing, perhaps you’d like to know about installing Busybox on it. We’ve also advocated for using old Android phones for ARM dev.