Network Hacks

228 Articles

Portable Router Build: Picking Your CPU

August 13, 2024 by 23 Comments

I want to introduce you to a project of mine – a portable router build, and with its help, show you how you can build a purpose-built device. You might have seen portable routers for sale, but if you’ve been in the hacking spheres long enough, you might notice there are “coverage gaps”, so to speak. The Pi-hole project is a household staple that keeps being product-ized by shady Kickstarter campaigns, a “mobile hotspot” button is a staple in every self-respecting mobile and desktop OS, and “a reset device for the ISP router” is a whole genre of a hacker project. Sort the projects by “All Time” popularity on Hackaday.io, and near the very top, you will see an OpenVPN &Tor router project – it’s there for a reason, and it got into 2014 Hackaday Prize semifinals for a reason, too.

I own a bunch of devices benefitting from both an Internet connection and also point-to-point connections between them. My internet connection comes sometimes from an LTE uplink, sometimes from an Ethernet cable, and sometimes from an open WiFi network with a portal you need to click through before you can even ping anything. If I want to link my pocket devices into my home network for backups and home automation, I can put a VPN client on my laptop, but a VPN client on my phone kills its battery, and the reasonable way would be to VPN the Internet uplink – somehow, that is a feature I’m not supposed to have, and let’s not even talk about DNSSEC! Whenever I tried to use one of those portable LTE+WiFi[+Ethernet] routers and actively use it for a month or two, I’d encounter serious hardware or firmware bugs – which makes sense, they are a niche product that won’t get as much testing as phones.

Continue reading “Portable Router Build: Picking Your CPU”

Hacking Airline WiFi The Hard Way

July 10, 2024 by 28 Comments

We’ve all been there. You are on a flight, there’s WiFi, but you hate to pay the few bucks just to watch dog videos. What to do? Well, we would never suggest you engage in theft of service, but as an intellectual exercise, [Robert Heaton] had an interesting idea. Could the limited free use of the network be coopted to access the general internet? Turns out, the answer is yes.

Admittedly, it is a terrible connection. Here’s how it works. The airline lets you get to your frequent flier account. When there, you can change information such as your name. A machine on the ground can also see that change and make changes, too. That’s all it takes.

It works like a drop box. You take TCP traffic, encode it as fake information for the account and enter it. You then watch for the response via the same channel and reconstitute the TCP traffic from the remote side. Now the network is at your fingertips.

There’s more to it, but you can read about it in the post. It is slow, unreliable, and you definitely shouldn’t be doing it. But from the point of view of a clever hack, we loved it. In fact, [Robert] didn’t do it either. He proved it would work but did all the development using GitHub gist as the drop box. While we appreciate the hack, we also appreciate the ethical behavior!

Some airlines allow free messaging, which is another way to tunnel traffic. If you can connect to something, you can probably find a way to use it as a tunnel.

A Cute Sentry Scans Your Net For Scullduggery

July 4, 2024 by 10 Comments

As long as we get to make our own network security tools, why not make them look cute? Netgotchi may not be much more than an ESP8266 running network scans and offering up a honeypot service, but it smiles while sits on your desk and we think that’s swell.

Taking inspiration from a recent series of red-team devices that make hacking adorable, most obviously pwnagotchi (and arguably Flipper), Netgotchi lives on the light side of the Force. Right now, it enumerates the devices on your network and can alert you when anything sketchy joins in. We can totally imagine customizing this to include other network security or health checks, and extending the available facial expressions accordingly.

You might not always be thinking about your network, and if you’re like us, that’s probably just fine. But we love standalone displays that show one thing in an easily digestable manner, and this fits the bill, with a smile.

Raspberry Pi Saves Printer From Junk Pile

June 13, 2024 by 53 Comments

Around here, printers have a life expectancy of about two years if we are lucky. But [techtipsy] has a family member who has milked a long life from an old Canon PIXMA printer. That is, until Microsoft or Canon decided it was too old to print anymore. With Windows 10, it took some hacking to get it to work, but Windows 11 was the death knell. Well, it would have been if not for [techtipsy’s] ingenuity with a Raspberry Pi.

The Pi uses Linux, and, of course, Linux will happily continue to print without difficulty. If you are Linux savvy, you can probably see where this is going.

Continue reading “Raspberry Pi Saves Printer From Junk Pile”

Embrace IPv6 Before Its Too Late?

June 8, 2024 by 96 Comments

Many hackers have familiar sayings in their heads, such as “If it ain’t broke, don’t fix it” and KISS (Keep it simple, stupid). Those of us who have been in the field for some time have habits that are hard to break. When it comes to personal networks, simplicity is key, and the idea of transitioning from IPv4 to IPv6 addresses seems crazy. However, with the increasing number of ‘smart’ devices, streaming media gadgets, and personal phones, finding IPv4 space for our IoT experiments is becoming difficult. Is it time to consider embracing IPv6?

The linked GitHub Gist by [timothyham] summarizes the essential concepts for home network admins to understand before making changes. The first major point is that IPv6 has a vastly larger address space than IPv4, eliminating the need to find spare IPv4 addresses. IPv6 assigns multiple addresses to the same interface. The 128-bit addresses are split into a 64-bit prefix assigned by your ISP and a 64-bit interface identifier. Using SLAAC (Stateless Address Autoconfiguration), clients can manage their own addresses. You don’t have to use SLAAC, but it will make life easier. The suffix typically remains static, allowing integration with a local DNS server.

Continue reading “Embrace IPv6 Before Its Too Late?”

Tunneling TCP By File Server

June 4, 2024 by 15 Comments

You want to pass TCP traffic from one computer to another, but there’s a doggone firewall in the way. Can they both see a shared file? Turns out, that’s all you need. Well, that and some software from [fiddyschmitt].

If you think about it, it makes sense. Unix treats most things as a file, so it is pretty easy to listen on a local TCP port and dump the data into a shared file. The other side reads the file and dumps the same data to the desired TCP port on its side. Another file handles data in the other direction. Of course, the details are a bit more than that, but that’s the basic idea.

Performance isn’t going to be wonderful, and the files keep growing until the program detects that they are bigger than 10 megabytes. When that happens, the program purges the file.

The code is written in C# and there are binaries for Windows and Linux on the release page. The examples show using shared files via Windows share and RDP, but we imagine any sort of filesystem that both computers can see would work. Having your traffic stuffed into a shared file is probably not great for security but, you know, you are already jumping a firewall, so…

Of course, no firewall can beat an air gap. Unless you can control the fans or an LED.

So What’s All This HaLow Long-Range WiFi About Then?

May 26, 2024 by 18 Comments

We’re all used to wireless networking, but if there’s one thing the ubiquitous WiFi on 2.4 or 5 GHz lacks, it’s range. Inside buildings, it will be stopped in its tracks by anything more than a mediocre wall, and outside, it can be difficult to connect at any useful rate more than a few tens of metres away without resorting to directional antennas and hope. Technologies such as LoRa provide a much longer range at the expense of minuscule bandwidth, but beyond that, there has been little joy. As [Andreas Spiess] points out in a recent video though, this is about to change, as devices using the so-called HaLow or IEEE 802.11ah protocol are starting to edge into the realm of affordability.

Perhaps surprisingly, he finds the 5 GHz variant to be best over a 1km test with a far higher bandwidth. However, we’d say that his use of directional antennas is something of a cheat. Where it does come into its own in his tests, though, is through masonry, with far better penetration across floors of a building. We think that this will translate to better outdoor performance when the line of sight is obstructed.

There’s one more thing he brings to our attention, which seasoned users of LoRA may already be aware of. These lower frequency allocations are different between the USA and Europe, so should you order one for yourself, it would make sense to ensure you have the appropriate model for your continent. Otherwise, we look forward to more HaLow devices appearing and the price falling even further because we think this will lead to some good work in future projects.

Continue reading “So What’s All This HaLow Long-Range WiFi About Then?”