Hacking Airline WiFi The Hard Way

We’ve all been there. You are on a flight, there’s WiFi, but you hate to pay the few bucks just to watch dog videos. What to do? Well, we would never suggest you engage in theft of service, but as an intellectual exercise, [Robert Heaton] had an interesting idea. Could the limited free use of the network be coopted to access the general internet? Turns out, the answer is yes.

Admittedly, it is a terrible connection. Here’s how it works. The airline lets you get to your frequent flier account. When there, you can change information such as your name. A machine on the ground can also see that change and make changes, too. That’s all it takes.

It works like a drop box. You take TCP traffic, encode it as fake information for the account and enter it. You then watch for the response via the same channel and reconstitute the TCP traffic from the remote side. Now the network is at your fingertips.

There’s more to it, but you can read about it in the post. It is slow, unreliable, and you definitely shouldn’t be doing it. But from the point of view of a clever hack, we loved it. In fact, [Robert] didn’t do it either. He proved it would work but did all the development using GitHub gist as the drop box. While we appreciate the hack, we also appreciate the ethical behavior!

Some airlines allow free messaging, which is another way to tunnel traffic. If you can connect to something, you can probably find a way to use it as a tunnel.

A Cute Sentry Scans Your Net For Scullduggery

As long as we get to make our own network security tools, why not make them look cute? Netgotchi may not be much more than an ESP8266 running network scans and offering up a honeypot service, but it smiles while sits on your desk and we think that’s swell.

Taking inspiration from a recent series of red-team devices that make hacking adorable, most obviously pwnagotchi (and arguably Flipper), Netgotchi lives on the light side of the Force. Right now, it enumerates the devices on your network and can alert you when anything sketchy joins in. We can totally imagine customizing this to include other network security or health checks, and extending the available facial expressions accordingly.

You might not always be thinking about your network, and if you’re like us, that’s probably just fine. But we love standalone displays that show one thing in an easily digestable manner, and this fits the bill, with a smile.

Raspberry Pi Saves Printer From Junk Pile

Around here, printers have a life expectancy of about two years if we are lucky. But [techtipsy] has a family member who has milked a long life from an old Canon PIXMA printer. That is, until Microsoft or Canon decided it was too old to print anymore. With Windows 10, it took some hacking to get it to work, but Windows 11 was the death knell. Well, it would have been if not for [techtipsy’s] ingenuity with a Raspberry Pi.

The Pi uses Linux, and, of course, Linux will happily continue to print without difficulty. If you are Linux savvy, you can probably see where this is going.

Continue reading “Raspberry Pi Saves Printer From Junk Pile”

Embrace IPv6 Before Its Too Late?

Many hackers have familiar sayings in their heads, such as “If it ain’t broke, don’t fix it” and KISS (Keep it simple, stupid). Those of us who have been in the field for some time have habits that are hard to break. When it comes to personal networks, simplicity is key, and the idea of transitioning from IPv4 to IPv6 addresses seems crazy. However, with the increasing number of ‘smart’ devices, streaming media gadgets, and personal phones, finding IPv4 space for our IoT experiments is becoming difficult. Is it time to consider embracing IPv6?

The linked GitHub Gist by [timothyham] summarizes the essential concepts for home network admins to understand before making changes. The first major point is that IPv6 has a vastly larger address space than IPv4, eliminating the need to find spare IPv4 addresses. IPv6 assigns multiple addresses to the same interface. The 128-bit addresses are split into a 64-bit prefix assigned by your ISP and a 64-bit interface identifier. Using SLAAC (Stateless Address Autoconfiguration), clients can manage their own addresses. You don’t have to use SLAAC, but it will make life easier. The suffix typically remains static, allowing integration with a local DNS server.

Continue reading “Embrace IPv6 Before Its Too Late?”

Tunneling TCP By File Server

You want to pass TCP traffic from one computer to another, but there’s a doggone firewall in the way. Can they both see a shared file? Turns out, that’s all you need. Well, that and some software from [fiddyschmitt].

If you think about it, it makes sense. Unix treats most things as a file, so it is pretty easy to listen on a local TCP port and dump the data into a shared file. The other side reads the file and dumps the same data to the desired TCP port on its side. Another file handles data in the other direction. Of course, the details are a bit more than that, but that’s the basic idea.

Performance isn’t going to be wonderful, and the files keep growing until the program detects that they are bigger than 10 megabytes. When that happens, the program purges the file.

The code is written in C# and there are binaries for Windows and Linux on the release page. The examples show using shared files via Windows share and RDP, but we imagine any sort of filesystem that both computers can see would work. Having your traffic stuffed into a shared file is probably not great for security but, you know, you are already jumping a firewall, so…

Of course, no firewall can beat an air gap. Unless you can control the fans or an LED.

So What’s All This HaLow Long-Range WiFi About Then?

We’re all used to wireless networking, but if there’s one thing the ubiquitous WiFi on 2.4 or 5 GHz lacks, it’s range. Inside buildings, it will be stopped in its tracks by anything more than a mediocre wall, and outside, it can be difficult to connect at any useful rate more than a few tens of metres away without resorting to directional antennas and hope. Technologies such as LoRa provide a much longer range at the expense of minuscule bandwidth, but beyond that, there has been little joy. As [Andreas Spiess] points out in a recent video though, this is about to change, as devices using the so-called HaLow or IEEE 802.11ah protocol are starting to edge into the realm of affordability.

Perhaps surprisingly, he finds the 5 GHz variant to be best over a 1km test with a far higher bandwidth. However, we’d say that his use of directional antennas is something of a cheat. Where it does come into its own in his tests, though, is through masonry, with far better penetration across floors of a building. We think that this will translate to better outdoor performance when the line of sight is obstructed.

There’s one more thing he brings to our attention, which seasoned users of LoRA may already be aware of. These lower frequency allocations are different between the USA and Europe, so should you order one for yourself, it would make sense to ensure you have the appropriate model for your continent. Otherwise, we look forward to more HaLow devices appearing and the price falling even further because we think this will lead to some good work in future projects.

Continue reading “So What’s All This HaLow Long-Range WiFi About Then?”

Squeeze Another Drive Into A Full-Up NAS

A network-attached storage (NAS) device is a frequent peripheral in home and office networks alike, yet so often these devices come pre-installed with a proprietary OS which does not lend itself to customization. [Codedbearder] had just such a NAS, a Terramaster F2-221, which while it could be persuaded to run a different OS, couldn’t do so without an external USB hard drive. Their solution was elegant, to create a new backplane PCB which took the same space as the original but managed to shoehorn in a small PCI-E solid-state drive.

The backplane rests in a motherboard connector which resembles a PCI-E one but which carries a pair of SATA interfaces. Some investigation reveals it also had a pair of PCI-E lanes though, so after some detective work to identify the pinout there was the chance of using those. A new PCB was designed, cleverly fitting an M.2 SSD exactly in the space between two pieces of chassis, allowing the boot drive to be incorporated without annoying USB drives. The final version of the board looks for all the world as though it was meant to be there from the start, a truly well-done piece of work.

Of course, if off-the-shelf is too easy for you, you can always build your own NAS.