Slider

4361 Articles

This Week In Security: Dating App, WooCommerce, And OpenSSH

July 21, 2023 by 4 Comments

Up first this week is a report from vpnMentor, covering the unsecured database backing a set of dating apps, including 419 Dating. The report is a bit light on the technical details, like what sort of database this was, or how exactly it was accessed. But the result is 2.3 million exposed records, containing email address, photos — sometimes explicit, and more. Apparently also exposed were server backups and logs.

The good news here is that once [Jeremiah Fowler] discovered the database door unlocked and hanging open, he made a disclosure, and the database was secured. We can only hope that it wasn’t discovered by any bad actors in the meantime. The app has now disappeared from the Google Play store, and had just a bit of a sketchy air about it.

WooCommerce Under Siege

Back in March, CVE-2023-28121 was fixed in the WooCommerce plugin for WordPress. The issue here is an authentication bypass that allows an unauthenticated user to commandeer other user accounts.

Within a few months, working exploits had been derived from the details of the patch plugging the hole. It wasn’t hard. A function for determining the current user was explicitly trusting the contents of the X-WCPAY-PLATFORM-CHECKOUT-USER request header. Set that value in a request sent to the server, and ding, you’re administrator.

And now the cows are coming home to roost. Active exploitation started in earnest on July 14, and the folks at Wordfence clocked a staggering 1.3 million exploitation attempts on the 16th. What’s particularly interesting is that the Wordfence data gathering system saw a huge increase in requests for the readme.txt file that indicates the presence of the WooCommerce plugin on a WordPress site. These requests were observed before the attacks got started, making for an interesting early warning system. Continue reading “This Week In Security: Dating App, WooCommerce, And OpenSSH”

PCIe For Hackers: An M.2 Card Journey

July 20, 2023 by 22 Comments

I’ve designed a few M.2 adapters for my own and my friends’ use, and having found those designs online, people have asked me for custom-made adapters. One of these requests is quite specific – an adapter that adds one more PCIe link to an E-key M.2 slot, the kind of slot you will see used in laptops for WiFi cards.

See, the M.2 specification allows two separate PCIe links connected to the E-key slot; however, no WiFi cards use this apart from some really old WiGig-capable ones, and manufacturers have long given up on connecting a second link. Nevertheless, there are some cards like the Google Coral M.2 E-key dual AI accelerator and the recently announced uSDR, that do indeed require the second link – otherwise, only half of their capacity is available.

It’s not clear why both Google and WaveletSDR designed for a dual-link E-key socket, since those are a rare occurrence; for the Google card, there are plenty of people complaining that the board they bought just doesn’t fully work. In theory, all you need to do to help such a situation, is getting a second PCIe link from somewhere, then wiring it up to the socket – and a perfect way to do it is to get a PCIe switch chip. You will lose out on some bandwidth because the uplink PCIe connection of the switch can only go so fast; for things like this AI accelerator, it’s not much of a problem since the main point is to get the second device accessible. For the aforementioned SDR, it might turn out useless, or you might win some but lose some – can’t know until you try! Continue reading “PCIe For Hackers: An M.2 Card Journey”

Hackaday Prize 2023: Meet The Assistive Tech Finalists

July 19, 2023 by 8 Comments

If you’re still toiling away at your entry for the Gearing Up Challenge of the 2023 Hackaday Prize, don’t panic! No, you haven’t lost track of time — due to some technical difficulties we had to delay the final judging for the Assistive Tech Challenge that ended May 30th.

Today we’re pleased to announce that all the votes are in, and we’re ready to unveil the ten projects that our panel of judges felt best captured the spirit of this very important challenge. Each of these projects will take home $500 and move on to the final round of judging. There are few more noble pursuits than using your talents to help improve the lives of others, so although we could only pick ten finalists, we’d like to say a special thanks to everyone who entered this round.

Continue reading “Hackaday Prize 2023: Meet The Assistive Tech Finalists”

Smart Assistants Need To Get Smarter

July 19, 2023 by 81 Comments

Science fiction has regularly portrayed smart computer assistants in a fanciful way. HAL from 2001: A Space Odyssey and J.A.R.V.I.S. from the contemporary Iron Man films are both great examples. They’re erudite, wise, and capable of doing just about any reasonable task that is asked of them, short of opening the pod bay doors.

Cut back to reality, and you’ll only be disappointed at how useless most voice assistants are. It’s been twelve long years since Siri burst onto the scene, with Alexa and Google Assistant following years later. Despite years on the market, their capabilities remain limited and uninspiring. It’s time for voice assistants to level up.

Continue reading “Smart Assistants Need To Get Smarter”

Crab Shells Massively Improve Zinc-Ion Batteries

July 18, 2023 by 32 Comments

In the fast-moving world of battery research, scientists are constantly on the lookout for innovative materials with the right properties to help improve energy storage. Meanwhile, batteries are in greater demand than ever as production of EVs and renewable energy projects ramp up to new heights.

In the hunt for new and better battery materials, scientists found an unexpected hero: crab shells.Researchers at the University of Maryland have uncovered a remarkable breakthrough by exploring their use in battery production.

Continue reading “Crab Shells Massively Improve Zinc-Ion Batteries”

Discussing The Finer Points Of Space-Worthy Software

July 17, 2023 by 28 Comments

At the dawn of the Space Race, when computers were something that took up whole rooms, satellites and probes had to rely on analog electronics to read from their various sensors and transmit the resulting data to the ground. But it wasn’t long before humanity’s space ambitions outgrew these early systems, which lead to vast advancements in space-bound digital computers in support of NASA’s Gemini and Apollo programs. Today, building a spacecraft without an onboard computer (or even multiple redundant computers) is unheard of. Even the smallest of CubeSats is likely running Linux on a multi-core system.

Jacob Killelea

As such, software development has now become part an integral part of spacecraft design — from low-level code that’s responsible for firing off emergency systems to the 3D graphical touchscreen interfaces used by the crew to navigate the craft. But as you might expect, the stakes here are higher than any normal programming assignment. If your code locks up here on Earth, it’s an annoyance. If it locks up on a lunar lander seconds before it touches down on the surface, it could be the end of the mission.

To get a bit more insight into this fascinating corner of software development, we invited Jacob Killelea to host last week’s
Software for Satellites Hack Chat. Jacob is an engineer with a background in both aero and thermodynamics, control systems, and life support. He’s written code for spacecraft destined for the Moon, and perhaps most importantly, is an avid reader of Hackaday.

Continue reading “Discussing The Finer Points Of Space-Worthy Software”

DisplayPort: Under The Hood

July 17, 2023 by 14 Comments

Last time, we looked at all the things that make DisplayPort unique for its users. What about the things that make it unique for hackers? Let’s get into all the ways that DisplayPort can serve you on your modern tech wrangling adventures.

You Are Watching The AUX Channel

With DisplayPort, the I2C bus we’ve always seen come bundled with VGA, DVI and HDMI, is no more – it’s been replaced by the AUX bus. AUX is a 1 MHz bidirectional diffpair – just a bit too complex for a cheap logic analyzer, though, possibly, something you could wrangle with the RP2040’s PIOs. Hacking thoughts aside, it’s a transparent replacement for I2C, so that software doesn’t have to be rewritten – for instance, it usually does I2C device passthrough over AUX, so that EDID data can still be stored in a separate EEPROM chip on the monitor or eDP LCD panel.

AUX isn’t just a differential bus, it’s more pseudodifferential, like USB2 – for instance, AUX_P and AUX_N are used separately, with a combination of 1 MΩ and 100 kΩ pullups and pulldowns signaling different states of the physical connection – for instance, a pullup on AUX+ and a pulldown on AUX- means that an external device has been connected. If you’d like to learn which combination of resistors means what, you can find in the DisplayPort specification, which isn’t distributed openly but isn’t hard to come by, either.

Also, DisplayPort link training happens over AUX, and in order to facilitate that, a piece of DisplayPort controller’s external memory is usually exposed over the AUX channel, through a mechanism that’s called DPCD. If you dig a bit, using “DPCD” as the keyword, you can easily reach into the lower-level details of your DisplayPort connection. Some of the DPCD memory map is static, and some parts are FIFOs you can funnel data into, or out of. You can find a wide variety of documents online which describe the DPCD structure – for now, here’s a piece of Bash that works on Linux graphics drivers for AMD and Intel, and will show you you the first 16 bytes of DPCD:

# sudo dd if=/dev/drm_dp_aux0 bs=1 skip=256 count=16 |xxd
00000000: 0084 0000 0000 0000 0108 0000 0000 0000 ................
[...]

In particular, the 4th nibble (digit) here describes the amount of lanes for the DisplayPort link established – as you can see, my laptop uses a four-lane link. Also, the /dev/drm_dp_aux0 path might need to be adjusted for your device. In case you ever want to debug your DP link, having direct access to the DPCD memory space like this might help you quite a bit! For now, let’s move onto other practical aspects. Continue reading “DisplayPort: Under The Hood”