Software Hacks

948 Articles

Screenshot of Linux in a PDF in a browser

Nice PDF, But Can It Run Linux? Yikes!

February 10, 2025 by 21 Comments

The days that PDFs were the granny-proof Swiss Army knives of document sharing are definitely over, according to [vk6]. He has managed to pull off the ultimate mind-bender: running Linux inside a PDF file. Yep, you read that right. A full Linux distro chugging along in a virtual machine all encapsulated within a document. Just when you thought running DOOM was the epitome of it. You can even try it out in your own browser, right here. Mind-boggling, or downright Pandora’s box?

Let’s unpack how this black magic works. The humble PDF file format supports JavaScript – with a limited standard library, mind you. By leveraging this, [vk6] managed to compile a RISC-V emulator (TinyEMU) into JavaScript using an old version of Emscripten targeting asm.js instead of WebAssembly. The emulator, embedded within the PDF, interfaces with virtual input through a keyboard and text box.

The graphical output is ingeniously rendered as ASCII characters – each line displayed in a separate text field. It’s a wild solution but works astonishingly well for something so unconventional.

Security-wise, this definitely raises eyebrows. PDFs have long been vectors for malware, but this pushes things further: PDFs with computational power. We know not to trust Word documents, whether they just capable of running Doom, or trash your entire system in a blink. This PDF anomaly unfolds a complete, powerful operating system in front of your very eyes. Should we think lightly, and hope it’ll lead to smarter, more interactive PDFs – or will it bring us innocent looking files weaponized for chaos?

Curious minds, go take a look for yourself. The project’s code is available on GitHub.

Continue reading “Nice PDF, But Can It Run Linux? Yikes!”

Basically, It’s BASIC

February 10, 2025 by 36 Comments

The BASIC language may be considered old-hat here in 2025, and the days when a computer came as a matter of course with a BASIC interpreter are far behind us, but it can still provide many hours of challenge and fun. Even with our love of all things 8-bit, though, we’re still somewhat blown away by [Matthew Begg]’s BASIC interpreter written in 10 lines of BASIC. It’s an entry in the BASIC 10-liner competition, and it’s written to run on a Sinclair ZX Spectrum.

The listing can be viewed as a PNG file on the linked page. It is enough to cause even the most seasoned retrocomputer enthusiasts a headache because, as you might expect, it pushes the limits of the language and the Sinclair interpreter.  It implements Tiny Basic as a subset of the more full-featured BASICs, and he’s the first to admit it’s not fast by any means. He gives a line-by-line explanation, and yes, it’s about as far away from the simple Frogger clones we remember bashing in on our Sinclairs as it’s possible to get.

We love it that there are still boundaries to be pushed, even on machines over four decades old, and especially that this one exceeds what we thought was a pretty good knowledge of Sinclair BASIC. Does this language still have a place in the world? We always look forward to the BASIC 10-liner competition.

Header: background by Bill Bertram, CC BY-SA 2.5.

Handy Online Metric Screw, Nut, And Washer Generator

January 31, 2025 by 19 Comments

For those times when you could really use a quick 3D model, this metric screw generator will do the trick for screws between M2 and M16 with matching nuts and washers. Fastener hardware is pretty accessible, but one never knows when a 3D printed piece will hit the spot. One might even be surprised what can be usefully printed on a decent 3D printer at something like 0.08 mm layer height.

Behind the scenes, [Jason]’s tool is an OpenSCAD script with a very slick web-based interface that allows easy customization of just about any element one might need to adjust, including fine-tuning the thread sizing. We’re fans of OpenSCAD here and appreciate what’s going on behind the scenes, but one doesn’t need to know anything about it to use the online tool.

Generated models can be downloaded as .3mf or .stl, but if you really need a CAD model you’re probably best off looking up a part and downloading the matching 3D model from a supplier like McMaster-Carr.

Prefer to just use the OpenSCAD script yourself, instead of the web interface? Select “Download STL/CAD Files” from the dropdown of the project page to download ScrewGenerator.scad for local use, and you’re off to the races.

Taylorator Makes Mischief On The Airwaves

January 29, 2025 by 33 Comments

[Stephen] recently wrote in to share his experiments with using the LimeSDR mini to conduct a bit of piracy on the airwaves, and though we can’t immediately think of a legitimate application for spamming the full FM broadcast band simultaneously, we can’t help but be fascinated by the technique. Called the Taylorator, as it was originally intended to carpet bomb the dial with the collected works of Taylor Swift on every channel, the code makes for some interesting reading if you’re interested in the transmission-side of software defined radio (SDR).

The write-up talks about the logistics of FM modulation, and how quickly the computational demands stack up when you’re trying to push out 100 different audio streams at once. It takes a desktop-class CPU to pull it off in real-time, and eats up nearly 4 GB of RAM.

You could use this project to play a different episode of the Hackaday Podcast on every FM channel at once, but we wouldn’t recommend it. As [Stephen] touches on at the end of the post, this is almost certainly illegal no matter where you happen to live. That said, if you keep the power low enough so as not to broadcast anything beyond your home lab, it’s unlikely anyone will ever find out.

Continue reading “Taylorator Makes Mischief On The Airwaves”

Prompt Injection Tricks AI Into Downloading And Executing Malware

January 26, 2025 by 8 Comments

[wunderwuzzi] demonstrates a proof of concept in which a service that enables an AI to control a virtual computer (in this case, Anthropic’s Claude Computer Use) is made to download and execute a piece of malware that successfully connects to a command and control (C2) server. [wonderwuzzi] makes the reasonable case that such a system has therefore become a “ZombAI”. Here’s how it worked.

Referring to the malware as a “support tool” and embedding instructions into the body of the web page is what got the binary downloaded and executed, compromising the system.

After setting up a web page with a download link to the malicious binary, [wunderwuzzi] attempts to get Claude to download and run the malware. At first, Claude doesn’t bite. But that all changes when the content of the HTML page gets rewritten with instructions to download and execute the “Support Tool”. That new content gets interpreted as orders to follow; being essentially a form of prompt injection.

Claude dutifully downloads the malicious binary, then autonomously (and cleverly) locates the downloaded file and even uses chmod to make it executable before running it. The result? A compromised machine.

Now, just to be clear, Claude Computer Use is experimental and this sort of risk is absolutely and explicitly called out in Anthropic’s documentation. But what’s interesting here is that the methods used to convince Claude to compromise the system it’s using are essentially the same one might take to convince a person. Make something nefarious look innocent, and obfuscate the true source (and intent) of the directions. Watch it in action from beginning to end in a video, embedded just under the page break.

Continue reading “Prompt Injection Tricks AI Into Downloading And Executing Malware”

Brick Layer Post-Processor, Promising Stronger 3D Prints, Now Available

January 23, 2025 by 45 Comments

Back in November we first brought you word of a slicing technique by which the final strength of 3D printed parts could be considerably improved by adjusting the first layer height of each wall so that subsequent layers would interlock like bricks. It was relatively easy to implement, didn’t require anything special on the printer to accomplish, and testing showed it was effective enough to pursue further. Unfortunately, there was some patent concerns, and it seemed like nobody wanted to be the first to step up and actually implement the feature.

Well, as of today, [Roman Tenger] has decided to answer the call. As explained in the announcement video below, the company that currently holds the US patent for this tech hasn’t filed a European counterpart, so he feels he’s in a fairly safe spot compared to other creators in the community. We salute his bravery, and wish him nothing but the best of luck should any lawyer come knocking.

So how does it work? Right now the script supports PrusaSlicer and OrcaSlicer, and the installation is the same in both cases — just download the Python file, and go into your slicer’s settings under “Post-Processing Scripts” and enter in its path. As of right now you’ll have to provide the target layer height as an option to the script, but we’re willing to bet that’s going to be one of the first things that gets improved as the community starts sending in pull requests for the GPL v3 licensed script.

There was a lot of interest in this technique when we covered it last, and we’re very excited to see an open source implementation break cover. Now that it’s out in the wild, we’d love to hear about it in the comments if you try it out.

Continue reading “Brick Layer Post-Processor, Promising Stronger 3D Prints, Now Available”

It’s Never Too Late For A Fixed SimCity 2000

January 23, 2025 by 32 Comments

Some retro games need a little help running on modern systems, and it’s not always straightforward. SimCity 2000 Special Edition is one such game and [araxestroy]’s sc2kfix bugfix DLL shows that the process can require a nontrivial amount of skill and finesse. The result? A SimCity 2000 Special Edition that can run without crash or compromise on modern Windows machines, surpassing previous fixes.

SimCity 2000 Special Edition was a release for Windows 95 that allowed the game to work in windowed glory. The executable is capable of running under modern Windows systems (and at high resolutions!) but it’s got a few problems lurking under the hood.

There are crash issues during save/load dialog boxes, and a big visual problem. Animations rely on palette swapping for the game’s animations, and the technique originally used simply does not work right on modern displays. A fellow named [Guspaz] created SC2KRepainter to partially deal with this by forcing window redraws, but it’s an imperfect fix with a few side effects of it’s own.

[araxestroy]’s new solution eliminates dialog crashes and restores the animations, letting them look exactly as they should even on modern systems. It does this elegantly not by patching the executable or running a separate process, but by making the changes in memory at runtime with the help of a specially-crafted .dll file. Just grab winmm.dll from the latest release and put it into the same folder as simcity.exe, then launch the game to enjoy it as the designers intended!

Patching old games is a scene that helps ensure not only that classics never die, but also helps them be appreciated in new ways. Heck, even E.T. for the Atari 2600 has gotten tweaked, highlighting the misunderstood nature of the game in the process.