Sir, It Appears We’ve Been Jammed!

March 30, 2017 by James Hobson 43 Comments

In a move that would induce ire in Lord Helmet, [Kedar Nimbalkar] has recreated Instructables user spacehun’s version of WiFi jammer that comes with a handful of features certain to frustrate whomever has provoked its wrath.

The jammer is an ESP8266 development board — running some additional custom code — accessed and controlled by a cell phone. From the interface, [Nimbalkar] is able to target a WiFi network and boot all the devices off the network by de-authenticating them. Another method is to flood the airspace with bogus SSIDs to make connecting to a valid network a drawn-out affair.

This kind of signal interruption is almost certainly illegal where you live. It does no permanent damage, but once again raises the existing deauth exploit and SSID loophole. [Nimbalkar]’s purpose in recreating this was for educational purposes and to highlight weaknesses in 802.11 WiFi protocols. The 802.11w standard should alleviate some of our fake deauth woes by using protected frames. Once the device authenticates on a network it will be able to detect fake deauth packets.

We featured a more targeted version of this hack that can be done using a PC — even targeting itself! And more recently there was a version that can target specific devices by jumping on the ACK.

Continue reading “Sir, It Appears We’ve Been Jammed!” →

3G To WiFi Bridge Brings The Internet

March 28, 2017 by Elliot Williams 39 Comments

[Afonso]’s 77-year-old grandmother lives in a pretty remote location, with only AM/FM radio reception and an occasionally failing landline connecting her to the rest of the world. The nearest 3G cell tower is seven kilometers away and unreachable with a cell phone. But [Afonso] was determined to get her up and running with video chats to distant relatives. The solution to hook granny into the global hive mind? Build a custom antenna to reach the tower and bridge it over to local WiFi using a Raspberry Pi.

The first step in the plan was to make sure that the 3G long-shot worked, so [Afonso] prototyped a fancy antenna, linked above, and hacked on a connector to fit it to a Huawei CRC-9 radio modem. This got him a working data connection, and it sends a decent 4-6 Mbps, enough to warrant investing in some better gear later. Proof of concept, right?

On the bridging front, he literally burned through a WR703N router before slapping a Raspberry Pi into a waterproof box with all of the various radios. The rest was a matter of configuration files, getting iptables to forward the 3G radio’s PPP payloads over to the WiFi, and so on. Of course, he wants to remotely administer the box for her, so he left a permanent SSH backdoor open for administration. Others of you running remote Raspberry Pis should check this out.

We think it’s awesome when hackers take connectivity into their own hands. We’ve seen many similar feats with WiFi, and indeed [Afonso] had previously gone down that route with a phased array of 24 dBi dishes. In the end, the relatively simple 3G Pi-and-Yagi combo won out.

Part two of the project, teaching his grandmother to use an Android phone, is already underway. [Afonso] reports that after running for two weeks, she already has an Instagram account. We call that a success!

Cheap Smarthome Gadget(s) Hacked Into Zigbee Sniffer

March 27, 2017 by Elliot Williams 7 Comments

French hacker [akila] is building up a home automation system. In particular, he’s been working with the “SmartHome” series of gadgets made by Chinese smartphone giant, Xiaomi. First, he started off by reverse-engineering their very nicely made temperature and humidity sensor. (Original in French, hit the translate button in the lower right.) With that under his belt, he opened up the PIR motion sensor unit to discover that it has the same debugging pinouts and the same processor. Almost too easy.

For a challenge, [akila] decided it was time to implement something useful in one of these gadgets: a ZigBee sniffer so that he can tell what’s going on in the rest of his home network. He built a USB/serial programming cable to work with the NXP JN5169’s bootloader, downloaded the SDK, and rolled up his sleeves to get to work.

While trolling through the SDK, he found some interesting firmware called “JennicSniffer”. Well, that was easy. There’s a demo version of a protocol analyzer that he used. It would be cool to get this working with Wireshark, but that’s a project for another day. [Akila] got far enough with the demo analyzer to discover that the packets sent by the various devices in the home network are encrypted. That’s good news for the security-conscious out there and stands as the next open item on [akila]’s to-do list.

We don’t see as many ZigBee hacks as we’d expect, but they’ve definitely got a solid niche in home automation because of commercial offerings like Philips Hue and Wink. And of course, there’s the XBee line of wireless communications modules. We just wrote up a ZigBee hack that aims to work with the Hue system, though, so maybe times are changing?

Ask Hackaday: Frequency Hopping On The NRF24l01+?

March 21, 2017 by Elliot Williams 50 Comments

We’ve seen a lot of hacks with the nRF24l01+ 2.4 GHz radio modules. The tiny chips pack a lot of bang for the buck. Since the radios can switch frequencies relatively quickly, [Shubham Paul] decided to take advantage of this feature to make a rudimentary frequency-hopping communications channel.

The code is actually incredibly simple. Both the transmitter and receiver simply scan up and down over the defined channels. Because the clock speeds of any given pair of Arduinos are likely to be slightly different, it’s not a surprise that the radios eventually drift out of sync. Right now, as a quickie solution, [Shubham] is using a serial-port resynchronization: both are connected to the same computer, and he just tells them to get on the same channel. That’s not a horribly satisfying workaround. (But it’s a great start!)

Keeping two radios that are continually swapping channels in sync is no easy task, but it could possibly be made easier by taking advantage of the nRF’s acknowledge mode. If the delay between a sent acknowledge message and a received one were constant, these events (one on TX and one on RX) could be used to re-sync the two hopping cycles. All of this would probably require more temporal resolution than you’re going to get out of a microprocessor running Arduino code, but should be possible using hardware timers. But this is pure speculation. We briefly looked around and couldn’t find any working demos.

So Hackaday, how would you remotely sync two nRF24s on the cheap? Or is this a crazy idea? It might help to make transmissions more reliable in the face of 2.4 GHz band interference. Has anyone implemented their own frequency hopping scheme for the nRF24l01+?

Configure ESP8266 Wifi With WiFiManager

March 18, 2017 by Al Williams 39 Comments

There’s no doubt that the ESP8266 has made creating little WiFi widgets pretty easy. However, a lot of projects hard code the access point details into the device. There’s a better way to do it: use the WiFiManager library. [Witnessmenow] has a good tutorial and a two-minute video (which you can see below).

Hard coding is fine if you are just tinkering around. However, if you are going to send your device away (or even take it with you somewhere) you probably don’t want to reprogram it every time you change access points. This problem is even worse if you plan on a commercial product. WiFiManager does what a lot of commercial devices do. It initially looks like an access point. You can connect to it using a phone or other WiFi device. Then you can configure it to join your network by setting the network ID, password, etc.

Continue reading “Configure ESP8266 Wifi With WiFiManager” →

Retrotechtacular: How Old Is The Remote?

March 16, 2017 by Al Williams 69 Comments

A few weeks ago we covered a (probably) bogus post about controlling a TV with the IR from a flame. That got us thinking about what the real origin of the remote control was. We knew a story about the 38 kHz frequency commonly used to modulate the IR. We’ve heard that it was from sonar crystals used in earlier sonic versions of remotes. Was that true? Or just an urban myth? We set out to find out.

Surprise! Remotes are Old!

If you are a younger reader, you might assume TVs have always had remotes. But for many of us, remotes seem like a new invention. If you grew up in the middle part of the last century it is a good bet you were your dad’s idea of a remote control: “Get up and turn the channel!” Turns out remotes have been around for a long time, though. They just weren’t common for a long time.

If you really want to stretch back, [Oliver Lodge] used a radio to move a beam of light in 1894. In 1896, [Marconi] and some others made a bell ring by remote control. [Tesla] famously showed a radio-controlled boat in 1898. But none of these were really remote controls like we think of for a television.

Of course, TV wouldn’t be around for a while, but by the 1930’s many radio manufacturers had wired remotes for radios. People didn’t like the wires, so Philco introduced the Mystery Control in 1939. This used digital pulse coding and a radio transmitter. That’s a fancy way of saying it had a dial like an old telephone. As far as we can tell, this was the first wireless remote for a piece of consumer equipment.

Continue reading “Retrotechtacular: How Old Is The Remote?” →

Robot Hand Goes Wireless

March 13, 2017 by Al Williams 7 Comments

We can’t decide if [MertArduino’s] robotic hand project is more art or demonstration project. The construction using springs, fishing line, and servo motors isn’t going to give you a practical hand that could grip or manipulate anything significant. However, the project shows off a lot of interesting construction techniques and is a fun demonstration for using nRF24L01 wireless in a project. You can see a video of the contraption, below.

A glove uses homemade flex sensors to send wireless commands to the hand. Another Arduino drives an array of servo motors that make the fingers flex. You don’t get fine control, nor any real grip strength, but the hand more or less will duplicate your movements. We noticed one finger seemed poorly controlled, but we suspect that was one of the homemade flex sensors going rouge.

Continue reading “Robot Hand Goes Wireless” →