Wireless Hacks

1047 Articles

Hacking On The Weirdest ESP Module

February 13, 2017 by 33 Comments

Sometimes I see a component that’s bizarre enough that I buy it just to see if I can actually do something with it. That’s the case with today’s example, the ESP-14. At first glance, you’d ask yourself what AI Thinker, the maker of many of the more popular ESP8266 modules, was thinking.

The ESP-14 takes the phenomenally powerful ESP8266 chip and buries it underneath one of the cheapest microcontrollers around: the 8-bit STM8S003 “value line” chip. Almost all of the pins of the ESP chip are locked inside the RF cage’s metal tomb — only the power, bootloader, and serial TX/RX pins see the light of day, and the TX/RX pins are shared with the STM8S. The rest of the module’s pins are dedicated to the STM8S. Slaving the ESP8266 to an STM8S is like taking a Ferrari and wrapping it inside a VW Beetle.

I had never touched an STM8 chip before, and just wanted to see what I could do with this strange beast. In the end, ironically, I ended up doing something that wouldn’t be too far out of place on Alibaba, but with a few very Hackaday twists: a monitor for our washer and dryer that reports power usage over MQTT, programmed in Forth with a transparent WiFi serial bridge into the chip for interactive debugging without schlepping down into the basement. Everything’s open, tweakable, and the Forth implementation for the STM8S was even developed here on Hackaday.io.

It’s a weird project for the weirdest of ESP modules. I thought I’d walk you through it and see if it sparks you to come up with any alternative uses for the ESP8266-and-STM8S odd couple that is the ESP-14.

Continue reading “Hacking On The Weirdest ESP Module”

Ham Radio Trips Circuit Breakers

February 6, 2017 by 66 Comments

Arc-fault circuit breakers are a boon for household electrical safety. The garden-variety home electrical fire is usually started by the heat coming from a faulty wire arcing over. But as any radio enthusiast knows, sparks also give off broadband radio noise. Arc-fault circuit interrupters (AFCI) are special circuit breakers that listen for this noise in the power line and trip when they hear it. The problem is that they can be so sensitive that they cut out needlessly. Check out the amusing video below the break.

Our friend [Martin] moved into a new house, and discovered that he could flip the breakers by transmitting on the 20-meter band. “All the lights in the place went out and my rig switched over to battery. I thought it was strange as I was certainly drawing less than 20 A. I reset the breakers and keyed up again. I reset the breakers again and did a [expletive] Google search.” Continue reading “Ham Radio Trips Circuit Breakers”

Jamming WiFi By Jumping On The ACK

February 3, 2017 by 27 Comments

As we fill our airwaves with more and more wirelessly connected devices the question of what could disrupt this systems becomes more and more important. Here’s a particularly interesting example because the proof of concept shows that you don’t need specialized hardware to pull it off. [Bastian Bloessl] found an interesting tweak to previous research that allows an Atheros WiFi card to jam WiFi by obscuring ACK frames.

The WiFi protocol specifies an Acknowledgement Frame (ACK) which is sent by the receiving device after error correction has been performed. It basically says: “yep, I got that data frame and it checks out”. This error correcting process turns out to be the key to [Bastian’s] technique as it provides time for the attack hardware to decide if it’s going to jam the ACK or not.

The jamming technique presented by [Mathy Vanhoef] at the end 2014 outlined both constant and selective jamming. The selective part involved listening for data packets and analyzing them to determine if they are headed to a MAC the attacker wishes to jam. The problem is that by the time your commodity hardware has decoded that address it’s too late to jam the packet. [Bastian] isn’t trying to jam the data frame, he’s jamming the ACK that the receiver sends back. Without that acknowledgement, the sender will not transmit any new data frames as it assumes there is a problem on the receiving end.

SDR And Node.js Remote-Controlled Monster Drift

January 30, 2017 by 9 Comments

Most old-school remote controlled cars broadcast their controls on 27 MHz. Some software-defined radio (SDR) units will go that low. The rest, as we hardware folks like to say, is a simple matter of coding.

So kudos to [watson] for actually doing the coding. His monster drift project starts with the basics — sine and cosine waves of the right frequency — and combines them in just the right durations to spit out to an SDR, in this case a HackRF. Watch the smile on his face as he hits the enter key and the car pulls off an epic office-table 180 (video embedded below).

Continue reading “SDR And Node.js Remote-Controlled Monster Drift”

Reprogramming Bluetooth Headphones For Great Justice

January 30, 2017 by 29 Comments

Like a lot of mass-produced consumer goods, it turns out that the internal workings of Bluetooth headphones are the same across a lot of different brands. One common Bluetooth module is the CSR8645, which [lorf] realized was fairly common and (more importantly) fairly easy to modify. [lorf] was able to put together a toolkit to reprogram this Bluetooth module in almost all of these headphones.

This tip comes to us from [Tigox] who has already made good use of [lorf]’s software. Using the toolkit, he was able to reprogram his own Bluetooth headphones over a USB link to his computer. After downloading and running [lorf]’s program, he was able to modify the name of the device and, more importantly, was able to adjust the behavior of the microphone’s gain which allowed him to have a much more pleasant user experience.

Additionally, the new toolkit makes it possible to flash custom ROMs to CSR Bluetooth modules. This opens up all kinds of possibilities, including the potential to use a set of inexpensive headphones for purposes other than listening to music. The button presses and microphones can be re-purposed for virtually any task imaginable. Of course, you may be able to find cheaper Bluetooth devices to repurpose, but if you just need to adjust your headphones’ settings then this hack will be more useful.

[Featured and Thumbnail Image Source by JLab Audio LLC – jlabaudio.com, CC BY-SA 4.0]

Bluetooth Automation Remote Hangs Around

January 28, 2017 by 7 Comments

Using your smartphone to control your home automation system gives you a lot of flexibility. But for something as simple as turning the lights on and off, it can be a pain to go through the whole process of unlocking your phone, choosing the right browser page or app, and then finally hitting the button you need. It’d be much simpler if it could all be done at the touch of a single, physical button – but phones don’t have many of those anymore. [falldeaf] brings the solution – a four-button Bluetooth remote for your smartphone that’s wearable, to boot.

The project is built around the RFDuino, an Arduino platform used for quickly and easily building Bluetooth compatible projects. So far, so simple – four buttons wired into a microcontroller with wireless capability onboard. The real trick is the 3D-printed clothespin style case which allows you to clip the four-button remote onto your clothes. [falldeaf]’s first attempt was a palm-mounted setup that they found got in the way of regular tasks; we agree that the wearable version offers a serious upgrade in utility.

The smartphone side of things is handled with a custom app [falldeaf] coded using PhoneGap. This is where actions for the buttons can be customized, including using the buttons to navigate a menu system to enable the user to select more than just one function per button. It adds a high level of flexibility, so you can create all kinds of macros to control your whole home automation system from your button clip.

It’s really great to see a project that considers ergonomics and usability above and beyond just creating the baseline functionality. Follow this train of thought and you’ll find yourself enjoying your projects in the use phase well beyond the initial build. Another great example is this self-charging electrically heated jacket. Video after the break.

Continue reading “Bluetooth Automation Remote Hangs Around”

Voltmeter Speaks MQTT Without Libraries

January 25, 2017 by 8 Comments

[Emilio Ficara] [built himself an Internet-connected MQTT multimeter](http://ficara.altervista.org/) (translated from Italian by robots). Or maybe we should say that [Emilio Ficara] undertook a long string of cool hacks that ended up in a WiFi-enabled multimeter, because the destination isn’t nearly as interesting as the voyage.

debugtool-sch

The multimeter, a DT-4000ZC, has a serial output but instead of transferring the data directly, it sends which cells on the LCD screen need to be activated. For testing along the way, [Emilio] used his own USB-serial-to-ESP01 dongle, which sounds like a useful tool to have around if you’re debugging an AT command session. He made a cute AVR SPI-port debugging aid with a reset button and diagnostic LEDs that we’re going to copy right now. Other home-made tools, like a 3.7V Li-ion battery manager and a serial data snooper make this project worth a look.

Continue reading “Voltmeter Speaks MQTT Without Libraries”