ESP8266 And ESP32 WiFi Hacked!

September 5, 2019 by Elliot Williams 48 Comments

[Matheus Garbelini] just came out with three (3!) different WiFi attacks on the popular ESP32/8266 family of chips. He notified Espressif first (thanks!) and they’ve patched around most of the vulnerabilities already, but if you’re running software on any of these chips that’s in a critical environment, you’d better push up new firmware pretty quick.

The first flaw is the simplest, and only effects ESP8266s. While connecting to an access point, the access point sends the ESP8266 an “AKM suite count” field that contains the number of authentication methods that are available for the connection. Because the ESP doesn’t do bounds-checking on this value, a malicious fake access point can send a large number here, probably overflowing a buffer, but definitely crashing the ESP. If you can send an ESP8266 a bogus beacon frame or probe response, you can crash it.

What’s most fun about the beacon frame crasher is that it can be implemented on an ESP8266 as well. Crash-ception! This takes advantage of the ESP’s packet injection mode, which we’ve covered before.

The second and third vulnerabilities exploit bugs in the way the ESP libraries handle the extensible authentication protocol (EAP) which is mostly used in enterprise and higher-security environments. One hack makes the ESP32 or ESP8266 on the EAP-enabled network crash, but the other hack allows for a complete hijacking of the encrypted session.

These EAP hacks are more troubling, and not just because session hijacking is more dangerous than a crash-DOS scenario. The ESP32 codebase has already been patched against them, but the older ESP8266 SDK has not yet. So as of now, if you’re running an ESP8266 on EAP, you’re vulnerable. We have no idea how many ESP8266 devices are out there in EAP networks, but we’d really like to see Espressif patch up this hole anyway.

[Matheus] points out the irony that if you’re using WPA2, you’re actually safer than if you’re unpatched and using the nominally more secure EAP. He also wrote us that if you’re stuck with a bunch of ESP8266s in an EAP environment, you should at least encrypt and sign your data to prevent eavesdropping and/or replay attacks.

Again, because [Matheus] informed Espressif first, most of the bugs are already fixed. It’s even percolated downstream into the Arduino-for-ESP, where it’s just been worked into the latest release a few hours ago. Time for an update. But those crusty old NodeMCU builds that we’ve got running everything in our house? Time for a full recompile.

We’ve always wondered when we’d see the first ESP8266 attacks in the wild, and that day has finally come. Thanks, [Matheus]!

Giant LED Display Is 1200 Balls To The Wall

August 29, 2019 by Dan Maloney 10 Comments

When you’re going to build something big, it’s often a good idea to start small and work out the bugs first. That’s what [bitluni] did with his massive 1200-pixel LED video wall, which he unveiled at Maker Faire Hanover recently.

We covered his prototype a while back, a mere 300 ping pong ball ensconced-LEDs on a large panel. You may recall his travails with the build, including the questionable choice of sheet steel for the panel and the arm-busting effort needed to drill 300 holes with a hand drill. Not wanting to repeat those mistakes, [bitluni] used the custom hole punch he built rather than a drill, and went with aluminum sheet for the four panels needed. It was still a lot of work, and he had to rig up some help to make the tool more comfortable to use, but in the end the punched holes appear much neater than their drilled counterparts.

[bitluni] mastered enough TIG welding to make nice aluminum frames for the panels, making them lightweight and easy to transport. 1200 ping pong balls, a gunked-up soldering iron, and a package of hot glue sticks later, the wall was ready for electronics. It took a 70-amp power supply and an ESP32 to run everything, but that’s enough horsepower to make some impressive graphics and even stream live video – choppy and low-res, but still usable.

We love the look this wall and we appreciate the effort that went into it. And it’s always good to see just how much fun [bitluni] has with his builds – it’s infectious.

Continue reading “Giant LED Display Is 1200 Balls To The Wall” →

New Life For Old Nintendo Handhelds With ESP32

August 14, 2019 by Erin Pinheiro 17 Comments

The Game Boy Pocket was Nintendo’s 1996 redesign of the classic 1989 handheld, giving it a smaller form factor, better screen and less power consumption. While it didn’t become as iconic as its predecessor, it still had enough popularity for modders such as [Eugene] to create new hardware for it. His Retro ESP32 board is a drop-in replacement for the console’s motherboard and screen, giving it a whole new life.

[Eugene] is no stranger to making this kind of mod, his previous Gaboze Pocaio project did the exact same thing with this form factor, only with a Raspberry Pi instead of the ESP32-WROVER used here. His choice of integrated SoC was based on the ODROID-GO, which is a similar portable console but with its own custom shell instead.

This project doesn’t stop at the hardware though, the Retro ESP32 (previously dubbed Gaboze Express) also offers a user-friendly interface to launch emulators. This GUI code can be used with the ODROID as well since they share the same hardware platform, so if you have one of those you can try it out right now from the software branch of their repository.

If the idea of replacing retro tech innards with more modern hardware is something that interests you, look at what they did to this unassuming Osborne 1, or this unwitting TRS-80 Model 100. Poor thing didn’t even see it coming.

PaperLedger: An E-Ink Cryptocurrency Ticker

August 12, 2019 by Tom Nardi 6 Comments

For a long time it seemed like e-ink displays were outside the reach of us lowly hackers, as beyond the handful of repurposed Kindles that graced these pages, we saw precious few projects utilizing this relatively exotic display. But that’s changed over the last couple of years, and we’re thrilled to start seeing hackers bend this incredible technology to their will.

A perfect example is PaperLedger, an entry into the 2019 Hackaday Prize by [AIFanatic]. This wireless device is designed to display the current price of various cryptocurrencies on its 2.9-inch e-ink screen and provide audible price alerts with its built-in speaker. It even has a web portal where users can configure the hardware or view more in-depth price information.

The PaperLedger is based on the TTGO T5 V2.2 ESP32, but it looks like [AIFanatic] is in the process of spinning up a new board for the MIT licensed project to address some nagging issues for this particular application. Unfortunately, it doesn’t look like there are any pictures of the new board yet, but a description of the changes on the Hackaday.IO page shows that most of the work seems to be going into improving support for running on batteries.

Even if you’re not interested in cryptocurrency, the PaperLedger looks like a fantastic little e-ink monitor for pretty much anything else you’d like to keep a close eye on. The GPLv3 licensed firmware is available on the project’s GitHub page, so expanding or completely changing the device’s functionality shouldn’t be too tricky for anyone with a desire to do so and a working knowledge of C++.

We’ve seen several projects using the various TTGO boards that mate an ESP32 with a display at this point, and it looks like a great platform to check out if you want to push some data to a little WiFi screen with the minimum amount of hassle.

Cat Feeder Adds Metrics To Meow Mix

August 5, 2019 by Kristina Panos 16 Comments

If there’s one thing any cat will work for, it’s food. Usually, this just consists of meowing and/or standing on your chest until you give up the goods. [DynamicallyInvokable] has a beautiful cat, Emma, who meows loudly for food at obscene hours of the morning. As she ages, it’s getting harder and more important to control her weight. Clearly, it was time to build the ultimate automatic cat feeder—one that allows him to get lazy while at the same time getting smart about Emma’s weight.

After a year and a half of work, the feeder is complete. Not only does it deliver the goods several times a day, it sends a heap of data to the cloud about Emma’s eating habits. There’s a scale built into the platform, and another in the food bowl. Together, they provide metrics galore that get automatically uploaded to AWS. Everything is controlled with an ESP32 Arduino, including a rainbow of WS2812s that chases its tail around the base of the feeder. The faster it goes, the closer it is to feeding time.

The best part about this unique feeder is that nearly every piece is 3D printed, including the gears. Be sure to check out the build gallery, where you can watch it come together piece by piece. Oh, and claw your way past the break to see Emma get fed.

Emma doesn’t have to worry about sharing her food. If she did, maybe [DynamicallyInvokable] could use facial recognition to meet the needs of multiple cats.

Continue reading “Cat Feeder Adds Metrics To Meow Mix” →

Hackaday Podcast 029: Your Face In Silver Sand, Tires Of The Future, ESP32 All The CNC Things, And Sub In A Jug

August 2, 2019 by Mike Szczys 6 Comments

Hackaday Editors Elliot Williams and Mike Szczys geek out over the latest hacks. This week we saw a couple of clever CNC builds that leverage a great ESP32 port of GRBL. The lemonade-pitcher-based submarine project is everything you thought couldn’t work in an underwater ROV. Amazon’s newest Dot has its warranty voided to show off what 22 pounds gets you these days. And there’s a great tutorial on debugging circuits that grew out of a Fail of the Week. Plus, we get the wind knocked out of us with an ambitious launch schedule for airless automotive tires, and commiserate over the confusing world of USB-C.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 029: Your Face In Silver Sand, Tires Of The Future, ESP32 All The CNC Things, And Sub In A Jug” →

Etch-A-Selfie

July 30, 2019 by Bryan Cockfield 5 Comments

Taking a selfie before the modern smartphone era was a true endeavor. Flip phones didn’t have forward-facing cameras, and if you want to go really far back to the days of film cameras, you needed to set a timer on your camera and hope, or get a physical remote shutter. You could also try and create a self portrait on an Etch a Sketch, too, but this would take a lot of time and artistic skill. Luckily in the modern world, we can bring some of this old technology into the future and add a robot to create interesting retro selfies – without needing to be an artist.

The device from [im-pro] attaches two servos to the Etch a Sketch knobs. This isn’t really a new idea in itself, but the device also includes a front-facing camera, taking advantage of particularly inexpensive ESP32 Camera modules. Combining the camera features with [Bart Dring]’s ESP32 Grbl port is a winner. Check the code in [im-pro]’s GitHub.

Once the picture is taken, the ESP32 at the heart of the build handles the image processing and then drawing the image on the Etch a Sketch. The robot needs a black and white image to draw, and an algorithm for doing it without “lifting” the drawing tool, and these tasks stretch the capabilities of such a small processor. It takes some time to work, but in the end the results speak for themselves.

The final project is definitely worth looking for, if not for the interesting ESP32-controlled robot than for the image processing algorithim implementation. The ESP32 is a truly versatile platform, though, and is useful for building almost anything.

Continue reading “Etch-A-Selfie” →