If a Game Boy was a part of your childhood, you were probably more than once dreaming of spending your entire school day with it. Well, they had to wait a few more years for that, but eventually in 2015, [Asger], [baekalfen], and [troelsy] made that dream reality when they created a Game Boy emulator in Python for a university project. However, it didn’t stop there, and the emulator has since grown into a full-blown open source project, PyBoy, which just reached the version 1.0 release.
Since it started out as an academic project, the three of them had to do their research accordingly, so the background and theory about the Game Boy’s internal functionality and the emulator they wrote is summarized in a report published along with the source code. There is still some work to be done, and sadly there is no sound support implemented yet, but for the most part it’s fully functional and let’s you successfully play your own extracted cartridges, or any ROM file you happen to have in your possession.
Being an emulator, you can also inspect its inner life when run in debug mode, and watch the sprites, tiles, and data as you play, plus do cool things like play the emulation in reverse as shown in the clip below. Even more so, you can just load the instance in your own Python scripts, and start writing your own bots for your games — something’s we’ve seen in action for the NES before. And if you want to dive really deep into the world of the Game Boy, you should definitely watch the 33c3 talk about it.
Scarcity on the Internet is the siren song of bot writers. Maybe you’ve lost an eBay bid in the last milliseconds, or missed out on a hacker con when tickets sold out in under a minute — your corporeal self has been outperformed by a bot. But maybe you didn’t know bots are on a buying frenzy in the hyped-up world of fashion. From limited-run sneakers to anything with the word Supreme printed on it, people who will not accept any substitute in wearing the rarest and most sought after are turning to resellers who use bots to snag unobtanium items and profit on the secondary market.
At DEF CON 27 [FinalPhoenix] took the stage to share her adventures in writing bots and uncovering a world that buys and sells purchasing automation, forming groups much like cryptocurrency mining pools to generate leads on when the latest fashion is about to drop. This is no small market either. If your bots are leet enough, you can make a ton of cash. Let’s take a look at what it takes to write a bot, and at the bots-for-sale economy that has grown up around these concepts.
The internet is built with bots in mind and we have Google to thank for this. Their major innovation was moving us off of a curated internet to one that is machine crawled. Everyone wants good Google juice and that means building a site that is friendly to the Google bots that crawl and index the internet. This makes automation for your own purposes quite a bit easier. Namely, the monitor-bots that are used to detect when a retailer has the latest in stock. [FinalPhoenix] demonstrated a simple script that grabs the XML site map, parsing it for newly in-stock items, flagging them when found. But here’s the killer — if your monitor bot is a good one, you can turn it into a discord channel and sell subscriptions to others playing the reseller game, to the tune of $15-30 a month per subscriber.
Once your bot reports stock, the race is on to buy it before anyone else can. For this, you could use the APIs of the site, but that’s time-consuming and a lot easier for retailers to detect and block bot usage. For this part of her botting tools [FinalPhoenix] likes to use web-based bots that go through a browser framework like Chromium and allow obfuscation techniques like scrolling, clicking other items, random pauses, and other simple-minded actions that make your bot appear to be only human. In the examples for this talk, the Puppeteer framework was used for this purpose. In the end, the main role of this part of the bot is to use a verified account to complete the purchase as fast as robotically possible, which is why they’re called buy-bots. Retailers do have some tricks to combat these web-based attacks like adding secret keys in the DOM that need to be sent with the next post, but these are easy to discover and incorporate into the scripts.
This raises up another interesting part of the scheme, the verified accounts. For the best chance at profit, you need multiple accounts, each used just one time to avoid your buy-bot being detected by the retailer. For this, [FinalPHoenix] turns to services that sell accounts in packages of 500-10,000 and cost around just $5-10 per batch.
But wait, here’s where it gets really wild as recursion takes hold. Yes, these buy-bots are for sale (from sites like AIO Bot and usually around $300-1500), but they’re sold in limited quantities so that it’s harder for retailers to notice and take countermeasures. Just like how the clothing was limited release and incentivized bots-wielding resellers to enter the market, there is a secondary market for the bots themselves. [FinalPhoenix] reports that reselling one of these bots can yield $1000-1500 in profit. The same principles apply, and so what we’ve ended up with is bots buying bots to buy clothes. Who knows how many levels of bot-bot transactions there are, but it certainly feels like turtles all the way down.
Bot-based high-speed trading is the real way to make major bank on the securities market. Your average hacker is shut out of that “legitimate” business, but any enterprising programmer has the option of automating whichever reseller market they find most interesting. This breaks the public trust in commerce — buying quality products from a seller connected to their production for a reasonable price. If frustrates the manufacturer, alienates the consumer, but there appears to be little in place preventing it.
At this point it’s something of a given that a member of the ESP8266 family is likely your best bet if you want to cobble together a small Internet-connected gadget. Costing as little as $3 USD, this well documented all-in-one solution really can’t be beat. But of course, the hardware is only one half of the equation. Deciding how to handle the software side of your homebrew Internet of Things device is another story entirely.
It would be fair to say that there’s no clear-cut “right” way to approach the software, and it really depends on the needs or limitations of your particular project. For example [Brian Lough] finds that building Telegram support into his ESP8266 allows him to accomplish his goals with the minimum amount of fuss while at the same time using an environment he’s already comfortable with. He recently wrote in to share one of his Telegram projects with us, and in the video after the break, takes the time to explain some of the things he likes best about controlling his hardware through the encrypted chat platform.
But you don’t have to take his word for it, you can try it yourself. Thanks to the software library that [Brian] has developed to connect his projects to Telegram, the aptly named “Universal Telegram Bot Library”, anyone can easily follow in his footsteps. Adding his Telegram library to your next ESP8266 project is as easy as selecting it in the Arduino IDE. From there the video explains the process for getting a bot ID from Telegram, and ultimately how you use it to receive messages from the service. What you do with those messages is entirely up to you.
It’s common knowledge that tapping a wine glass produces a pitch which can be altered by adjusting the level of the tipple of choice inside. By filling twelve glasses with different amounts of liquid and tuning them to the twelve notes of the scale, it’s possible to make a one-octave instrument – though the speed and polyphony are bottle-necked by the human operator. If you think it sounds like a ripe project for automation, you’re correct: [Bitluni’s lab] has done what needed to be done, and created a MIDI instrument which plays the glasses using mallets.
Electronically it’s a simple build – some 12 V solenoids driven by MOSFETs, with an Arduino in charge. For the mechanical build, a 3D printer proved very useful, as each mallet could be made identical, ensuring a consistent tone across all glasses. Rubber covers printed in flexible filament were fitted to reduce the overtones and produce a clearer sound. [Bitluni] also utilised different types of glasses for the low and high pitches, which also helped to improve the clarity of the tone.
MIDI is of course the perfect protocol for this application; simple, lightweight and incredibly widely used, it’s the hacker’s delight for projects like this. The instrument can perform pre-programmed sequences, or be played live with a MIDI controller. Both of these are shown in the video after the break – stick around for a unique rendition of Flight Of The Bumblebee. For a more compact wine glass based music creation solution, we recommend this nifty project, which alters pitch using a water balloon raised and lowered into the glass by a servo. Continue reading “The Precise Science Of Whacking A Wine Glass”→
Instructables user [Team_Panic] — inspired by the resurgence of robot battle arena shows — wanted to dive in to his local ‘bot building club. Being that they fight at the UK ant weight scale with a cap of 150 grams, [Team_Panic] built a spunky little Arduino Mini-controlled bot on the cheap.
The Instructable is aimed at beginners, and so is peppered with sound advice. For instance, [Team_Panic] advises building from “the weapon out” as that dictates how the rest of the robot will come together around it. There are also some simple design considerations on wiring and circuit boards considering the robot in question will take a few hits, as well as instructions to bring the robot together. To assist any beginners in the audience, [Team_Panic] has provided his design for a simple, “slightly crude,” wedge-bot, as well as his code. Just don’t forget to change the radio pipe so you aren’t interfering with other bots!
[Robin Bussell]’s NixieBot is a mash up of new age electronics and retro vintage components and he’s got a bunch of hacks crammed in there. It’s a Nixie tube clock which displays tweets, takes pictures of the display when it encounters tweets with a #NixieBotShowMe hash tag, and then posts requested pictures back to twitter. If a word is eight characters, it takes a snapshot. If it’s a longer message, NixieBot takes a series of pictures of each word, converts it to an animated GIF, and then posts the tweet. In between, it displays random tweets every twenty seconds. You can see the camera setup in the image below and you should check out the @nixiebot twitter feed to see some of the action.
For the display, he’s using eight big vintage Burroughs B7971 Nixie Tubes. These aren’t easy to source, and current prices hover around $100 each if you can find them. The 170V DC needed to run each tube comes from a set of six 12V to 170V converter boards specifically designed to drive these tubes. Each board can drive at least a couple of nixies, so [Robin]’s able to use just four boards for the eight tubes. Each nixie is driven by its own “B7971 SmartSocket“, a dedicated PIC16F690 micro-controller board custom designed for the purpose. A serial protocol makes it easy to daisy-chain the SmartSockets to build multi character displays.
A wild Python appeared, and it wants to play Pokemon Go. Python bots are taking over the game when you can’t, and they are good. Since you’re likely to bump into one sooner or later, here’s an overview:
One of the first workable bots and the origin of a lot of (dirty) code, as well as the (not dirty at all) Pokemon Trainer Club client secret, is [Mila432’s] Pokemon Go Bot. One of his initial goals was to make better sense of the API, which worked out better than he hoped.
Not wanting to impetuously destroy the numerous helpful applications that had been built upon the already partially known API, he decided to keep the project off Niantic’s radar. The most recent (and most powerful) version of his bot has not been released. The current version works fine within its limited functionality: Wandering around and looting Pokestops.