According to [Venn Stone], technical producer over at LinuxGameCast, the Sony a5000 is still a solid option for those looking to shoot 1080p video despite being released back in 2014. But while the camera is lightweight and affordable, it does have some annoying quirks — namely an overlay on the HDMI output (as seen in the image above) that can’t be turned off using the camera’s normal configuration menu. But as it so happens, using some open source tools and the venerable telnet, you can actually log into the camera’s operating system and fiddle with its settings directly.
As explained in the write-up, the first step is to install Sony-PMCA-RE, a cross-platform suite of tools developed for reverse engineering and modifying Sony cameras. With the camera connected via USB, this will allow you to install a program on the camera called Open Memories Tweak. This unlocks some developer options on the camera, such as spawning a telnet server on its WiFi interface.
With the a5000 connected to your wireless network, you point your telnet client to its IP address and will be greeted by a BusyBox interface that should be familiar to anyone who’s played with embedded Linux gadgets. The final step is to invoke the proper command, bk.elf w 0x01070a47 00, which sets the specific address of the camera’s configuration file to zero. This permanently disables the HDMI overlay, though it can be reversed by running the command again and setting the byte back to 01.
As you might expect, the Sony-PMCA-RE package is capable of quite a bit more than just unlocking a telnet server. While it might not be as powerful as a firmware modification such as Magic Lantern for Canon’s hardware, those looking for a hackable camera that won’t break the bank might want to check out the project’s documentation to see what else is possible.
If you’ve gone further into the Linux world than the standard desktop distributions like Ubuntu or Fedora, you have undoubtedly come across some more purpose-built distributions. Some examples are Kali for security testing, DragonOS for software-defined radio, or Hannah Montana Linux for certain music fans. Anyone can roll their own Linux distribution with the right tools, including [Shadly], who recently created one which only loads enough software to launch the 1993 classic DOOM.
The distribution is as simple as possible and loads no bloat other than what’s needed to launch the game. It loads the Linux kernel and the standard utilities via BusyBox, then runs fbDOOM, which is a port of the game specifically designed to run on the Linux framebuffer with minimal dependencies. After most of that, the only thing left is to use GRUB to boot the distribution, and in just a moment, Doomguy can start slaying demons. The entire distribution is placed into a bootable ISO file that can be placed on any bootable drive.
As far as DOOM hacks go, we’re used to seeing the game running on hardware it was never intended for like the NES or on an office phone. This one, on the other hand, gives us a little more insight into just how little is needed for a full-fledged Linux distribution, as long as what you need to do is relatively straightforward.
There was a time when booting Linux from a floppy disk was the norm, but of course, those days are long gone. Even if you still had a working 3.5 inch drive, surely the size of the modern kernel alone would far exceed the 1.44 MB capacity of the disks, to say nothing of all the support software required to create a usable operating system. Well that’s what we thought, anyway.
But then [Krzysztof Krystian Jankowski] dropped Floppinux, a live Linux OS that boots from just a single floppy. There’s even a few hundred KB left over on the disk, allowing the user to tuck a few of their own programs and scripts onboard before booting it up. But most impressively, the project doesn’t rely on ancient software releases like so many other embedded systems do. Every component of Floppinux is pulled directly from the cutting edge, including version 5.13.0-rc2 of the Linux kernel which is literally just a few days old.
Of course some concessions had to made in order cram the latest Linux kernel and build of BusyBox into slightly north of 1 MB, so Floppinux certainly isn’t what anyone would call a daily driver. The kernel is stripped down the absolute minimum, and is targeted for the decidedly poky i486. [Krzysztof] had to be very selective about which programs actually made the cut as well, so once the system is booted, there’s not a whole lot you can do with it outside of writing some shell scripts. But then, that was sort of the goal to begin with.
If you’re wondering how [Krzysztof] pulled it off, you don’t have to. He walks you though the entire process, down to the commands he used to do everything from pull down and compile the source code to creating the final disk image. Even if you don’t own a floppy drive, it’s well worth following his guide and booting the image up in QEMU just to say you’ve officially built a Linux system from scratch. It’s good for more than just bragging rights; learning how all the components of a minimal install like this fits together will no doubt come in handy the next time you find yourself poking around inside an embedded Linux device.
The TP-Link TL-WR841N isn’t a particularly impressive piece of hardware, but since it works decently well and sells for under $20 USD, it’s one of the most popular consumer routers on Amazon. Now, thanks to [TrendyTofu] of the Zero Day Initiative, we now have a concise step-by-step guide on how to hack your way into the newer versions of the hardware and take full control over this bargain WiFi device. This work was initially done to help test out reported vulnerabilities in the router’s firmware, but we’re sure the readers of Hackaday can come up with all sorts of potential uses for this information.
The story starts, as so many before it have, with a serial port. Finding the UART pads on the PCB and wiring up a level shifter was no problem, but [TrendyTofu] found it was only working one-way. Some troubleshooting and an oscilloscope later, the culprit was found to be a 1kΩ pull down resistor connected to the RX line that was keeping the voltage from peaking high enough to be recognized.
Once two-way communication was established, proper poking around inside the router’s Linux operating system could begin. It wasn’t a huge surprise to find the kernel was ancient (version 2.6.36, from 2010) and that the system utilities had been stripped to the absolute bare minimum to save space. Replacing the firmware entirely would of course be ideal, but unfortunately OpenWRT has dropped support for the newer hardware revisions of the TL-WR841N.
To teach this barebones build of Linux some new tricks, [TrendyTofu] used the mount command to find a partition on the system that actually had write-access, and used that to stash a pre-compiled build of BusyBox for MIPS. With a more complete set of tools, the real fun could begin: using GDB to debug TP-Link’s binaries and look for chinks in the armor. But feel free to insert your own brand of mayhem here.
[Pablo] is a recent and proud owner of a Transcend WiFi SD Card. It allows him to transfer his pictures to any WiFi-enabled device in a matter of seconds.
As he suspected that some kind of Linux was running on it, he began to see if he could get a root access on it… and succeeded.
His clear and detailed write-up begins with explaining how a simple trick allowed him to browse through the card’s file system, which (as he guessed correctly) is running busybox. From there he was able to see if any of the poorly written Perl scripts had security holes… and got more than he bargained for.
He first thought he had found a way to make the embedded Linux launch user provided scripts and execute commands by making a special HTTP POST request… which failed due to a small technicality. His second attempt was a success: [Pablo] found that the user set password is directly entered in a Linux shell command. Therefore, the password “admin; echo haxx > /tmp/hi.txt #” could create a hi.txt text file.
From there things got easy. He just had to make the card download another busybox to use all the commands that were originally disabled in the card’s Linux. In the end he got the card to connect a bash to his computer so he could launch every command he wanted.
As it was not enough, [Pablo] even discovered an easy way to find the current password of the card. Talk about security…
[Adam Outler] shows us how to expand the Linux tools available on Android without rooting the device. He does this by installing BusyBox. The binary is copied to the device using the Android Developer Bridge. He then opens an ADB shell, adds execution permissions to the binary, and runs it. BusyBox calls itself the Swiss Army Knife of Embedded Linux. It provides a set of very common tools which you’ll find useful in your tinkering. The one that [Adam] shows off in his video is the vi editor, but the basics that make a shell work are all there like: ls, mkdir, grep, dmesg, mount… you get the point.
So what are you going to do with your unrooted device now that you have these commands at your disposal? That’s really for you to figure out. [Adam] continues his demonstration by installing a package that does require root access. It’s BotBrew Basil, which adds apt-get and a few more complex packages. He then uses vi to write a C++ Hello World program, then compiles it and runs it. So if you’re looking to do some development on your phone this is one way.
The Vtech InnoTab is a child-sized tablet computer built for kids. Apart from being the ideal solution to keeping the grubby, sticky hands of nieces and nephews away from proper ‘adult sized’ tablets, it can also serve as a Linux tablet perfect for a few homebrew apps. [Mick] picked up an InnoTab for his son, but after getting BusyBox working, we’re thinking it has become a toy for the father and not the son.
[Mick] cracked open the InnoTab and soldered a few wires to a pair of pins that connect to a TTL level converter and then to a TV. There’s a full Linux shell running on [Mick]’s new tablet, encouragement enough for him to start porting ScummVM, the engine behind famous LucasArts point-and-click adventure games of the early 90s.
Right now, it’s still very much a work in progress, but [Mick] has full screen support and a virtual keyboard working; more than enough to enjoy Day of the Tentacleand Sam & Max Hit the Road. After the break you can see the video of [Mick]’s InnoTab running the much more child-friendly SCUMM adventure Putt Putt Goes to the Moon, something we’re sure his son will love.