The CAN bus is a rich vein to mine for a hacker: allowing the electronic elements of most current vehicles to be re-purposed and controlled with ease. [MikrocontrollerProjekte] has reverse engineered a CAN bus media and navigation controller and connected it to an STM32F746G-Discovery board. The STM32 is in turn connected to an Android phone, and allows the media controller to trigger a large number of functions on the phone, including music playback, maps, and general Android navigation.
When reverse engineering the controller, [MikrocontrollerProjekte] employed a variety of approaches. A small amount of information was found online, some fuzzing was done with random CAN bus IDs and messages, as well as some data logging with the device inside the car to identify message data to the relevant IDs on the bus.
The STM32F746G-Discovery board acts as a Human Interface Device (HID), emulating a mouse and keyboard connected to the Android phone via USB OTG. The LCD screen shows the output of the keystrokes and touchpad area. We’re not sure how useful the mouse-emulation would be, given that the phone has a touchscreen, but the media functions work really well, and would also make a really snazzy music controller for a PC.
We’ve covered plenty of other cool CAN bus hacks, like reverse-engineering this Peugeot 207, or this general purpose CAN sniffer.
Continue reading “Reverse Engineered Media Controller From Car Is Best Friends With Android”
Whether with projects featured here or out in the real world, we have a tendency to focus most upon the end product. The car, solar panel, or even robot. But there’s a lot more going on behind the scenes that needs to be taken care of as well, whether it’s fuel infrastructure to keep the car running, a semiconductor manufacturer to create silicon wafers, or a control system for the robot. This project is one of the latter: a human interface device for a robot arm that is completely DIY.
While robots are often automated, some still need human input. The human input can be required all the time, or can be used to teach the robot initially how to perform a task which will then be automated. This “keyboard” of sorts built by [Ahmed] comes with a joystick, potentiometer, and four switch inputs that are all fully programmable via an Arduino Due. With that, you can perform virtually any action with whatever type of robot you need, and since it’s based on an Arduino it would also be easy to expand.
The video below and project page have all the instructions and bill of materials if you want to roll out your own. It’s a pretty straightforward project but one that might be worth checking out since we don’t often feature controllers for other things, although we do see them sometimes for controlling telescopes rather than robots.
Continue reading “A HID For Robots”
We see a huge variety of human-computer interface devices here at Hackaday, and among them are some exceptionally elegant designs. Of those that use key switches though, the vast majority employ off the shelf components made for commercial keyboards or similar. It makes sense to do this, there are some extremely high quality ones to be had.
Sometimes though we are shown designs that go all the way in creating their key switches from the ground up. Such an example comes from [Brandon Rice], and it a particularly clever button design because of its use of laser cutting to achieve a super-slim result. He’s made a sandwich of plywood with the key mechanisms formed in a spiral cut on the top layer. He’s a little sketchy on the exact details of the next layer, but underneath appears to be a plywood spacer surrounding a silicone membrane with conductive rubber taken from a commercial keyboard. Beneath that is copper tape on the bottom layer cut to an interweaving finger design for the contacts. An Adafruit Trinket Pro provides the brains and a USB interface, and the whole device makes for an attractive and professional looking peripheral.
You can see the results in action as he’s posted a video, which we’ve included below the break.
Continue reading “Spiral Laser Cut Buttons Make A Super-Slim USB MIDI Board”
Who would have thought that you could light up pyrotechnics on USB power? This USB keystroke injector that blows up after it’s used proves the concept.
Fully aware that this is one of those “just because you can doesn’t mean you should” projects, [MG] takes pains to point out that his danger dongle is just for dramatic effect, like a prop for a movie or the stage. In fact, he purposely withholds details on the pyrotechnics and concentrates on the keystroke injection aspect, potentially nasty enough by itself, as well as the dongle’s universal payload launching features. We’re a little bummed, because the confetti explosion (spoiler!) was pretty neat.
The device is just an ATtiny85 and a few passives stuffed into an old USB drive shell, along with a MOSFET to trigger the payload. If you eschew the explosives, the payload could be anything that will fit in the case. [MG] suggests that if you want to prank someone, an obnoxious siren might be a better way to teach your mark a lesson about plugging in strange USB drives.
While this isn’t the most dangerous thing you can do with a USB port, it could be right up there with that rash of USB killer dongles from a year or so ago. All of these devices are fun “what ifs”, but using them on anything but your own computers is not cool and possibly dangerous. Watching the smoke pour out of a USB socket definitely drives home the point that you shouldn’t plug in that thumbdrive that you found in the bathroom at work, though.
Continue reading “This USB Drive Will Self-Destruct After Ruining Your Computer”
Chances are anyone who has an entry-level to mid-range smart TV knows that setting them up with your streaming account credentials is a royal pain. Akin to the days of texting on a flip phone, using the number pad or arrow keys to compose your user name and password seems to take forever. So why not avoid the issue with this automated Netflix logger-inner?
As if the initial setup wasn’t bad enough, when [krucho5]’s LG smart TV started asking for his Netflix credentials every few days, he knew something needed to be done. An Arduino to send “keystrokes” was the obvious solution, but when initial attempts to spoof the HID on the set proved fruitless, [krucho5] turned to the IR remote interface. He used an IR receiver module to capture the codes sent while entering user name and password, and an IR LED plays it back anytime the TV ask for it. The video below shows how much easier it is now, and the method should work just fine for any other online service accounts.
We like [krucho5]’s build, but the fit and finish are a little rough. Perhaps slipping them into a pair of Netflix-enabled socks would be a nice touch?
Continue reading “Save Your Thumbs with This Netflix Password Sender”
MalDuino is an Arduino-powered USB device which emulates a keyboard and has keystroke injection capabilities. It’s still in crowdfunding stage, but has already been fully backed, so we anticipate full production soon. In essence, it implements BadUSB attacks much like the widely known, having appeared on Mr. Robot, USB Rubber Ducky.
It’s like an advanced version of HID tricks to drop malicious files which we previously reported. Once plugged in, MalDuino acts as a keyboard, executing previous configured key sequences at very fast speeds. This is mostly used by IT security professionals to hack into local computers, just by plugging in the unsuspicious USB ‘Pen’.
[Seytonic], the maker of MalDuino, says its objective is it to be a cheaper, fully open source alternative with the big advantage that it can be programmed straight from the Arduino IDE. It’s based on ATmega32u4 like the Arduino Leonardo and will come in two flavors, Lite and Elite. The Lite is quite small and it will fit into almost any generic USB case. There is a single switch used to enable/disable the device for programming.
The Elite version is where it gets exciting. In addition to the MicroSD slot that will be used to store scripts, there is an onboard set of dip switches that can be used to select the script to run. Since the whole platform is open sourced and based on Arduino, the MicroSD slot and dip switches are entirely modular, nothing is hardcoded, you can use them for whatever you want. The most skilled wielders of BadUSB attacks have shown feats like setting up a fake wired network connection that allows all web traffic to be siphoned off to an outside server. This should be possible with the microcontroller used here although not native to the MalDuino’s default firmware.
For most users, typical feature hacks might include repurposing the dip switches to modify the settings for a particular script. Instead of storing just scripts on the MicroSD card you could store word lists on it for use in password cracking. It will be interesting to see what people will come up with and the scripts they create since there is a lot of space to tinker and enhanced it. That’s the greatness of open source.
Continue reading “MalDuino — Open Source BadUSB”
There was a time when building something yourself probably meant it didn’t look very much like a commercial product. That’s not always a bad thing. We’ve seen many custom builds that are nearly works of art. We’ve also seen plenty of builds that are–ahem–let’s say were “hacker chic”.
[AlexanderBrevig] decided to take on a project using a PSoC development board he picked up. In particular, he wanted to build a custom game keypad. He prototyped a number of switches with the board and got the firmware working so that the device looks like a USB HID keyboard.
Continue reading “Custom Gaming Keypad Developed with PSoC and Fusion 360”