Capture the Flag Challenge is the Perfect Gift

Nothing says friendship like a reverse engineering challenge on unknown terrain as a birthday present. When [Rikaard] turned 25 earlier this year, his friend [Veydh] put together a Capture the Flag challenge on an ESP8266 for him. As a software guy with no electronics background, [Rikaard] had no idea what he was presented with, but was eager to find out and to document his journey.

Left without guidance or instructions, [Rikaard] went on to learn more about the ESP8266, with the goal to dump its flash content, hoping to find some clues in it. Discovering the board is running NodeMCU and contains some compiled Lua files, he stepped foot in yet another unknown territory that led him down the Lua bytecode rabbit hole. After a detour describing his adjustments for the ESP’s eLua implementation to the decompiler he uses, his quest to capture the flag began for real.

While this wasn’t [Rikaard]’s first reverse engineering challenge, it was his first in an completely unknown environment outside his comfort zone — the endurance he demonstrated is admirable. There is of course still a long way down the road before one opens up chips or counts transistors in a slightly more complex system.

Repair Job Fixes Compressor, Gets it Online

We’ll never cease to be amazed at the things people try to put on the Internet of Things. Some are no-brainers, like thermostats, security cameras, and garage door openers. Others, like washing machines and refrigerators, are a little on the iffy side, but you can still make a case for them. But an IoT air compressor? What’s the justification for such a thing?

As it turns out, [Boris van Galvin] had a pretty decent reason for his compressor hacks, and it appears that the IoT aspect was one of those “why not?” things. Having suffered the second failure of his compressor’s mechanical pressure switch in a year, and unwilling to throw good money after the $120 that went into replacing the first contactor, [Boris] looked for a cheaper and more interesting way to control the compressor. An ESP8266 dev board made interfacing the analog pressure sensor a snap, and while he was at it, [Boris] added a web interface with a nice graphical air pressure gauge and some on-off controls. Now he can set the pressure using his phone and switch it off in the middle of the night without going outside. That’s an IoT win right there.

No air compressor? No worries — build your own from an old fridge. The non-IoT kind, preferably.

Simulate Your Robot Before You Build It

[Nurgak] shows how one can use some of the great robotic tools out there to simulate a robot before you even build it. To drive this point home he builds the tutorial off of the easily 3D printable and buildable Robopoly platform.

The robot runs on Robot Operating System at its core. ROS is interesting because of its decentralized and input/output agnostic messaging system. For example, if you leave everything alone but swap out the motor output from actual motors to a simulator, you can see how the robot would respond to any arbitrary input.

[Nurgak] uses another piece of software called V-REP to demonstrate this. V-REP is a simulation suite for robotics and has a few ROS nodes built in. So in order to make a simulated line-following robot, [Nurgak] tells V-REP to send a simulated camera image to the decision making node of the robot in ROS. It then sends the movement messages back to V-REP which drives the pretend robot around.

He runs through a few more examples, proving that it’s entirely possible to become if not a roboticist, at least a really good AI programmer without ever dropping the big money on parts to build a robot.

Broadcasting Bluetooth Beacons With Bubbles

Bluetooth beacons have only been around for a few years, but the draw is incredible. With Bluetooth beacons, your phone is location aware, even with location services are turned off. They’re seen in fast food joints, big box retailers, and anywhere else there’s a dollar to be made. [Nemik] has been working on a home automation project, and came up with a use for Bluetooth beacons that might actually be useful. It’s a WiFi-based Bluetooth beacon notifier that scans the area for beacons and forwards them to an MQTT server.

[Nemik]’s ‘Presence Detector’ for Bluetooth advertisements is actually a surprisingly simple build, leveraging the unbelievably cheap wireless modules available to us today. The WiFi side of the equation is a NodeMCU v2 ESP8266 dev board that provides all the smarts for the device via Lua scripting. The Bluetooth side of the board is a PTR5518 module that has a nRF51822 tucked inside. With the right configuration, this small board will listen for BLE advertisements and forward them to an MQTT server where they can be seen by anyone on the network.

[Nemik] is selling these beacon to WiFi bridges, but in the spirit of Open Hardware, he’s also giving away the designs and firmware so you can make your own. If you ever have an abundance of Bluetooth beacons sitting around and want to make a beacons of Things thing, this is the build for it.

LuaRadio Brings More Options to SDR

GNURadio is the swiss-army-knife of software-defined radio suites: it does everything and anything. It has a great GUI overlayer that makes creating radio flows fairly simple. There are only two areas where we could quibble with the whole system — it’s a gigantic suite of software, and it’s a lot harder to code up in Python than it is to use the GUI.

[Vanya Sergeev] started up his LuaRadio project to deal with these shortcomings. If you’re looking for the full-GUI experience, you’re barking up the wrong tree here. LuaRadio is aimed at keeping things easy to code and keeping the codebase small and tidy.

That doesn’t mean that it departs entirely from GNURadio’s very successful flow-graph programming paradigm, however, and if you’re comfortable with the procedure of hooking up a signal source to a filter block to an output, you’ll be doing fine here as well. Check out the obligatory FM radio demo — the “hello world” of SDR — and you’ll see how it works: instantiate the various blocks in code, and then issue “connect” commands to link them together.

LuaRadio’s main selling points are its size and the ease of programming it by hand. It’s got great documentation to boot. It’s written as a library that’s embeddable in your C code, so that you can write standalone programs that make use of its functionality.

LuaRadio is a new project and it doesn’t have a GUI either. It may not be the ideal introduction to SDR if you’re afraid of typing. (If you are new to SDR, start here.) But if you want to code up your SDR by coding, or run your radio on smaller devices, it’s probably worth a look. It’s at v0.1.1, so we’re looking forward to hearing more from LuaRadio in the future. Any of you out there use it? We’d love to hear in the comments.

Hackaday Links: May 15, 2016

The Hackaday Overlords (or Hackaday family) are running a series of AMAs on SupplyFX. What is SupplyFX? It’s a social network for EEs. Who’s in the first AMA? [Brady Forrest], the guy who runs Highway1, a Bay Area hardware accelerator. They’re the accelerator responsible for the lustworthy Keyboardio, and the startup that is purely mechanical and has shipped zero lines of code, CoolChip. If you want to talk about hardware startups, [Brady] is your man. The AMA is tomorrow, May 16th, at 13:00 Pacific.

Makerbot is dead, or at least they will be soon. Whatever. Nothing of value was lost. Lulzbot, on the other hand, is going gangbusters. They saw eight hundred percent growth over the last two years. and $15M in revenue in 2015. They did this all with open source hardware and software, and using 3D printing in a manufacturing context. They’re the jewel of the Open Hardware movement, and a shining example of what Free Software can do.

The current generation of software defined radios started with the ubiquitous TV tuner dongles, and quickly graduated to the HackRF. You can only get so much bandwidth out of a USB 2.0 socket, and the newest and bestest SDR is the LimeSDR. They’re about halfway through their crowdfunding campaign (and halfway funded), and have finally changed out the USB A connector to a USB micro B connector. Good choice.

The ESP8266 is quickly becoming the go-to device for when you want a cheap way to put a sensor on the Internet. The only problem is programming it. No problem – here’s a bunch of Lua scripts that do 90% of everything. Need to read a PIR sensor? Light up a few LEDs? Put the data from a temperature and humidity on the Internet? There you have it.

The Vintage Computer Festival West is back on this year. We’ve gone to VCF East in New Jersey for a few years now, and had a few occasional outings to the southeast and midwest Vintage Computer Festivals over the years. This is the first time the west coast has had a Vintage Computer Festival in several years. It’s in Mountain View, on August 6th and 7th. Yes, that’s the same weekend as DEF CON.

E3D, makers of fine hot ends and 3D printer paraphernalia, have released a new kind of filament. It’s called Edge, it’s based on PET, and it prints as easily as PLA, with better mechanical properties than ABS. A few sample prints made from Edge were at this year’s Midwest RepRap Festival, and the Edge’s bridging ability is crazy. You need a heated bed for Edge and it’s sensitive to moisture, but it has some very interesting properties that can be cleverly exploited.

In other filament news, Colorfabb released a filament to print clear parts. Yes, that’s very weird. Clear parts require 100% infill, meaning it will use a lot of filament. It’s still very advanced wizardry, and I’m very interested in seeing the first print of a sanded and polished convex lens.

Holy Crap it’s the 3D printing edition of the links post. [Prusa] just released the latest version of the i3. It’s now bigger: 250x210x200mm build volume. The heated bed – [Prusa] was one of the first to experiment with PCB heated beds – is now vastly improved when looking at it through a FLIR. The Mk. 42 heated bed doesn’t have a hot center or cool corners. PEI sheet removes the need for blue painters tape, glass, aqua net, or glue sticks. The printer has self-test capabilities. The mechanics of the printer, especially the Z axis, are improved. [Prusa] will be selling this as a kit for ~19000 Czech Crowns or $699 USD, but he’s RepRap to the core. Buy a spool and start printing your next printer.


DEF CON: Abusing Scripts in Multiplayer Games

Everyone has at least a few games on their computer, and I would assume most of the Hackaday readership would be among the enlightened PC gamer bretheren. At this year’s DEF CON, [Tamas Szakaly] gave a talk about the data these games leak to the Internet, the data they accept from the Internet, and what you can do with that data.

[Tamas]’ talk was entirely about scripting games, like the many games that are scriptable in Lua, or Valve’s Squirrel. Developers have thought about this before and have implemented sandboxes and many anti-cheat mechanisms. However, because these sandboxes are poorly implemented, it’s easy to get outside the game and do some real damage.

[Tamas]’ first target was Crysis 2 and the CryEngine3. This game uses a Lua scripting engine and has no sandbox whatsoever. That means [Tamas] can call os.execute, and from there the entire game is over. Or it’s just begun. Either way you look at it, it’s pretty bad.

CryTek notwithstanding, [Tamas] can also use games with Lua scripting that have a real sandbox. DOTA2 has a leaky sandbox and can be used to call OS I/O routines and execute base 64 encoded executables right over the main executable.

The most impressive example of script abuse in various multiplayer games is from Garry’s Mod. This game has custom implementation of dangerous functions, restricted file IO, and a proper Lua sandbox. This was a wise decision from the developers, but the library is huge. If you create a map or mode used on a server, you can have a full HTTP proxy to the gamer’s home network. During the talk, [Tamas] used this exploit to display an image from a webcam on a Garry’s Mod server. It was on the podium right next him, but this could have been done on a server on the other side of the planet.

Continue reading “DEF CON: Abusing Scripts in Multiplayer Games”