Remote Code Execution On The N64

Some like to garden in their spare time, while others prefer to smoke cigars or fold complicated origami figurines. Security researcher [grifter] [CTurt] seems to enjoy cracking consoles instead, and had a go at exploiting the Nintendo 64 over an obscure modem interface.

The 1990s were a wild time, where games shipped in cartridges. This format opened up crazy possibilities to add additional hardware to the cartridge itself. Perhaps most famously, Nintendo packed in the SuperFX chip to enable 3D graphics on the Super Nintendo. Later on, the N64 game Morita Shogi 64 shipped with an entire telephone modem in the cartridge itself.  The resulting exploit is therefore dubbed “shogihax”.

Armed with a dodgy GameShark and a decompiler, [CTurt] set to work. Through careful parsing of the code, they were able to find a suitable overflow bug in the game when using the modem. Unlike more pedestrian savegame hacks, this not only allowed for the execution of arbitrary code but also the modem interface means that it’s possible to continually stream more data to the console on an ad-hoc basis.

It’s a great hack that takes advantage of a relatively accessible cartridge, rather than relying on more obscure hardware such as the N64DD modem or other rarities. We’ve seen other N64 homebrew hacks before, too. Video after the break.

Thanks to [grifter] for the tip!

Continue reading “Remote Code Execution On The N64”

An Open Hardware Modem For The Modern Era

Readers of a certain age will no doubt remember the external modems that used to sit next to their computers, with the madly flashing LEDs and cacophony of familiar squeals announcing your impending connection to a realm of infinite possibilities. By comparison, connecting to the Internet these days is about as exciting as flicking on the kitchen light. Perhaps even less so.

But while we don’t use them to connect our devices to the Internet anymore, that doesn’t mean the analog modem is completely without its use. The OpenModem by [Mark Qvist] is an open hardware and software audio frequency-shift keying (AFSK) modem that recalls some of the charm (and connection speeds) of those early devices.

It’s intended primarily for packet radio communications, and as such is designed to tie into a radio’s Push-to-Talk functionality with a standard 3.5 mm jack connector. Support for AES-128 encryption means it will take a bit more than an RTL-SDR to eavesdrop on your communications. Though if you’re really worried about others listening in, the project page says you could even use the OpenModem over a wired connection as you would have in the old days.

If you just want a simple and reliable way to get a secure AFSK communication link going, the OpenModem looks like it would be a great choice. But more than that, it offers a compelling platform for learning and experimentation. The hardware is compatible with the Arduino IDE, so you can even write your own firmware should you want to spin up your own take on this classic communications device.

The OpenModem is the evolution of the MicroModem that [Mark] developed years ago, and it’s clear that the project has come a long way since then. Of course, if you’re more about the look than the underlying technology, you could always just put a WiFi access point into the case of an old analog modem.

[Thanks to Boofdas for the tip.]

Easy Internet For Retro Computers With The PiModem

Retro computers are great, but what really makes a computer special is how many other computers it can talk to. It’s all about the network! Often, getting these vintage rigs online requires a significant investment in dusty old network cards from eBay and hunting down long-corrupted driver discs to lace everything together. A more modern alternative is to use something like PiModem to do the job instead.

PiModem consists of using a Raspberry Pi Zero W to emulate a serial modem, providing older systems with a link to the outside world. This involves setting up the Pi to use its hardware serial port to communicate with the computer in question. A level shifter is usually required, as well as a small hack to enable hardware flow control where necessary. It’s then a simple matter of using tcpser and pppd so you can talk to telnet BBSs and the wider Internet at large.

It’s a tidy hack that makes getting an old machine online much cheaper and easier than using hardware of the era. We’ve seen similar work before, too!

Build Your Own Dial-Up ISP – Now With Modem Pool!

When it was the only viable option, the screech and squeal of dial-up internet was an unwelcome headache to many. But now that its time has passed, it’s gained a certain nostalgia that endears it to the technophiles of today. [Doge Microsystems] is just one such person, who has gone all out to develop their very own dial-up ISP for multiple clients.

The retro network is based on an earlier single-device experiment, with a Raspberry Pi 3B acting as the dial-up server. It’s hooked up to four modems, three of which are connected over USB-serial adapters implementing hardware flow control.

Obviously, four analog phone lines are hard to come by in this day and age, so [Doge] uses Asterisk along with a series of Linksys SIP devices to create their own PBX network.  Each modem gets a phone line, with four left over for clients to dial in.

To connect, users can either call a certain modem directly, or dial a special number which rings the whole pool. Thanks to mgetty, each modem is set up to answer on a different number of rings to allow the load to be shared. Once connected, a PPP daemon handles connecting the user to the Internet at large.

While it’s unlikely we’ll all be ringing [Doge]’s house to get our next YouTube fix, owning your own dial-up ISP is certainly an admirable feat. We’d love to see it deployed in the field sometime, perhaps at a hacker conference or Burning Man-type event. Of course, if you’ve got your own old-school network pumping data, be sure to let us know! Video after the break.

Continue reading “Build Your Own Dial-Up ISP – Now With Modem Pool!”

Hackaday Links: July 28, 2019

It looks like Apple is interested in buying Intel’s modem chip business. Seriously interested; a deal worth $1 billion could be announced as early as this week. That might look like a small potato purchase to the world’s biggest company – at least by market capitalization – but since the technology it will be buying includes smartphone modems, it provides a look into Apple’s thinking about the near future with regard to 5G.

It turns out that Make Magazine isn’t quite dead yet. [Dale Dougherty], former CEO of Maker Media, which went under in June, has just announced that he and others have acquired the company’s assets and reformed under the name “Maker Community LLC.” Make: Magazine is set to resume publication, going back to its roots as a quarterly publication in the smaller journal format; sadly there’s no specific word about the fate of Maker Faire yet.

The hoopla over the 50th anniversary of Apollo 11 may be over, but we’d be remiss not to call out one truly epic hack related to the celebration: the full restoration of an actual Apollo Guidance Computer. The AGC was from a test model of the Lunar Module, and it ended up in the hands of a private collector. Since November of 2018 the AGC has been undergoing restoration and tests by [Ken Shirriff], [Mike Stewart], and [Carl Claunch]. The whole effort is documented in a playlist by [Marc “CuriousMarc” Verdiell] that’s worth watching to see what was needed to restore the AGC to working condition.

With the summer sun beating down on the northern hemisphere, and air conditioners at working extra hard to keep things comfortable. [How To Lou] has a quick tip to improve AC efficiency. Turns out that just spraying a fine mist of water on the condenser coils works wonders; [Lou] measured a 12% improvement in cooling. It may not be the best use of water, and it may not work as well in very humid climates, but it’s a good tip to keep in mind.

Be careful with this one; between the bent spoon, the syringe full of amber liquid, and the little candle to heat things up, this field-expedient reflow soldering setup might just get you in trouble with the local narcotics enforcement authorities. Even so, knowing that you can assemble a small SMD board without a reflow oven might prove useful someday, under admittedly bizarre circumstances.

From the “Considerably more than 8-bits music” file, check out the Hull Philharmonic Orchestra’s “8-Bit Symphony.” If your personal PC gaming history included a Commodore 64, chances are you’ll recognize songs from titles like “Monty on the Run”, “Firelord”, “Green Beret”, and “Forbidden Forest.” Sure, composers like [Ben Daglish] and [Paul Norman] worked wonders with the three-channel SID chip, but hearing those tunes rendered by a full orchestra is something else entirely. We found it to be particularly good background music to write by.

Hackaday Podcast Ep13: Naked Components, Shocking Power Supplies, Eye-Popping Clock, And Hackaday Prize

Editors Mike Szczys and Elliot Williams geek out about all things hackerdom. Did you catch all of our April Fools nods this week? Get the inside scoop on those, and also the inside scoop on parts that have been cut in half for our viewing pleasure. And don’t miss Mike’s interview with a chip broker in the Shenzhen Electronics markets.

We rap about the newly announced Hackaday Prize, a word clock to end all other word clocks, the delights of transformerless power supplies, and tricks of non-contact voltage testers. You’ll even find an ode to the App Note, as well as a time when electronics came in wooden cases. And who doesn’t love a Raspberry Pi that grinds for you on Nintendo Switch games?

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60.1 MB)

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Ep13: Naked Components, Shocking Power Supplies, Eye-Popping Clock, And Hackaday Prize”

Teardown Of A 50 Year Old Modem

A few years ago, I was out at the W6TRW swap meet at the parking lot of Northrop Grumman in Redondo Beach, California. Tucked away between TVs shaped like polar bears and an infinite variety of cell phone chargers and wall warts was a small wooden box. There was a latch, a wooden handle, and on the side a DB-25 port. There was a switch for half duplex and full duplex. I knew what this was. This was a modem. A wooden modem. Specifically, a Livermore Data Systems acoustically coupled modem from 1965 or thereabouts.

The Livermore Data Systems Modem, where I found it. It cost me $20

The probability of knowing what an acoustically coupled modem looks like is inversely proportional to knowing what Fortnite is, so for anyone reading this who has no idea what I’m talking about, I’ll spell it out. Before there was WiFi and Ethernet and cable modems and fiber everywhere, you connected to the Internet and BBSes via phone lines. A modem turns digital data, in this case a serial connection, into analog data or sound. Oh yeah, we had phone lines, too. The phone lines and the phones in your house were owned by AT&T. Yes, you rented a phone from the phone company.

90s kids might remember plugging in a US Robotics modem into your computer, then plugging an RJ-11 jack into the modem. When this wooden modem was built, that would have been illegal. Starting with the communications act of 1934, it was illegal to attach anything to the phone in your house. This changed in 1956 with Hush-A-Phone Corp v. United States, which ruled you could mechanically attach something to a phone’s headset. (In Hush-A-Phone’s case, it was a small box that fit over a candlestick phone to give you more privacy.)

The right to attach something to AT&T’s equipment changed again in 1968 with Carterphone decision that allowed anyone to connect something electronically to AT&T’s network. This opened the door for plugging an RJ-11 phone jack directly into your computer, but it wasn’t until 1978 that the tariffs, specifications, and certifications were worked out. The acoustically coupled modem was the solution to sending data through the phone lines from 1956 until 1978. It was a hack of the legal system.

This leaves an ancient modem like the one sitting on my desk in an odd position in history. It was designed, marketed and sold before the Carterphone decision, and thus could not connect directly to AT&T’s network. It was engineered before many of the integrated chips we take for granted were rendered in silicon. The first version of this modem was introduced only a year or so after the Bell 103 modem, the first commercially available modem, and is an excellent example of what can be done with thirteen or so transistors. It’s time for the teardown, so let’s dig in.

Continue reading “Teardown Of A 50 Year Old Modem”