Radio Apocalypse: The GWEN System

Recent developments on the world political stage have brought the destructive potential of electromagnetic pulses (EMP) to the fore, and people seem to have internalized the threat posed by a single thermonuclear weapon. It’s common knowledge that one bomb deployed at a high enough altitude can cause a rapid and powerful pulse of electrical and magnetic fields capable of destroying everything electrical on the ground below, sending civilization back to the 1800s in the blink of an eye.

Things are rarely as simple as the media portray, of course, and this is especially true when a phenomenon with complex physics is involved. But even in the early days of the Atomic Age, the destructive potential of EMP was understood, and allowances for it were made in designing strategic systems. Nowhere else was EMP more of a threat than to the complex web of communication systems linking far-flung strategic assets with central command and control apparatus. In the United States, one of the many hardened communications networks was dubbed the Groundwave Emergency Network, or GWEN, and the story of its fairly rapid rise and fall is an interesting case study in how nations mount technical responses to threats, both real and perceived. Continue reading “Radio Apocalypse: The GWEN System”

Hacker Heroism: Building Your Way Out of AV Hell

Many years ago, in a rainy concrete jungle on the west coast of Australia, I worked for a medium-sized enterprise doing a variety of office-based tasks. Somehow, I found myself caught up in planning a product launch event outside the official remit of my position. We got through it, but not before the audiovisual (AV) setup of the event turned into one giant hack.

The initial planning stages went remarkably smoothly until less than a month out from the big day when three weeks of frantic changes and revisions to the presentation rained down. These were some of the hardest days of my working life to date, as it seemed that we would lock in a new arrangement, only to tear it up days later as some new vital criteria came to light, throwing everything back into disarray.

Things came to a head on the night before the event. Working with two different AV teams we had planned for four projection screens and five flat screen televisions spread throughout the venue and controlled from the central AV desk. But somewhere in all those changes the televisions were set up to all display a still image, or nothing at all. I needed to show different videos on each and have the ability to black them all out.

It was at this point I realized we were screwed. The production team simply didn’t have the hardware to drive another five screens, but they could source it — for the sum of $5000. Management were furious, and were under the impression, like myself that this was what we had asked and paid for already. I was at an impasse, and beginning to wonder if I’d have a job come Monday. I wandered off to a corner to curse, and more importantly, think. After all, I’m a hacker — I can get through this.

Continue reading “Hacker Heroism: Building Your Way Out of AV Hell”

Horns Across America: The AT&T Long Lines Network

A bewildering amount of engineering was thrown at the various challenges presented to the United States by the end of World War II and the beginning of the Cold War. From the Interstate Highway System to the population shift from cities to suburbs, infrastructure of all types was being constructed at a rapid pace, fueled by reasonable assessments of extant and future threats seasoned with a dash of paranoia, and funded by bulging federal coffers due to post-war prosperity and booming populations. No project seemed too big, and each pushed the bleeding edge of technology at the time.

Some of these critical infrastructure projects have gone the way of the dodo, supplanted by newer technologies that rendered them obsolete. Relics of these projects still dot the American landscape today, and are easy to find if you know where to look. One that always fascinated me was the network of microwave radio relay stations that once stitched the country together. From mountaintop to mountaintop, they stood silent and largely unattended, but they once buzzed with the business of a nation. Here’s how they came to be, and how they eventually made themselves relics.

Continue reading “Horns Across America: The AT&T Long Lines Network”

ESP to Wireshark

Everyone’s favorite packet sniffing tool, Wireshark, has been around for almost two decades now. It’s one of the most popular network analysis tools available, partially due to it being free and open source. Its popularity guaranteed that it would eventually be paired with the ESP32/8266, the rising star of the wireless hardware world, and [spacehuhn] has finally brought these two tools together to sniff WiFi packets.

The library that [spacehuhn] created uses the ESP chip to save Pcap files (the default Wireshark filetype) onto an SD card or send the data over a serial connection. The program runs once every 30 seconds, creating a new Pcap file each time. There are many example scripts for the various hardware you might be using, and since this is written for the ESP platform it’s also Arduino compatible. [spacehuhn] has written this as a proof-of-concept, so there are some rough edges still, but this looks very promising as a network analysis tool.

[spacehuhn] is no stranger to wireless networks, either. His YouTube channel is full of interesting videos of him exploring various exploits and testing other pieces of hardware. He’s also been featured here before for using an ESP8266 as a WiFi jammer.

Continue reading “ESP to Wireshark”

Go Wireless with This DIY Laser Ethernet Link

Most of us have Ethernet in our homes today. The real backbones of the Internet though, use no wires at all. Optical fibers carry pulses of light across the land, under the sea, and if you’re lucky, right to your door. [Sven Brauch] decided to create an optical link. He didn’t have any fiber handy, but air will carry laser pulses over short distances quite nicely. The idea of this project is to directly convert ethernet signals to light pulses. For simplicity’s sake, [Sven] limited the bandwidth to one channel, full-duplex, at 10 Megabits per second (Mbps).

The transmit side of the circuit is rather simple. An op-amp circuit acts as a constant current source, biasing the laser diode. The transmit signal from an Ethernet cable is then added in as modulation. This ensures the laser glows brightly for a 1 bit but never shuts completely off for a 0 bit.

The receive side of the circuit starts with a photodiode. The diode is biased up around 35 V, and a transimpedance amplifier (a current to voltage converter) is used to determine if the diode is seeing a 1 or a 0 from the laser. A bit more signal conditioning ensures the output will be a proper differential Ethernet signal.

[Sven] built two identical boards – each with a transmitter and receiver. He tested the circuit by pointing it at a mirror. His Linux box immediately established a link and was reported that there was a duplicate IP address on the network. This was exactly what [Sven] expected. The computer was confused by its own reflection – but the laser and photodiode circuits were working.

Finally, [Sven] connected his PC and a Raspberry Pi to the two circuits. After carefully aligning the lasers on a wooden board, the two machines established a link. Success! (But be aware that a longer distances, more sophisticated alignment mechanisms may be in order.)

Want to know more about fiber and networking? Check out this article about wiring up an older city. You can also use an optical link to control your CNC.

Getting a Measure on Particulates in Stuttgart

There’s a big to-do going on right now in Germany over particulate-matter air pollution. Stuttgart, Germany’s “motor city” and one of Dante’s seven circles of Hell during rush hour, had the nation’s first-ever air pollution alert last year. Cities are considering banning older diesel cars outright. So far, Stuttgart’s no-driving days have been voluntary, and the change of the seasons has helped a lot as well. But that doesn’t mean there’s not a problem.

But how big is the issue? And where is it localized? Or is particulate pollution localized at all? These questions would benefit from a distributed network of particulate sensors, and the OK Lab in Stuttgart has put together a simple project(translated here) to get a lot of networked sensors out into the wild, on the cheap.

The basic build is an ESP8266 with an SDS011 particulate sensor attached, with a temperature and humidity sensor if you’re feeling fancy. The suggested housing is very clever: two 90° PVC pipe segments to keep the rain out but let the dust in through a small pipe. The firmware that they supply takes care of getting the device online through your home WiFi. Once you have it running, shoot them an e-mail and you’re online. If you want help, swing by the shackspace.

We love these sort of aggregated, citizen-science monitoring projects — especially when they’re designed so that the buy-in is low, both in terms of money spent and difficulty of getting your sensor online. This effort reminds us of Blitzortung, this radiation-monitoring network, or of the 2014 Hackaday-Prize-Winning SATNOGS. While we understand the need for expensive and calibrated equipment, it’s also interesting to see how far one can get with many many more cheap devices.

A Red Teamer’s Guide to Pivoting

What is hacking and what is network engineering? We’re not sure where exactly to draw the lines, but [Artem]’s writeup of pivoting is distinctly written from the (paid) hacker’s perspective.

Once you’re inside a network, the question is what to do next. “Pivoting” is how you get from where you are currently to where you want to be, or even just find out what’s available. And that means using all of the networking tricks available. These aren’t just useful for breaking into other people’s networks, though. We’ve used half of these tools at one time or another just running things at home. The other half? Getting to know them would make a rainy-day project.

Is there anything that ssh and socat can’t do? Maybe not, but there are other tools (3proxy and Rpivot) that will let you do it easier. You know how clients behind a NAT firewall can reach out, but can’t be reached from outside? ssh -D will forward a port to the inside of the network. Need to get data out? There’s the old standby iodine to route arbitrary data over DNS queries, but [Artem] says dnscat2 works without root permissions. (And this code does the same on an ESP8266.)

Once you’ve set up proxies inside, the tremendously useful proxychains will let you tunnel whatever you’d like across them. Python’s pty shell makes things easier to use, and tsh will get you a small shell on the inside, complete with file-transfer capabilities.

Again, this writeup is geared toward the pen-testing professional, but you might find any one of these tools useful in your own home network. We used to stream MP3s from home to work with some (ab)use of netcat and ssh. We keep our home IoT devices inside our own network, and launching reverse-proxies lets us check up on things from far away without permanently leaving the doors open. One hacker’s encrypted tunnel is another man’s VPN. Once you know the tools, you’ll find plenty of uses for them. What’s your favorite?

Thanks [nootrope] for the indirect tip!