TP-Link Debug Protocol Gives Up Keys To Kingdom

December 14, 2016 by Elliot Williams 25 Comments

If the headline makes today’s hack sound like it was easy, rest assured that it wasn’t. But if you’re interested in embedded device hacking, read on.

[Andres] wanted to install a custom OS firmware on a cheap home router, so he bought a router known to be reflashable only to find that the newer version of the firmware made that difficult. We’ve all been there. But instead of throwing the device in the closet, [Andres] beat it into submission, discovering a bug in the firmware, exploiting it, and writing it up for the manufacturer. (And just as we’re going to press: posting the code for the downgrade exploit here.)

This is not a weekend hack — this took a professional many hours of serious labor. But it was made a lot easier because TP-Link left a debugging protocol active, listening on the LAN interface, and not requiring authentication. [Andres] found most of the information he needed in patents, and soon had debugging insight into the running device.

Continue reading “TP-Link Debug Protocol Gives Up Keys To Kingdom” →

This Quick Hack Will Keep You Online During Your Next Power Outage

November 28, 2016 by James Hobson 56 Comments

The modern human’s worst nightmare: a power outage. Left without cat memes, Netflix, and — of course — Hackaday, there’s little to do except participate in the temporary anarchy that occurs when left without internet access. Lamenting over expensive and bulky uninterruptible power supplies, Youtube user [Gadget Addict] hacked together a UPS power bank that might just stave off the collapse of order in your household.

This simple and functional hack really amounts to snipping the end off of a USB power cable. The cable is then attached to a screw terminal to barrel connector adapter and plugged it into a pass-through power USB power bank. No, really — that’s all there is to it. [Gadget Addict] notes that while most modems and routers are designed to run off a 12V power supply, they still operate at 5V. He goes on to connect several router and router/modem combination units to the power bank. In each case the system appears to boot up and perform normally.

Continue reading “This Quick Hack Will Keep You Online During Your Next Power Outage” →

Maslow Brings The Wall Plotter Into The Woodshop

October 14, 2016 by Elliot Williams 55 Comments

Hanging plotters, or two steppers controlling a dangling Sharpie marker on an XY plane, are nothing new to our community. But have you ever thought of trading out the Sharpie for a wood router bit and cutting through reasonably thick plywood sheets? That would give you a CNC machine capable of cutting out wood in essentially whatever dimensions you’d like, at reasonably low-cost. And that’s the idea behind [Bar]’s Maslow. It’s going to be a commercial product (we hope!), but it’s also entirely open source and indubitably DIYable.

[Bar] walks us through all of the design decisions in this video, which is a must-watch if you’re planning on building one of these yourself. Basically, [Bar] starts out like any of us would: waaaay over-engineering the thing. He starts out with a counterweight consisting of many bricks, heavy-duty roller chain, and the requisite ultra-beefy motors to haul that all around. At some point, he realized that there was actually very little sideways force placed on a sharp router bit turning very quickly. This freed up a lot of the design.

His current design only uses two bricks for counterweights, uses lighter chains, and seems to get the job done. There’s a bit of wobble in the pendulum, which he admits that he’s adjusted for in software. Motors with built-in encoders and gearing take care of positioning accurately. We haven’t dug deeply enough to see if there’s a mechanism to control the router’s plunge, which would be great to cut non-continuous lines, but first things first.

Taking the wall plotter into the woodshop is a brilliant idea, but we’re sure that there’s 99% perspiration in this design too. Thanks [Bar] for making it open! Best of luck with the Kickstarter. And thanks to [Darren] for the tip.

Distributed Censorship Or Extortion? The IoT Vs Brian Krebs

September 29, 2016 by Elliot Williams 118 Comments

Now it’s official. The particular website that was hit by a record-breaking distributed denial of service (DDOS) attack that we covered a few days ago was that of white-hat security journalist [Brian Krebs]: Krebs on Security.

During the DDOS attack, his site got 600 Gigabits per second of traffic. It didn’t involve amplification or reflection attacks, but rather a distributed network of zombie domestic appliances: routers, IP webcams, and digital video recorders (DVRs). All they did was create HTTP requests for his site, but there were well in excess of 100,000 of these bots.

In the end, [Krebs’] ISP, Akamai, had to drop him. He was getting pro bono service from them to start with, and while they’ve defended him against DDOS attacks in the past, it was costing them too much to continue in this case. An Akamai exec estimates it would have cost them millions to continue defending, and [Brian] doesn’t blame them. But when Akamai dropped the shields, his hosting provider would get slammed. [Krebs] told Akamai to redirect his domain to localhost and then he went dark.

Continue reading “Distributed Censorship Or Extortion? The IoT Vs Brian Krebs” →

Inventables Releases Improved X-Carve CNC Router

September 1, 2016 by Brian Benchoff 37 Comments

Introduced last year as an improvement on the very popular Shapeoko CNC router, the X-Carve by Inventables has grown to be a very well-respected machine in the community. It’s even better if you throw a DeWalt spindle on there, allowing you to cut almost everything that’s not steel. With a recent upgrade to the X-Carve, it’s even more capable, featuring the best mods and suggestions from the community that has grown up around this machine.

The newest iteration of the X-Carve features higher power drivers, better rigidity, and a heat sink for the spindle. That last item is an interesting bit of kit – routing takes time, and a 1¼HP motor will turn electricity into heat very effectively.

In addition to the 500mm square and 1000mmm square routers previously available, there’s a new, 750mm square machine available. All machines feature a new electronics box for the X-Carve, the X-Controller. This ‘brain box’ is a combined power supply, stepper driver, and motion controller built into a single box. The stepper drivers are able to supply 4A to a motor, is capable of 1/16 microstepping, and has connections for limit switches, spindle control speed, a Z probe, and outputs for vacuums or coolant systems. The underlying controller is based on grbl, making this brain box a very solid foundation for any 3-axis CNC build. The ‘brain box’ format seems to be the way the hobbyist CNC market is going, considering the whispers and rumors concerning Lulzbot selling their Taz6 brainbox independently from a 3D printer.

The new X-Carve is available now, with a fully-loaded 1000mm wide machine coming in at about $1400. That’s comparable to many other machines with the same volume, unlike the Chinese 3040 CNC machines, you don’t need to find an old laptop with a parallel port.

Hands-On The Shaper Origin: A Tool That Changes How We Build

August 25, 2016 by Gerrit Coetzee 199 Comments

I bet the hand saw really changed some things. One day you’re hacking away at a log with an ax. It’s sweaty, awful work, and the results are never what you’d expect. The next day the clever new apprentice down at the blacksmith’s shop is demoing his beta of his new Saw invention and looking for testers, investors, and a girlfriend. From that day onward the work is never the same again. It’s not an incremental change, it’s a change. Pure and simple.

This is one of those moments. The world of tools is seeing a new change, and I think this is the first of many tools that will change the way we build.

Like most things that are a big change, the components to build them have been around for a while. In fact, most of the time, the actual object in question has existed in some form or another for years. Like a crack in a dam, eventually someone comes up with the variation on the idea that is just right. That actually does what everything else has been promising to do. It’s not new, but it’s the difference between crude and gasoline.

My poetic rasping aside, the Shaper Origin is the future of making things. It’s tempting to boil it down and say that it’s a CNC machine, or a router. It’s just, more than that. It makes us more. Suddenly complex cuts on any flat surface are easy. Really easy. There’s no endless hours with the bandsaw and sander. There’s no need for a 25,000 dollar gantry router to take up half a garage. No need for layout tools. No need to stress about alignment. There’s not even a real need to jump between the tool and a computer. It can be both the design tool and the production tool. It’s like a magic pencil that summons whatever it draws. But even I had to see it to believe it.

Continue reading “Hands-On The Shaper Origin: A Tool That Changes How We Build” →

DIY Linux Computer And 6LoWPAN Gateway

August 4, 2016 by Elliot Williams 12 Comments

We toss together our own PCB designs, throwing in a microcontroller here or there. Anything more demanding than that, and we reach for a Raspberry Pi or BeagleBone (or an old Linksys router). Why don’t we just whip together a PCB for a small Linux computer? Because we don’t know how…but [Jonas] apparently does. And when we asked him why he did it, he replied “because I can!”

His Ethernet-to-6LoWPAN gateway project is a small, OpenWRT-capable Linux computer in disguise. Rather than yet another Raspberry Pi project, he designed around an Atmel AT91SAM9G25 400 MHz CPU, and added some memory, Ethernet, and a CC2520 radio chip to handle the wireless side. It’s all done on a four-layer board, and hotplate/skillet reflowed. This seems temptingly like something within our reach. [Jonas] had access to X-ray machines to double-check his reflow work, which probably isn’t necessary, although it looks really cool.

When finished, the project will link together a 6LoWPAN network (probably home automation) and his home wired network. That makes this device a rival to something like Philips’ Hue Bridge, which was the subject of some controversy when they locked out other devices for a few days until they recanted. Indeed, in response to this, there’s been quite a lot of effort at hacking the firmware of the Hue device, just to stay on the safe side in case Philips plays shenanigans again.

Soon, that’s not going to be necessary. [Jonas]’s design is open from the ground up, and coupled with open software running on top of the OpenWRT router operating system, that’s the full stack. And that’s great news for folks who are thinking about investing in a home automation technology, but afraid of what happens then the faceless corporations decide to pull the plug on their devices.