wifi

472 Articles

Remoticon 2021: Uri Shaked Reverses The ESP32 WiFi

December 30, 2021 by 9 Comments

You know how when you’re working on a project, other side quests pop up left and right? You can choose to handle them briefly and summarily, or you can dive into them as projects in their own right. Well, Uri Shaked is the author of Wokwi, an online Arduino simulator that allows you to test our your code on emulated hardware. (It’s very, very cool.) Back in the day, Arduino meant AVR, and he put in some awesome effort on reverse engineering that chip in order to emulate it successfully. But then “Arduino” means so much more than just AVR these days, so Uri had to tackle the STM32 ARM chips and even the recent RP2040.

Arduino runs on the ESP32, too, so Uri put on his reverse engineering hat (literally) and took aim at that chip as well. But the ESP32 is a ton more complicated than any of these other microcontrollers, being based not only on the slightly niche Xtensa chip, but also having onboard WiFi and its associated binary firmware. Reverse engineering the ESP32’s WiFi is the side-quest that Uri embarks on, totally crushes, and documents for us in this standout Remoticon 2021 talk. Continue reading “Remoticon 2021: Uri Shaked Reverses The ESP32 WiFi”

New Pi Zero Gains Unapproved Antennas Yet Again

December 13, 2021 by 25 Comments

We’ve only started to tap into the potential of the brand new Pi Zero 2. Having finally received his board, [Brian Dorey] shows us how to boost your Pi’s WiFi, the hacker way. Inline with the onboard WiFi antenna can be found a u.FL footprint, and you just know that someone had to add an external antenna. This is where [Brian] comes in, with a photo-rich writeup and video tutorial, embedded below, that will have you modify your own Zero in no time. His measurements show seeing fourteen networks available in a spot where he’d only see four before, and the RSSI levels reported have improved by 5 dB -10 dB, big when it comes to getting a further or more stable connection.

With old laptops being a decent source of WiFi antennas, you only need to procure a u.FL connector and practice soldering a bit before you take this on! The hardest part of such a project tends to be not accidentally putting any solder on the u.FL connector’s metal can – and [Brian] mostly succeeds in that! He shows how to disconnect the external antenna to avoid signal reflections and the like, and, of course, you will be expected to never power your Pi Zero on without an attached antenna afterwards, lest you have your transmitter become fatally confused by the mismatch of hardware-defined impedance expectations. A Pi Zero isn’t the only place where you’ll encounter footprints for connectors you can add, and arguably, that’s your duty as a hacker – modifying the things you work with in a way that adds functionality. Don’t forget to share how you did it!

This trick should be pretty helpful if you’re ever to put your new Pi Zero in a full-metal enclosure. Curious about the Raspberry Pi antenna’s inner workings? We’ve covered them before! If you’d like to see some previous Raspberry Pi mods, here’s one for the Pi 3, and here’s one for the original Zero W – from [Brian], too!
Continue reading “New Pi Zero Gains Unapproved Antennas Yet Again”

Comfortable, wearable packaging for biometric device for monitoring physiological data and pushing the data to the cloud

A DIY Biometric Device With Some Security Considerations

December 11, 2021 by 8 Comments

Biohacking projects are not new to Hackaday and it’s certainly a genre that really piques our interest. Our latest biohacking device comes courtesy of [Manivannan] who brings his flavor of a wearable biosensor with some security elements built-in through AWS.

The hardware is composed of some impressive components we have seen. He has an AD8232 electrocardiogram front end, the MAX30102 integrated pulse oximeter IC for determining blood oxygen and heart rate, and the ever-popular LM35 for measuring body temperature. Either of these chips would be perfect for your next DIY biosensor project though you might try the MAX30205 body temperature sensor given its 0.1-degree Celsius accuracy. However, what really piqued our interest was the use of Microchip’s AVR-IoT WA Development Board. Now we’ve talked about this board before and also mentioned you could probably do all the same things with an ESP-device, but perhaps now we get to see the board a bit more in action.

[Manivannan] walks the reader through the board’s setup and everything looks to be pretty straightforward. He ultimately rigged together a very primitive dashboard for viewing all his vitals in real-time, demonstrating how you could put together your own patient dashboard for remote monitoring of vitals or other sensor signals. He emphasizes that all this is powered through AWS, giving him some added security layers that are critical for protecting his data from unwanted viewers.

Though [Manivannan’s] security implementation doesn’t rise to the standard of medical devices, maybe it will serve as a case study in the growing open-source medical device movement.

Continue reading “A DIY Biometric Device With Some Security Considerations”

wifi scanner

Visualizing WiFi With A Converted 3D Printer

November 22, 2021 by 9 Comments

We all know we live in a soup of electromagnetic radiation, everything from AM radio broadcasts to cosmic rays. Some of it is useful, some is a nuisance, but all of it is invisible. We know it’s there, but we have no idea what the fields look like. Unless you put something like this 3D WiFi field strength visualizer to work, of course.

Granted, based as it is on the gantry of an old 3D printer, [Neumi]’s WiFi scanner has a somewhat limited work envelope. A NodeMCU ESP32 module rides where the printer’s extruder normally resides, and scans through a series of points one centimeter apart. A received signal strength indicator (RSSI) reading is taken from the NodeMCU’s WiFi at each point, and the position and RSSI data for each point are saved to a CSV file. A couple of Python programs then digest the raw data to produce both 2D and 3D scans. The 3D scans are the most revealing — you can actually see a 12.5-cm spacing of signal strength, which corresponds to the wavelength of 2.4-GHz WiFi. The video below shows the data capture process and some of the visualizations.

While it’s still pretty cool at this scale, we’d love to see this scaled up. [Neumi] has already done a large-scale 3D visualization project, using ultrasound rather than radio waves, so he’s had some experience in this area. But perhaps a cable bot or something similar would work for a room-sized experiment. A nice touch would be using an SDR dongle to collect signal strength data, too — it would allow you to look at different parts of the spectrum.

Continue reading “Visualizing WiFi With A Converted 3D Printer”

Super 8 Camera Brought Back To Life

September 30, 2021 by 32 Comments

The Super 8 camera, while a groundbreaking video recorder in its time, is borderline unusable now. Even if you can get film for it (and afford its often enormous price), it still only records on 8mm film which isn’t exactly the best quality of film around, not to mention that a good percentage of these cameras couldn’t even record audio. They were largely made obsolete by camcorders in the late ’80s and early ’90s, although some are still used for niche artistic purposes. If you’d rather not foot the bill for the film, though, you can still put one of these to work with the help of a Raspberry Pi.

[befinitiv] has a knack for repurposing antique analog equipment like this while preserving its aesthetic. While the bulk of the space inside of this camera would normally be used for housing film, this makes a perfect spot to place a Raspberry Pi Zero, a rechargeable battery, and a power converter circuit all in a 3D printed enclosure that snaps into the camera just as a film roll would have. It uses the Pi camera module but still makes use of the camera’s built in optics which include a zoom function. [befinitiv] also incorporated the original record button so that from the outside this looks like a completely unmodified Super 8 camera.

The camera can connect to a WiFi network and can stream live video to a computer, or it can record video files to an internal SD card. As a bonus, thanks to the power converter circuit, it is also capable of charging a cell phone. [befinitiv] notes that many of the aesthetic properties of 8 mm film seem to be preserved when using this method, and he has several theories as to why but no definitive answer. If you’d like to take a look at some of his other projects like this, check out this analog camera that is now able to take digital pictures. Continue reading “Super 8 Camera Brought Back To Life”

Extracting The WiFi Firmware And Putting Back A Keylogger

July 20, 2021 by 35 Comments

In the interest of simplification or abstraction, we like to think of the laptop on the kitchen table as a single discrete unit of processing. In fact, there is a surprisingly large number of small processors alongside the many cores that make up the processor. [8051enthusiast] dove into the Realtek rtl8821ae WiFi chip on his laptop and extracted the firmware. The Realtek rtl8821ae chip is a fairly standard Realtek chip as seen in this unboxing (which is where the main image comes from).

True to his name, [8051enthusiast] was pleased to find that the rtl8821ae was clearly based on the Intel 8051. The firmware was loaded on startup from a known file path and loaded onto the chip sitting in an M.2 slot. Careful consideration, [8051enthusiast] reasoned that the firmware was using RTX51 Tiny, which is a small real-time kernel.

The firmware is loaded at 0x4000 but it calls to code below that address, which means there is a ROM on the chip that contains some code. The easiest way to extract it would be to write some custom code that just copies the masked ROM back to the main CPU via the shared memory-mapped config space, but the firmware is checksummed by the masked ROM code. However, the checksum is just a 16-bit XOR. With a tweak in the kernel to allow accessing the shared config space from userspace, [8051enthusiast] was on his way to a complete firmware image.

Next, [8051enthusiast] looked at what could be done with his newfound hackability. The keyboard matrix is read by the Embedded Controller (EC), which happens to be another 8051 based microcontroller. There also happens to be an RX and a TX trace from the EC to the m.2 slot (where the rtl8821ae is). This has to do with 0x80 postcodes from the processor being routed out somewhere accessible via the EC. With a bit of custom code on both the EC and the WiFi chip, [8051enthusiast] had a keylogger that didn’t run on the main processor broadcasting the PS/2 keystrokes as UDP packets.

Of course, there are plenty of other 8051 based devices out there just waiting to be discovered. Like this 8051 based e-ink display controller.

[Main image source: Realtek RTL8821AE unboxing on YouTube by Евгений Горохов]

Bringing The Game Boy Camera Into The 21st Century

July 8, 2021 by 6 Comments

The Game Boy Camera is probably one of the most limited-specification digital cameras to have been mass-marketed, yet it occupies a special position in the hearts of many because despite being a toy with a paltry 128×128 monochrome sensor it was for many the first camera they owned. [Matt Grey] was among those people, and was always frustrated by the device’s inability to export pictures except to the Game Boy printer. So after having bodged together an interface a decade ago but not being happy with it, he returned to the project and made a wireless carrier for the camera that allows easy transfer through WiFi to his mobile phone.

Inside the slab-like 3D-printed enclosure lies a GBxCart RW Game Boy cartridge reader, whose USB port is wired to a Raspberry Pi Zero on which are a set of scripts to read the camera and make its photos available for download via a web browser. At last the camera is a stand-alone unit, allowing the easy snapping and retrieval of as many tiny black and white images as he likes. There’s a video showing the device in action, which we’ve placed for your enjoyment below the break.

This camera has appeared in so many projects on these pages over the years, but we’re guessing that the work on whose shoulders this one stands would be the moment its workings were reverse engineered.

Continue reading “Bringing The Game Boy Camera Into The 21st Century”