Welcome to Scribd!

Skip carousel

Lca2012 Hack Everything

Uploaded by

Zad

0% found this document useful (0 votes)

8 views77 pages

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

8 views77 pages

Lca2012 Hack Everything

Uploaded by

Zad

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 77

Search inside document

Hack Everything

or:
Pull apart electronic stuff and invent
new things with the insides

Matt Evans, IBM OzLabs

Re-using electronic devices

1. Philosophy

2. Technical stuff
Philosophy of re-use/hacking
Litron Liwanag (Litre of Light)
Gambiarra:
The Brazilian art of the improvised fix,
kludge or creation.

– With an emphasis on an artful

nature!
Save resources:
Re-use > Recycling > Landfill
Save money:
What's the coolest thing you can
build for $0?
Take things apart, learn by
example
Difficult things are fun
Easy things are fun too
What makes some devices easy to
hack and others difficult?
Effort put into making a
device 'unhackable'
Low cost manufacturing
makes hacks difficult
Cheap development can
make for easier hacks
Rejoice!
Some products are open
hardware designs!
Things to look for in a device:
● Similarity to reference designs

● Debug code left in

● Unused features/footprints

● Factory test points/ports

My CD player has a serial
port
>
>
>_
Acquire a 'logic level' serial-
USB cable
Other useful ports:
●
JTAG
(PCB test, CPU debug)

● In-System Programming
Hacked device example
Twirly graphics for a bookshelf
==========================================================
main() start
----------------------------------------------------------
Product Model: MIRAGE
Sensor Model: MI2000
VER: 092_AYFF
2007/07/27 17:00
Rel by Axisoft
----------------------------------------------------------
DCF Dir Name: AXH10
DCF File Name: FILE
==========================================================

################Check RTC Date#################

[Main::Last EPC=0x0]

[Main::irqInit() Done]
[Main::osInit() Done]
[Main::uartInit() Done]
SPCA536 EVB V1.0
_____________________________________
F/W compiled at 17:30:35, Jul 27 2007
cmd>help
abort cd center clip
custom del dir disp
do dump fill fmt
help info mkdir osmem
ostsk pan pause pb
pbcrop pbdramplay pblcdrestore pblcdrot
pblcdstart pbresize pbrot play
read res rmdir search
snap snapdel snapenhance snapopt
snapprv snapqt snaprgb snapsize
snapyuv speed stillmemdisp thumb
ver wmacontent wmaffwd wmainfo
wmapause wmaplay wmaplayall wmarew
wmastop write zoom
Why is there a useful CLI
hidden inside a closed box?
● Firmware from common codebase

● Debug code left in

→ Rushed to market!
printf("fopen: out of mem\n");

printf("[irqInit() Done]\n");
Hacked device example
Building bench equipment
I <3 OpenWRT
Fun WiFi/ADSL box hacks:
●Espresso machine heater PID
controller

● Streaming mp3 radios

● R/C cars with streaming video

Mapping out GPIOs
/* Page containing GPIO MMIO registers: */
unsigned int phys_addr = 0x08610000;

int main(void)
{
int mfd;
volatile unsigned int *vaddr;

mfd = open("/dev/mem", O_RDWR | O_SYNC);

vaddr = mmap(0, 4096, PROT_READ | PROT_WRITE,

MAP_SHARED, mfd, phys_addr);

vaddr[GPIO_DIRECTION] = 0xffffffff; /* All pins input */

while (1) {
/* Read 32 input pins */
printf("%08x\n", vaddr[GPIO_INPUT]);
}
return 0;
}
Hacked device example
Happy cat
Open design:
PCB
●

Schematics
●

Firmware
●
DEMO
Viewable at:
http://youtu.be/azE5-3fAjUs
# Ugly pin multiplexer config, timer and PWM
# init:

./poke 0xd401e208 0x4c42

./poke 0xd401500c 0x13
./poke 0xd401a000 0x0
./poke 0xd401a004 0x15
./poke 0xd401a008 0x28f

# Turn servo to open position:

./poke 0xd401a004 0x40

# Turn servo to closed position:

./poke 0xd401a004 0x15

Other Examples
Re-use hardware stuff!

● Don't just consume... re-consume :-)

● If you discover something cool, teach

others and tell the world

● Collaborate at a local hackerspace

Merci – and questions?

http://www.hackaday.com/

http://axio.ms/projects/

http://www.ifixit.com/Manifesto/

http://www.we-make-money-not-art.com/archives/2011/07/gambiologia.php

http://obaru.tumblr.com/post/3748881704/creating-a-linux-based-pid

ThomasBlock's FPGA Mining Guide
Document54 pages
ThomasBlock's FPGA Mining Guide
Paul Vlad
No ratings yet
Oil & Gas Amine Sweetening Unit Manual
Document56 pages
Oil & Gas Amine Sweetening Unit Manual
Aariz Khan
100% (2)
Ble-Security Essentials
Document264 pages
Ble-Security Essentials
kenny
No ratings yet
Crack The User Data On Blackphone: Proof of Concept
Document4 pages
Crack The User Data On Blackphone: Proof of Concept
Gilbert Laszlo Kallenborn
No ratings yet
Ch341a Mini Flash Programmer
Document5 pages
Ch341a Mini Flash Programmer
arie
No ratings yet
Building A Freebsd Appliance With Nanobsd: Poul-Henning Kamp
Document41 pages
Building A Freebsd Appliance With Nanobsd: Poul-Henning Kamp
wanna_ac
No ratings yet
Crash N' Burn: Writing Linux Application Fault Handlers
Document25 pages
Crash N' Burn: Writing Linux Application Fault Handlers
Tuxology.net
100% (4)
The Little Book of Sitecore® Tips: Volume 1
From Everand
The Little Book of Sitecore® Tips: Volume 1
Neil P Shack
No ratings yet
1 Delete Headers and Flash FW 767
Document77 pages
1 Delete Headers and Flash FW 767
Sparco M
No ratings yet
AVR Programming Made Easy with Avrdude
Document17 pages
AVR Programming Made Easy with Avrdude
Aatef Shaikh
No ratings yet
AVRStudio C Programming With Arduino RevC PDF
Document40 pages
AVRStudio C Programming With Arduino RevC PDF
Eduardo Garcia Breijo
No ratings yet
Starting out with avrdude - Introduction to AVRDUDE programming utility
Document11 pages
Starting out with avrdude - Introduction to AVRDUDE programming utility
Ricky Putra
No ratings yet
CMOS Password Recovery
Document5 pages
CMOS Password Recovery
Andreea Toma
No ratings yet
Unsa Jan (033-19-0048) Lab 8 Itr
Document11 pages
Unsa Jan (033-19-0048) Lab 8 Itr
hande ercel
No ratings yet
Programming AVR microcontrollers in C using AVR studio
Document40 pages
Programming AVR microcontrollers in C using AVR studio
Tran Tien Dat
No ratings yet
Celebrating: Rudra Pratap Suman
Document26 pages
Celebrating: Rudra Pratap Suman
Ankur Singh
No ratings yet
Gpib Install FC6
Document10 pages
Gpib Install FC6
BSTER123
No ratings yet
KY-012 Active Buzzer Module ENG
Document15 pages
KY-012 Active Buzzer Module ENG
eduardlopez
No ratings yet
Cmospwd
Document5 pages
Cmospwd
Marimantia Diarra
No ratings yet
AVRDUDE Programming Tutorial
Document8 pages
AVRDUDE Programming Tutorial
Brian Johnson
No ratings yet
gu-06-wg-zephyr_and_renode
Document43 pages
gu-06-wg-zephyr_and_renode
ewfkahq3vw
No ratings yet
Arduino, The Basic Stamp Killer
Document10 pages
Arduino, The Basic Stamp Killer
MC. Rene Solis R.
100% (1)
Py Boards
Document123 pages
Py Boards
onæss
No ratings yet
(TWEAKS) (SCRIPTS) Collection Build - Prop Ini
Document15 pages
(TWEAKS) (SCRIPTS) Collection Build - Prop Ini
Surisday Fernandez
No ratings yet
Arduino/Gizduino Quick Start: Engr. Roma L. Mercado RND Engineer/Technical Support at E-Gizmo Mechatronix Central
Document77 pages
Arduino/Gizduino Quick Start: Engr. Roma L. Mercado RND Engineer/Technical Support at E-Gizmo Mechatronix Central
Ryan Gelica Paday
No ratings yet
Arduino Character LCD Tutorial
Document3 pages
Arduino Character LCD Tutorial
Karlitosman
100% (1)
Vid Notes
Document5 pages
Vid Notes
Anonymous IzCd4QX
No ratings yet
MQTT Micropython PDF
Document29 pages
MQTT Micropython PDF
Vlad Timisoara
100% (1)
Ch341a Mini Flash Programmer
Document5 pages
Ch341a Mini Flash Programmer
endreminarik
No ratings yet
ECAPP Lab6 PDF
Document3 pages
ECAPP Lab6 PDF
Isaiah Rafael
No ratings yet
How To Create A Bootable Recovery SD Card For Amlogic TV Boxes
Document22 pages
How To Create A Bootable Recovery SD Card For Amlogic TV Boxes
Lembaga Pemasyarakatan Kelas IIB Pangkalan Bun
No ratings yet
Ch341a Mini Flash Programmer
Document5 pages
Ch341a Mini Flash Programmer
Sourav Ghosh
No ratings yet
Linux Kernel Debugging Going Beyond Printk Messages
Document65 pages
Linux Kernel Debugging Going Beyond Printk Messages
المتمردفكريا
No ratings yet
Verilog Examples
Document57 pages
Verilog Examples
SandeepDey
No ratings yet
Ch341a Mini Flash Programmer
Document5 pages
Ch341a Mini Flash Programmer
samanthauwu2426
No ratings yet
Mini Tower Kit Datasheet
Document17 pages
Mini Tower Kit Datasheet
Abraão Carlos Guerra
No ratings yet
Ch341a Mini Flash Programmer PDF
Document5 pages
Ch341a Mini Flash Programmer PDF
lada1119
No ratings yet
Cpuville Kit Instructions
Document97 pages
Cpuville Kit Instructions
Alfredo Meurer Junior
No ratings yet
Linux Networking
Document85 pages
Linux Networking
Σπύρος Στυλιαράς
100% (1)
Ch341a Mini Flash Programmer
Document5 pages
Ch341a Mini Flash Programmer
Leoned Cova Orozco
0% (1)
Password Recovery Procedure For The Cisco SOHO77 Router...................................................................... 1
Document8 pages
Password Recovery Procedure For The Cisco SOHO77 Router...................................................................... 1
user_iuli
No ratings yet
Understanding Kernel Oops
Document7 pages
Understanding Kernel Oops
stroganovboris
No ratings yet
Captur A Arranque
Document16 pages
Captur A Arranque
Nicolas Bonina
No ratings yet
JTAGiPAQh5450V1 1
Document11 pages
JTAGiPAQh5450V1 1
rj4bcfvc6q
No ratings yet
Lab 2
Document10 pages
Lab 2
zagarzusem
No ratings yet
Beyond Limits: Usage of C++ in Demoscene
Document42 pages
Beyond Limits: Usage of C++ in Demoscene
Synthex El Puto Amo
No ratings yet
HotKeys Keyboard With Custom Profiles
Document17 pages
HotKeys Keyboard With Custom Profiles
Junior Elimeelogodavejunior
No ratings yet
Untitled
Document29 pages
Untitled
josephgrech90
No ratings yet
Simple 8 Bit 16x2 LCD Interfacing With PIC 16F: Jobs Electrician Usa
Document6 pages
Simple 8 Bit 16x2 LCD Interfacing With PIC 16F: Jobs Electrician Usa
Muhammad Majid Altaf
No ratings yet
Advanced View of Atmega Microcontroller Projects List - ATMega32 AVR
Document175 pages
Advanced View of Atmega Microcontroller Projects List - ATMega32 AVR
Bilal Afzal
No ratings yet
Huawei/Vodafone 3G USB Modem On Asterisk-Datacard
Document9 pages
Huawei/Vodafone 3G USB Modem On Asterisk-Datacard
Rui Moreira
No ratings yet
Advanced View of Atmega Microcontroller Projects List - ATMega32 AVR
Document146 pages
Advanced View of Atmega Microcontroller Projects List - ATMega32 AVR
Bilal Afzal
No ratings yet
PC1015
Document13 pages
PC1015
Sharafat Kabir
No ratings yet
Epson Stepper em 546
Document12 pages
Epson Stepper em 546
gui9871
0% (2)
Ch341a Mini Flash Programmer
Document6 pages
Ch341a Mini Flash Programmer
juan carlos mora
No ratings yet
Arduino
Document156 pages
Arduino
Mike Gomez
91% (23)
12-10-15 Logs SSHv2 CCM Suscriber
Document10 pages
12-10-15 Logs SSHv2 CCM Suscriber
Miguel ZG
No ratings yet
KS0257 200409a PDF
Document19 pages
KS0257 200409a PDF
Eldad kazdi
No ratings yet
2008kandroid 2
Document34 pages
2008kandroid 2
Jaeheung Sim
No ratings yet
Foundation Course for Advanced Computer Studies
From Everand
Foundation Course for Advanced Computer Studies
Franck Ismael Djédjé
No ratings yet
Dreamcast Architecture: Architecture of Consoles: A Practical Analysis, #9
From Everand
Dreamcast Architecture: Architecture of Consoles: A Practical Analysis, #9
Rodrigo Copetti
No ratings yet
Fact Sheet - Electrician (General)
Document4 pages
Fact Sheet - Electrician (General)
Saravanan Rasaya
100% (1)
Schutz - Subnotes PDF
Document47 pages
Schutz - Subnotes PDF
Jarryd Rasti
No ratings yet
Fox em Corporate Presentation 08 2022
Document19 pages
Fox em Corporate Presentation 08 2022
Pierluigi Ghione
No ratings yet
Remote Sensing Mineral Exploration Lithium
Document16 pages
Remote Sensing Mineral Exploration Lithium
Gerald Darshan Mogi
No ratings yet
The Sound of Music
Document6 pages
The Sound of Music
Rajdeep Mukherjee
No ratings yet
Persian Polymath Physician Al-Rāzī's Life and Works
Document10 pages
Persian Polymath Physician Al-Rāzī's Life and Works
Anonymous 29PN6AZT
No ratings yet
Rodriguez Vierea
Document51 pages
Rodriguez Vierea
Awawawawa Uwuwuwuwu
No ratings yet
Mushroom Umami Taste Evaluation
Document10 pages
Mushroom Umami Taste Evaluation
Maryam Hanif
No ratings yet
DTP - Digital Transformer Protection
Document13 pages
DTP - Digital Transformer Protection
HBNBIL
No ratings yet
Future Visualized in The Movie Brazil
Document16 pages
Future Visualized in The Movie Brazil
sloutfy
No ratings yet
Kti Semuanya-Dikonversi
Document59 pages
Kti Semuanya-Dikonversi
gacik
No ratings yet
Chapter 11: The Eyes
Document26 pages
Chapter 11: The Eyes
riley2021
No ratings yet
Nexus Capital Management Annual Report
Document7 pages
Nexus Capital Management Annual Report
David Vasquez
No ratings yet
Viscous Fluid Flow Ch1-Preliminary Concepts: Kfupm ME 532-172
Document40 pages
Viscous Fluid Flow Ch1-Preliminary Concepts: Kfupm ME 532-172
Majid Khan
No ratings yet
OK - EndUserGuideHoseSafetyInstitute
Document8 pages
OK - EndUserGuideHoseSafetyInstitute
Sunil Ghosalkar
No ratings yet
Nature 1
Document6 pages
Nature 1
Susanty Sainudin
No ratings yet
Diagnoza Wstępna Klasa I
Document3 pages
Diagnoza Wstępna Klasa I
Magda Stręciwilk
No ratings yet
Iso 4309 2017
Document10 pages
Iso 4309 2017
C. de Jong
No ratings yet
AP Calculus AB 4.1A Worksheet Key Concepts
Document44 pages
AP Calculus AB 4.1A Worksheet Key Concepts
David Joseph
100% (1)
Bhaishajya
Document28 pages
Bhaishajya
drsa2
No ratings yet
Due Amount: We're Listening
Document2 pages
Due Amount: We're Listening
Yogesh Pawar
No ratings yet
DSBV87ALP Two-Stage Differential Pressure Control Valve Specs
Document2 pages
DSBV87ALP Two-Stage Differential Pressure Control Valve Specs
adrianioantoma
No ratings yet
1964 Plymouth Barracuda Landau (Factory Prototype W/ Targa Top) - Photos & Correspondence
Document12 pages
1964 Plymouth Barracuda Landau (Factory Prototype W/ Targa Top) - Photos & Correspondence
Joseph Garza
No ratings yet
Review of oxidative stress and antioxidants in dentistry
Document4 pages
Review of oxidative stress and antioxidants in dentistry
SeeptianMaulana
No ratings yet
Question According VDA 6.3 Questionnaire 0 0: VDA - 6.3 - Report - Potential - Analysis - 2016 - V3 - Vollversion Seite 1 Von 1
Document1 page
Question According VDA 6.3 Questionnaire 0 0: VDA - 6.3 - Report - Potential - Analysis - 2016 - V3 - Vollversion Seite 1 Von 1
ssierro
No ratings yet
KSB ETN GM 80-200 - Domas
Document6 pages
KSB ETN GM 80-200 - Domas
muttawali arsyi han bugis
No ratings yet
The Volcanic Explosivity Index (VEI)
Document8 pages
The Volcanic Explosivity Index (VEI)
Rakhmatul Arafat
No ratings yet
July 17, 2015 Strathmore Times
Document32 pages
July 17, 2015 Strathmore Times
Strathmore Times
No ratings yet
The Mini Percutaneous Nephrolithotomy (Mini-PCNL) and Percutaneous Nephrolithotomy (PCNL) in Pediatric Patients
Document4 pages
The Mini Percutaneous Nephrolithotomy (Mini-PCNL) and Percutaneous Nephrolithotomy (PCNL) in Pediatric Patients
Marius Danila
No ratings yet