At the beginning of October I wrote a blog article called White Hacking: WeMos and SquirelCrawl!. I used the WeMos (ESP32) and the firmware provided by Hacker Arsenal to do a captive portal. As you known, a captive portal is a web page which is displayed to newly connected users before they are granted broader access to network resources [
Portal optimization is required! This is only a sample and a very beta code. The portal is far away from stable :S, but it works.
I assume no responsibility for the usage of this code and post. I repeat again, the book "The Hacker Playbook 2: Practical Guide to Penetration Testing - Peter Kim" says
Just remember, ONLY test systems on which you have written permission. Just Google the term “hacker jailed” and you will see plenty of different examples where young teens have been sentenced to years in prison for what they thought was a “fun time.” There are many free platforms where legal hacking is allowed and will help you further educate yourself.
And once again! Word files with Macro! But this time, I was the first one to report it to VirusTotal and Hybrid-Analysis! :)
|Fig 1: VirusTotal report! Just only two: Fortinet sells hardware, and Qihoo-360 is in China (:S)...|
Here you have the e-mail. The sender is this time the "BOSS Last Name" (A nice improvement! :P) without address, or something like that!
I was surfing the services that Google offers, I found the Geolocation API. As Google describes the API: it returns a location and accuracy radius based on information about cell towers and WiFi nodes that the mobile client can detect. As I was writing the last post using MicroPython, I thought the WiPy 2.0 could be a nice "mobile client".
To use the API you need to get an API key from Google. As a standard user of the API, you get:
- 2,500 free requests per day, and
- 50 requests per second, per user.
I thought I could play with it to test the accuracy of the geolocation.
If you’re not up to speed with MicroPython, Wipy see earlier articles in here.
I don’t have any Belkin WeMo system or Philips Hue light bulbs. However, I have two ESP32 running MicroPython (see my last article), and a W2812b LED strip, and I thought I should be able to say, "Echo/Alexa, turn on the kitchen light" or "Echo/Alexa, turn on the blue light" and It should work with this setup.
And... it works as you can see in this video!
If you are interesting in only using the code, then click here. Otherwise, you can read the complete story... ;)
If you’re not up to speed with MicroPython, Wipy see earlier articles in here.
Another quick tutorial, this time for MicroPython on ESP32. You can find all the information that I'm writing in this post in different articles on the Internet but I've not found anything that summarizes all the topics. That is why I am writting this post. I included some links at the end of each topic to extend the info. Feel free to visit them if you want more info, or write a comment I will try to respond it.
MicroPython & Board
Quoting the official micropython page results in the following
MicroPython is a lean and efficient implementation of the Python 3 programming language that includes a small subset of the Python standard library and is optimised to run on microcontrollers and in constrained environments.
As you see, in my last posts (sorry about the link, I need some pagekit taxonomy!), I have been programming the Wipy 2.0. This board is a tiny MicroPython enabled WiFi & Bluetooth IoT development platform.
Fortunately, there is a port of MicroPython for the ESP32, and this time I've installed the firmware on the Wemos board. The development tool includes a ESP-WROOM-32 microcontroller.
I was surfing the web for new hacking software and hardware tools and I found the Hacker Arsenal website. This website offers "ARTILLERY FOR CYBER WARRIORS" as they said; it is basically hardware and firmware for pentester. In summary, they have actually three products especially for Wi-Fi Sniffing.
I found the Winx-Portable on the website and I thought I have something like that. I look for the boards that I've recently bought, and I find the WeMos WiFi ESP32 Development Tool. The boards are identical. Then, I tested the available firmware and they worked on my board.
Yesterday I received again an email from an address that should look like my boss email address.
Dienstag, 3. Oktober 2017 08:34 Guten Abend, In der Anlage das SEPA Formular und die neue Rechnungsanschrift. http://uk-timber.co.uk/Angebot-OMHZG-046754/ Viele GrÃ¼ÃŸe Boss Name
As the title says, this is a getting started with Android Things. It should be my first post, but, it's better now than never. I'm posting this to summarize the steps to install Android Things on your Raspberry Pi.
Google announced Android Things on December of 2016. It's a modified version of the Android that we all know, but for Internet of Things (IoT) devices. The architecture of the SDK is described in the following figure:
|Fig.: Android Things SDK architecture (Source: Google)|
As you can see, the core Android framework (the level below the Apps) is extended with additional APIs provided by the 'Things Support Library' (in orange). These APIs enable the integration of the apps with the new IoT devices.
Yesterday I received an email from an address that should look like my boss email address. It was something like this: "Boss.Name@our-institute.uni-hannover.de email@example.com" with the subject:
Rech QK - 163-DA7666 Riva, Mauro and a text saying:
Guten Tag, Riva, Mauro Als Anhang erhalten Sie Ihre Rechnung. (something like "You receive your invoice as an attachment.") Rech: http://blackbox-es.com/Rechnung-26375407950/ (don't click this link --> read all the post!!!) Herzliche GrÃ¼ÃŸe (GrÃ¼ÃŸe: Grüße) firstname.lastname@example.org
Android Things DP5.1 is out! and the bugs were fixed!!! You can check the release notes here!.
You don't need to change the
config.txt for the display settings and the debugger issues were solved and it is working again (tested! - it stops at the breakpoints)!
You can download the zipped image using the Android Things Console! Check this post for more information!
There are some problems with my two Android Things repositories and the applications are not working as expected :( but I will be updating the GitHub repositories this weekend!
Stay tuned! and have a nice friday!
Android Things DP5 is out and of course, new features are available.
The most important features are:
- Runtime Pin Configuration
- OpenGL 2.0 Support (that means hardware acceleration on the RPI!)
This time you need to use the Android Things Console to download the image as follows:
- Go to: Android Things Console and sign in using your Google credentials
- Click on: Create a new Product
- Go to: Factory Image
- Select: Empty Bundle (if you don't have any app) and the Android Things v. OIR1.170720.015
- Click on: Create Build Configuration
- Make a coffee or just wait a couple of minutes
- You get the .zip file which contains the .img file
- Use Win32DiskImage (Windows) or
ddcommand (Linux/Mac) to flash the image on the micro-sd (click here for more info)
Problems were solved with Android Things DP5.1! Check here!
Unfortunately, I am having some problems with this version. The first problem... (continue reading!)
Two posts in one day! Now the SensorTag CC2650 is running on Android Things. The Raspberry Pi 3 can be used as a sensor hub, and the SensorTag can be connected to it using BLE.
I modified the original app and now it is working on Android Things! Minimal changes were required, especially on the files related with the user interface. Moreover,
WebView is still not supported on Android Things.
I've created a new repository for the Texas Instrument SensorTag CC2650. I updated the open source TI repository, which can be found here.
Due to licensing restrictions (I do not know which ones) Texas Instruments was no longer able to keep the open source code in sync with the SensorTag application in Google Play. That means, the new version in Google Play has more features than this one. But this is open source, and can be modified and extended! I am planning to collect the sensor data and publish on a Google Cloud IoT PubSub topic.
The new code can be found here: