hack

Posted on by Jean-Luc Aufranc (CNXSoft) - 7 Comments on Add a 2.5″ Hard Drive to Voyo VMac Mini mini PC with a $20 Custom SATA Cable

Add a 2.5″ Hard Drive to Voyo VMac Mini mini PC with a $20 Custom SATA Cable

When I tore down Voyo VMac Mini mini PC, I noticed a 2.5″ mounting mechanism, and some weird 9-pin SATA connector, but since the hard drive would be so close to the components I assumed this specific case was not designed for a drive, but the board would be compatible. However, it’s now possible to purchase a $20 custom SATA cable from “Voyo Official Store” on Aliexpress to do just that.All you have to do is to open the case, connect the cable to the motherboard, and the hard drive, and mounting the hard drive to the mechanism with four screws. I’m not sure whether you should also use some kind of insulation between the drive and motherboard, as it will be really close, but the company does not mention anything about that. Cooling might also be an issue even though there’s a fan in the mini PC. It’s not […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 17 Comments on Xiaomi WiFi IP Cameras Hacked to Run RTSP Server, Disable Cloud Service

Xiaomi WiFi IP Cameras Hacked to Run RTSP Server, Disable Cloud Service

Xiaomi 720p and 1080p IP cameras include night vision, motion detection, WiFi connectivity, and can save videos locally, and send them to a cloud server in China for you to check your camera from anywhere. The 720p camera sells for about $50, while the 1080p camera goes for around $30 on GearBest and other websites, but comes with less IR LEDs and no optical zoom. [Update: The black version of the 720p camera goes for $29.99 on Amazon US] They works fine, but you need a specific mobile app to configure and control the camera, and if you’d rather not have the videos streamed to some server outside of your local network, github user “Fritz” has developed a set of scripts for the camera to disable cloud service, run a standard RTSP server, as well as HTTP and FTP servers on the camera. He did his work on Yi Ants […]

Posted on by Karl Johnson - 16 Comments on YokaTV KB2 Review – Amlogic S912 TV Box with 32 GB Flash

YokaTV KB2 Review – Amlogic S912 TV Box with 32 GB Flash

CNXSoft: This is another review by Karl about Amlogic S912 based YokaTV KB2 TV box. Introduction Today we will be looking at Videostrong YokaTV KB2. Below are the specs from Videostrong website. This is my first S912 device so I had high expectation. I have been using it for quite some time now with no major issues. I received approximately 6 OTA updates since I started testing and some welcome updates have come. Build When I receive a box first thing I do is take it apart and check out the inside. I was excited when I found out it had 32 gig of storage. It is not too common. Then when I opened the box I was really happy to see an antenna that wasn’t soldered on. Makes it easy to add a different one. +1 for KB2. Then I noticed the heat sink. It seemed a little small. […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 3 Comments on VGA Output Hack on $2 PADI IoT Stamp & Other Realtek RTL8710AF Modules

VGA Output Hack on $2 PADI IoT Stamp & Other Realtek RTL8710AF Modules

It’s pretty amazing what you can do with those cheap WiFi modules coming from Espressif and Realtek. You may remember CNLohr getting ESP8266 to broadcast video to your TV though NTSC, and that was impressive. But developer kissste, who has been very active since the announcement of a $2 Realtek RTL8710 module, has now developed a VGA driver demo for Realtek Ameba WiFi SoCs, and successfully tested it on Pine64 PADI IoT Stamp. Just like on ESP8266, there’s no hardware display block on RTL8710AF, RTL8711AF, and RTL8195AF SoCs, so instead he had to connect the signals to GPIOs with the video signal connected to GA1 via a resistor, H-Sync to GC2, and V-Sync to GA5. Video and H-Sync data is actually transfered over an SPI connection using DMA transfer for better performance. Normally the video signal for VGA is divided into red, green, and blue signal, so I understand he mixed […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 60 Comments on How to Play Netflix HD on any Android Device with Widevine Level 1 DRM

How to Play Netflix HD on any Android Device with Widevine Level 1 DRM

A while ago I wrote an article entitled “Why Doesn’t your Android TV Box Play Full HD or 4K Videos in Netflix?” basically explaining that most TV boxes running Android could only play SD quality, because HD and higher quality requires both Widevine Level 1 DRM, and Netflix certification, and the second part is the most difficult since Netflix need to spend time testing a given product, and may not agree to do so for smaller manufacturers. The end result is that only a small subset of devices can play Netflix HD. Samsung Tab S2 is one of the device with Widevine Level 1, but is not certified by Netflix, and by default can only play SD quality. But XDA Forum user chenxiaolong apparently found a workaround and as the photo above shows is now able to reach HD resolutions (e.g. 1920×1080) with Netflix using his tablet. After analyzing packets […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 34 Comments on Nintendo NES Classic is Powered by Allwinner R16 SoC, Likely Hackable

Nintendo NES Classic is Powered by Allwinner R16 SoC, Likely Hackable

Nintendo NES Classic Edition is a small replica of Nintendo NES, both adapted to modern times with an HDMI output, and keeping with nostalgia thanks to connectors for original game controllers, and pre-loaded with 30 classic games. If you planned to add your own games however, the lack of USB ports, micro SD card slot, or any other storage or network interface could make it impossible. But based on a recent photo tweeted by Peter Brown, senior review editor at GameSpot, there may be light out of the tunnel, as while the main storage device (4Gbit NAND flash) is soldered to the board, the main board is powered by Allwinner R16 quad core Cortex A7 processor with a Mali-400MP2, and it’s quite likely UART / serial console and/or FEL interfaces are exposed on the board, making it possible to hack the device and potentially load your own games. The other […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 4 Comments on Hacking ARM TrustZone / Secure Boot on Amlogic S905 SoC

Hacking ARM TrustZone / Secure Boot on Amlogic S905 SoC

Amlogic S905 processor used in many Android TV boxes and ODROID-C2 development board implements ARM TrustZone security extensions to run a Trusted Execution Environment (TEE) used for DRM & other security features. However, Frédéric Basse, a security engineer, worked with others and managed to bypass secure boot in one Amlogic S905 powered Android TV box, namely Inphic i7, but any other device based on the processor would have made the same thing possible. He explains the steps they went through and how they managed to exploit vulnerability to bypass secure boot in a detailed technical blog post. They first started by looking for info in Amlogic S905 datasheet, but most info about TrustZone had been removed from the public version. So not that much help here except a potential address for BOM Root (ROMBOOT_START   0xD9040000). The next step was to connect the UART pins in order to access the […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 45 Comments on Routers, IP Cameras/Phones & IoT Devices can be Security Risks even with the Latest Firmware, and a Strong Admin Password

Routers, IP Cameras/Phones & IoT Devices can be Security Risks even with the Latest Firmware, and a Strong Admin Password

ZTE-ZXHN-F600W

I’ve just read an interesting article entitled “who makes the IoT things under attack“, explaining that devices connected to the Internet such as router, IP cameras, IP Phones, etc.. may be used by Botnet to launch DDoS attacks, and they do so using the default username and password. So you may think once you’ve updated the firmware when available, and changes the default admin/admin in the user interface, you’d be relatively safe. You’d be wrong, because the malware mentioned in the article, Mirai, uses Telnet or SSH trying a bunch of default username and password. That made me curious, so I scanned the ports on my TP-Link wireless router and ZTE ZXHN F600W fiber-to-the-home GPON modem pictured below, and installed by my Internet provider, the biggest in the country I live, so there may be hundred of thousands or millions of such modems in the country with the same default […]