Thursday, November 28, 2013

SensorSub.com, IndicatorIntel.com, Public CIF Updates

Its been a while since I provided an update on the ongoing  projects or anything new. First off want to extend a huge public thank you to Rebekah Monson (@rsm) for making sensorsub.com and taking it to a new levels with the Awesome Foundation grant. She has a great recollection of the Subs evolution on the site with upcoming events. Hopefully we should be water testing it ASAP and I should be putting up an updated bill of materials and design plan. Alot of items have changed through the Subs evolution and I'm sure alot more will change as we start water testing it.

IndicatorIntel.com is half cooked so far, I have a working application which collects OSINT data and stores it on a no SQL data store. The next step is making collectors for honeypots like Dionea or Amun and start making a search UI.

As to the public CIF instance I have to apologies for not being on top of new user request. Some have been backed up and I have not updated the service to CIF 1.0v yet. As time progressing I will be phasing out this service to replace it with IndicatorIntel.com as I get closer to a release candidate.

Sunday, September 15, 2013

Get Crazyflie Quad Copter working on the Raspberry Pi with a Sony PS3 Bluetooth controller

Recently got my hands on a crazyfly and I must say I love it. Took me few minutes to get it assembled using bitcraze instructions: http://wiki.bitcraze.se/projects:crazyflie:mechanics:assembly
I wanted to get it running with my raspberry pi to use it on the go but ran into a few hiccups so I decided to put this doc together as  guide for anyone whom has a PS3 Bluetooth controller at home (crazyfly has only documentation on xbox wired).



Things you need:

  1. Crazyflie
  2. Sony PS3 Controller
  3. USB Bluetooth adapter
  4. Crazyradio
  5. Raspberry Pi (with all necessary accessories)



  1. Start to assemble the crazyflie using the instructions at bitcrazy.
  2. Download and image an SD card with bitcraze pre-built raspberry pi crazy fly image: http://wiki.bitcraze.se/projects:crazyflie:binaries:raspberrypi
  3. Boot up the Pi with the fresh baked image, update you pi and install any necessary tools you use (I usually install vim, lshw, screen, etc..)
  4. Install PS3 controller and other necessary libraries:
    sudo apt-get upgrade
    sudo apt-get install bluez-utils bluez-compat bluez-hcidump libusb-dev libbluetooth-dev joystick usbutil pyqt4-dev-tools
  5. Check that the Bluetooth module is being detected: 
    pi@raspberrypi ~ $ hciconfig hci0: Type: BR/EDR Bus: USB
    BD Address: 00:1F:81:00:06:20 ACL MTU: 1021:4 SCO MTU: 180:1
    UP RUNNING PSCAN
    RX bytes:1260 acl:0 sco:0 events:46 errors:0
    TX bytes:452 acl:0 sco:0 commands:45 errors:0
    If you see your USB Bluetooth adapter then you are good if not there is an issue with the Pi Recognizing your adapter
  6. Install the paring software to pair the controller with the Pi:
    wget http://www.pabr.org/sixlinux/sixpair.c
    gcc -o sixpair sixpair.c -lusb

  7. After you compile this file there will be a binary executable called “sixpair” which now you can execute, connect your PS3 controller using a USB cable to the Pi (You only have to do this once for the pairing)
    Run the executable and you should see something like this:
    crazyfly-pi ~ $ sudo ./sixpair
    Current Bluetooth master: f0:f0:02:c7:f5:8e
    Setting master bd_addr to 00:10:60:d2:c2:fe

  8. If you get that output that means your controller is now officially paired with the Pi. Now we have to install the controlling application that read the controller as an input device. 
    wget http://sourceforge.net/projects/qtsixa/files/QtSixA%201.5.1/QtSixA-1.5.1-src.tar.gz
    tar xfvz QtSixA-1.5.1-src.tar.gz
    cd QtSixA-1.5.1/sixad
    make
    sudo mkdir -p /var/lib/sixad/profiles
    sudo make install 
  9. Now we can test to see if the controller is working first start the sixad daemon and initiate the controller:
    sudo sixad --start
    When Prompted Press the PS button and the 4 upper LED on controller will light up.
  10. To test that you are indeed receiving input from the controller run jstester against the input:
    sudo /usr/bin/jstest /dev/input/js0
    You should be seeing the following values change and you press keys in the controller.

  11. We must tell now cfheadless that we are going to be using a PS3 Bluetooth controller edit the following file and Change PS3_Mode1 to PS3_Mod2 like so: crazyfly-pi:~# cat /home/bitcraze/controller.conf
    PS3_Mode_2
  12. Now we need to make that assures that cfheadless is always running, this assures that even if the crazyflie is not detected right away it will get configured the right way. Place the following script in /root/run_crazyfly.sh

  13. Now we make this run every minute
    sudo -i
    crontab -e

    and add the following lines to it:
    */1 * * * * /root/run_crazyfly.sh
    @reboot sixad -s

  14. You should be set now, restart your pi, make sure you turn on your crazyflie. Once the pi has booted give it 5 minutes and press the PS button on your ps3 controller. You should be able to controller your crazyflie with the controller. 





Tuesday, September 3, 2013

Underwater ROV 2.0

Redesign

After some serious thinking on the direction and cost of the submarine, I though it would make sense to consolidate the motor control functions into a raspberry pi. I have used the adafruit 16 channel server driver board to control the ESC (http://www.adafruit.com/products/815). This takes that responsibility away from the Arduino which was the original sub concept. Furthermore, with the release of the raspberry pi camera now on the pi I can also consolidate the streaming video capabilities. This gets rid of the necessity to buy an IP camera and have 2 network connections on the submarine. As the frame goes no serious water testing as occur as of yet but as soon the motor is completed there will be some redesign as well. Below you can see a video of the raspberry pi controlling the ESC of the current sub.


Getting ESC with raspberry Pi and adafruit servo controller working. Excuse the desk mess. from Jose Hernandez on Vimeo.

First you must get I2C installed on the PI by running:

sudo apt-get update && sudo apt-get upgrade
sudo apt-get install python-smbus i2c-tools

Make sure that I2C is working by running:

  1. sudo i2cdetect -y 1

Then get the adafruit PWM libraries:

git clone https://github.com/adafruit/Adafruit-Raspberry-Pi-Python-Code.git

cd into the Adafruit-Raspberry-Pi-Python-Code/Adafruit_PWM_Servo_Driver/ directory and 
the example code I use to get this running on the PI:
The wiring Schematics:
Pulled from Adafruit
If you run into any issues I recommend going through the Adafruit guide: http://learn.adafruit.com/adafruit-16-channel-servo-driver-with-raspberry-pi/overview
I will be uploading to github the driver code in python for the submarine.

Monday, January 21, 2013

Submarine Update

It has been a while since an update for the submarine is provided, and the good news is most of it is already hash out. I have gotten most of the case design completed. At the current stage I'm working on the motor housings and the motherboards design (more on that later). At this point I have realized also this ROV needs a name hehehe!

So far below are rough draft design of what the frame will be layout to be. These will be constantly changing as the project starts getting shape. 

Front and Rear View Design:



Side View Design:
MotherBoard Design (Sits inside the Sub)

Also the bill of material is taking shape.

The current design does not include UP and DOWN propulsion which will be added by a third motor (position might be under the ROV) and powered by one of these.

The front frame will be static with a plexi glass front. Pictures coming soon (this piece is completed). The rear would be a thread PVC coupling similar to this one. The idea is to get the motherboard to slide it inside the 4" PVC center and slide it out to be worked this. Most of the code is proof of concept so far but soon I will be uploading it to my github. Thank you @_trialnerror_ for you invaluable advices, and help so far.

Some images of the materials:

Monday, November 26, 2012

BEAST and CRIME Attacks Research Paper

For my cryptography class as a semester end assignment we had to produce a research paper. I decided to write it on SSL attacks and concentrate on BEAST and CRIME as example. The paper give a good in-depth explanation on how and why is SSL exploited. You can find the paper here. Also modified a cipher discovery tool I found in stack-overflow and uploaded to github.

Thursday, September 27, 2012

Collective Intelligence Framework Globe

Feed Globe

Attempting to get some GeoIp correlation of the feed I'm collecting with CIF lead to generating a 3d globe at (https://feed.josehelps.com). I did this using the geo ip data collected from my public cif instance. I'm generating the geo data base on the logs from the crontool using the this script (Needs alot of improvements). I have posted all the source code at my github page.



You will need a WebGL compatible browser to load the globe (updated Chrome or Firefox should work). Let me know what you think of it. 

Saturday, September 15, 2012

Submarine Project Update

Phase 1 - Building a Sensor Box

Trying to focus on getting all the necessary parts to build the sensor box. So far I have gotten the camera working with the Pi although at the moment I have a bit of a power issue. My current Pi power supply only gives it 0.5Amps while the camera and the wifi card will need a bit more than that. Order new 2AMP usb hub to compensate for that.

So far the following is working:

 


Sadly the camera disconnects right after it is detected due to power issues:

Sep 12 02:56:34 raspberrypi kernel: usb 1-1.2: new high speed USB device number 19 using dwc_otg
Sep 12 02:56:35 raspberrypi kernel: usb 1-1.2: New USB device found, idVendor=046d, idProduct=0805
Sep 12 02:56:35 raspberrypi kernel: usb 1-1.2: New USB device strings: Mfr=0, Product=0, SerialNumber=2
Sep 12 02:56:35 raspberrypi kernel: usb 1-1.2: SerialNumber: 584E2190
Sep 12 02:56:35 raspberrypi kernel: uvcvideo: Found UVC 1.00 device (046d:0805)
Sep 12 02:56:35 raspberrypi kernel: input: UVC Camera (046d:0805) as /devices/platform/bcm2708_usb/usb1/1-1/1-1.2/1-1.2:1.0/input/input4
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: USB disconnect, device number 19
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: new high speed USB device number 20 using dwc_otg
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: New USB device found, idVendor=046d, idProduct=0805
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: New USB device strings: Mfr=0, Product=0, SerialNumber=2
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: SerialNumber: 584E2190
Sep 12 02:56:36 raspberrypi kernel: uvcvideo: Found UVC 1.00 device (046d:0805)
Sep 12 02:56:36 raspberrypi kernel: input: UVC Camera (046d:0805) as /devices/platform/bcm2708_usb/usb1/1-1/1-1.2/1-1.2:1.0/input/input5
Sep 12 02:56:43 raspberrypi kernel: usb 1-1.2: USB disconnect, device number 20

Just ordered:
Researching:
If someone could provide some help with the frame, it would be greatly appreciate it, so far I have only  though as far as making it out of PVC pipes.



Sunday, September 9, 2012

CIF public instance down for the moment

Seems that running the instance has gotten a bit expensive. I have noticed new sign ups but I'm in the process of migrating it to a more cost effective hosting company. Also upgrading CIF to 1.0 during the mean time. Please bear with me, I'm trying to avoid asking for donations. If you have any place where I can host a 1U server, I would be most appreciative.


Tuesday, September 4, 2012

Hack Miami Submarine


Going where no hacker has gone before

The purpose of this project is to make an underwater submarine using a Raspberry Pi as the primary controller and collector for sensory data. The sensory data ranges any where from live video, temperature, acceleration, to atmospheric pressure. The submarine will also accommodate modules to be added for hacking purposes (wifi cracking underwater, packet collect, bluetooth scanning etc...). In essence a spy sub. 

Rough Design Concepts:

Phase 1 Anchored Concept -


Final Concept Art -

10,000 Feet view of project:

I would like to break the project into 3 phases in order to make it feasible and get results in every phase. 
  1. Build a sensor box  - Drop a sensor box in salt water, make sure we get readings
  2. Give the Submarine Propulsion - Add motors and navigation 
  3. Make the Submarine wireless - Attempt to all sensor data be transfer via RF/802.11 including video.

Todos:


  • Narrow down scope of project 
  • Select sensors that would make sense on the submarine
  • Bill of materials for phase 1 & 2
  • Test sensors
  • Make Hull, fit sensors in
  • Test Hull in salt water (no sensors)
  • Drop Hull and sensors in water
  • ...
  • ...

Idea Pad:

Throw your ideas down here, work with me on piecing this together.
http://sync.in/iRY5dtUo7k

Tuesday, June 26, 2012

Collective Intelligence Framework for the public

After installing my first CIF server my interest for it has grow exponentially. I now find myself attempting to find more and more feeds to aggregate. My only wish was that of a public instance so I took it upon myself to create one. Hence http://www.josehelps.com/p/feeds.html

The public instance is currently aggregating information from the providers list on that page. I will add more as I come across them or they become available. If you have data that could benefit the security community and are capable/interested in sharing it please contact me up and I will gladly assist in adding it to our feeds.


I will be moving the server this service is on pretty soon to EC2, I will make a post before I do so. Also if you install the perl client and want to query a list of IPs/Domains, run the following command:

for i in `cat input.txt`; do cif -Sq $i; cif-output.txt; done

input.txt = file with domains/ips
cif-output.txt = results
eg:

1.1.1.1
2.2.2.2
thisdomain.com

If you want to take the server for a whirl fill out the form in the feeds tab and wait for me to send you an API key. You can find me in irc channel #cif on freenode.net, or you can simply email me [email protected] if you have any questions.


Also if you are interest in installing your own server I highly recommend you use the EC2 instructions that Wes Young has added to the collective intelligence framework project site. created.