Friday 27 July 2018

Amazon Dash Button Cheerlight Controller

I needed a way to control the cheerlights that could be useful for friends who didnt have or understand twitter.  Whilst to most of us sending the colour or a sentence with a colour included along with the hashtag cheerlights was the norm, I needed to simplify the process.

Firstly obtain an Amazon Dash Button, they are a fiver in uk money, but order the product that the button is for e.g. duracell order batteries, then you get your fiver back making it free.

next was to follow the instructions that come with the dash button, order those batteries (or whatever you chose the dash button to be) then delete the button before re installing it.  when you get to the point of choosing your product again just exit and turn off dash button notification as you dont want to be ordering more product everytime the button is pressed.

next was to write the code, I needed (and failed quite a few times to begin with) code that could look for the mac address of the amazon dash button on my network, after several tries and googling each bit of code that gave me errors I found and edited some lines and bingo the hello world message I had been looking for telling me the button had been pressed and the ip address of the router.

I then tried to incorporate a way that this could be tweeted and colour and went for a random message option where I had a dozen ready made sentences with a different colour mentioned in each followed by the hashtag.  I ended up using tweepy which is easily installed with a apt-get install python-tweepy and went to an old blog I had about a twitter camera I built for my wedding and hacked away at the code taking all the bits i needed and writing it to just tweet once when code was run and it worked.

Next was to merge both scripts into one and run it, bingo it worked and didnt send tons of messages either which was a main worry. 

Future work on this code will be to introduce a way to detect you are not tweeting the colour already in use and also not to tweet a previous colour as twitter doesnt like this.

My code can be found on git hub at github.com/smstext/dashbuttoncheerlights


Saturday 21 October 2017

Getting the best with Seat Ecotrainer

This has been something that's interested me for about ten years now after being placed on a fuel efficient driving course.  Before the course I was lucky to get anywhere near 400 miles on a full tank of petrol, but afterwards I could easily get more plus more with 10-30%

Now on Seat cars we have the Ecotrainer which displays your fuel efficiency as you drive.


So how do I get the most out of it and score high? Well I'm running a TSI although my last car was diesel which could reach between 60-70 mpg, this one i can get nearly 60 mpg but 50-55mpg is normal, let's look at how we can achieve great mpg and 97-99% eco points.

Firstly is the accelerator pedal, 60% of fuel is wasted accelerating, we want to pull away lightly pressing the accelerator. We also want to change gear around 2,000 rpm for petrol and 2,500 rpm for diesel. Once we are in top gear keeping revs around 2-2.5k and speed around 45-50mph any faster we loose fuel consumption to wind resistance.

We also want to plan in advance, breaking hard means we are wasting fuel, instead letting off the accelerator and using engine speed to naturally slow down instead.

Splitting the road into thirds, getting up speed in first third, maintaining speed in second third and naturally slowing in last third.

Keeping the journey smooth, you will loose points if you don't keep the car in the blue segment and importantly on the left of the screen it will warn you if anything is effecting your fuel economy like wrong gear, too fast or harsh breaking.

Also make sure you don't have unnecessary belongings in the car, a full boot etc can reduce your fuel consumption by 10% also under inflated tyres as this causes resistance and again will affect your mpg.

Roof racks and damaged body work reduces aerodynamics too, along with an unmaintained car, so keep up your services.

Now to the inside of the car again we have air con which uses around a litre an hour and running window heaters will draw on the battery and in turn the engine will work a bit harder to charge the battery, the car radio however doesn't use much.

Lastly don't leave the engine idling, move off straight away, avoid stop start in traffic instead try keeping the vehicle moving slowly, less fuel will be used as the momentum is already there. If you have to stop then ensure you have stop/start enabled as any stops of over 30 seconds will save you fuel and keep your mpg higher.

Tuesday 15 August 2017

Making my own BAD USB

I've seen many different tutorials over time, usually you have to buy a certain type of usb stick and then use specific programs to burn a new firmware on it and before you know it spent £20+ on it.

Next I've seen a Raspberry Pi Zero with Poison Tap placed on it, again very obvious plugging in a small computer with various leads which then look very suspicious.

However I soon came across a USB Beetle which is a very tiny computer and can be purchased within a USB case for around £5 including postage off well known auction sites.



The USB Beetle is a tiny USB ATmega32u4, running at 16 MHz with 32kb of memory and can be programmed with Arduino IDE programmer available from the arduino.cc site.

Next download this simple program called rubberduino from https://github.com/zatarra/rubberduino this program translates rubber ducky scripts into Arduino so it can run from the usb beetle and is very easy to set up thanks to a great README.md file.

Now visit usbrubberducky.com and choose the scripts for ideas or write your own. Ducktoolkit.com is another really useful site and certainly worth a look too.

So how does this work? Surely anti virus scanners or blocking programs running from usb should halt this? Well actually no.  If you have looked at the code once ready to transfer from Arduino IDE to this device you would have notice mention of keyboard.h and this is the secret.

The device acts as a keyboard and because of this the computer doesn't see it as a threat. The USB device then types out the commands from the scripts uploaded to the USB device and can do this up to 200 times faster then you or I typing it.  A good example is the rickroll script that opens up a hidden window and plays Rick Astley Never gonna give you up.  It also stops the volume from being turned down leaving the user no other option but to pull the power lead and reboot, however more sinister things can be done like create a reverse shell or add malicious code to the computer.

So no matter how locked down the PC is against usbs/removable drives, a USB that looks like a usb but acts like a keyboard will defeat it.  Next time you see someone plugging in a usb think this, is it a usb or is it a bad USB device.

Monday 14 August 2017

Laser Cat Laser Cat nothing like a Laser Cat



After sorting out my Raspberry Pi stuff I found an old arduino uno lying around.  This was soon followed by a metal tin from one of my Pimoroni.com orders.  I remembered there was a recent article on building a laser device for cats and as squatter cat has moved in (now named puss) and she loves chasing things I thought I better have a go.

So purchased a pan/tilt kit and a 3 pin laser which later turned out I had both in my bits box.  I then used my Dremel to cut several holes into the tin for wires and power and tried to fix the pan and tilt with glue but just wouldn't stay, so drilled a tiny hole and screwed the motor to the tin, this was the easy part.

Next up was the coding, not had the best of luck with arduinos but found code written by  La Fabrique DIY on his github page at https://github.com/LucasBerbesson/Laser-cat and uploaded it and bingo it works.






Saturday 13 May 2017

NHS hit by ransomware

Been watching this on Twitter this evening and have been intrigued with this so called sophistic attack, lets delve deeper.

The attack is actually using the EternalBlue vulnerability (patched at beginning of March) released over the Easter Weekend among many other vulnerabilities called zero days (as Microsoft had not been made aware of them up to this point) and looked like they had been created by Equation Group for the NSA.  Shadow Brokers managed to obtain these vulnerabilities, possibly by hacking the NSA and then tried to sell them to the highest bidder after originally trying to sell them off for around $1M but paid for in bitcoins, this carried on dropping and dropping till they eventually released the 300mb file on the Easter Weekend.

On closer inspection the exploit ETERNALBLUE works by remotely connecting via SMB & NBT (Windows XP to Windows 2012) and basically hits any windows machine older than Windows 10, hense bring on the ransomware using this exploit plus some FUZZBUNCH exploits and you have WannaCry or WCry 2.0 .

Its been written in C++ and the code is easily viewable as no attempt has been made to hide the code and encrypts the files and adds a .WNCRY extension before asking for a $300-$600 bitcoin ransom.

So does that mean Im vulnerable? providing you have applied all Microsoft security patches including MS17-010 released in March then no you should be safe. also stopping the SMB V1 service which this ransomware/malware uses.

So far it looks like if you can crash Wcrypt it will reset, however if it does infect your machine it will also add the DOUBLEPULSAR backdoor.  Also if www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host.

This also only affect Microsoft products so linux users you are safe, but again dont open those attachments you were not expecting, use a good anti virus and back up your files on a external device as well as saving very important work to usb sticks.

So far over 70k machines have been infected and thats not just NHS machines; FedEx, Telefonica, Shaheen Airlines are to name a few.

Have these pesky kids got away with it? well the bitcoins can be traced to an extent so they will need to clean the coins by passing them through bitcoin launderers, other people, a few anonymous throwaway bitcoin accounts before finally transfering the money into their own account for each $300 I can see them being left with $100 per ransom or less as this will have to go on and on for months.  Already the ransonware has been dissected and those who know their stuff in bitcoins have already started to track the bitcoins about.

nb: binary blob in pe crypted with password "WNcry@20l7" 

Wednesday 19 April 2017

The Annoying Pi


Are practical jokes your forte ? Then this will be right up your street and can be built for around £20 of which probably be a lot less as you will no doubt have these bits already lying around.

So lets get started this is what you need:

Pizero w
Speakerphat
Usb powerbank to power it.

After following the instructions on Pimoroni the makers of speakerphat and the installation of the phat to the pi you will need to do a few things. First is to log on to wifi, there is enough tutorials should you need to ask how to do that.  Next is to search for "annoying .wav" you should find quite a few sites and from here download the files.  I found that renaming the files to something shorter like buzz.wav or scream.wav will make things easier later on.

Next open a command line and go to raspi-config and enable ssh.  It will also be a good time to change any default password so no one else can ssh into your pi.

Once done shutdown the pi, attach battery pack to pi and hide somewhere like under the bed or even back of a cupboard.

Now fire up another pi or computer and start up terminal.

Here we can use nmap to search for all connected devices on our network and get the ip address of the annoying pi or if before you shutdown the pi you do an ifconfig and write down the ip address on the wlan0 line.

Next we need to ssh in and the command will be like this:

sudo ssh pi@192.168.1.5

Pi will be the user name and 192.168.1.5 (will be whatever your device has allocated to it) the ip address.

Next it will ask for password and if correct will go on to ask you further questions of which just reply yes.

Now we are logged in to the pi we can have some fun. Start by logging into the folder the .Wav files are stored in and most likely be Downloads with cd Downloads command.  Here with the ls command we can see all the files.  Next is to launch the files, you could write a random playing script with python but i dont think you will get the element of surprise to what we want.

The next task is to start the sounds, this will be done with the following command with my scream.wav file.

Sudo aplay scream.wav

Now if all has gone well you should be hearing the file being played.  When you have done this with a few files you will be able to choose the files quicker at the command line by pressing the up arrow to go through previous commands and choose the file if previously played quicker.


Have fun and feel free to post any extra tips below.

Tuesday 7 March 2017

Raspberry Pi Wedding Twitter selfie camera

I wanted to do something for my wedding to my wonderful wife that was different.  We had already planned a non traditional wedding with lots of different things, but I also wanted something that would be seen as trendy amongst the cool kids.

My daughter told me about a photo booth company but with such a small budget we couldnt afford one then I remembered something similar had been done and after a few googles I found tons of similar ideas but all seem to use Twython and from what I read parts had been depreciated yet I couldnt find the right commands to actually make it work.

So with the latest Raspberry PiZeroW and offical case, old pi camera from another project I began my project.  I had to enable ssh and vnc, personally I prefer sshing in to deal with issues but vnc can be better for trouble shooting.

I then had to make a twitter account (@angelapawedding) and set up the api so i could get the access and consumer tokens and set to read write and got to work, even soldering two pins on the back to 3rd and 4th pin in on the top row to attach a two wire pc wire/button reset switch to.  I figured this way if kids dropped or pulled it at least it could be reconnected with ease.


here is the code:
-----------------------------------------------------------------------------------

#mypifi feel free to use
#!/usr/bin/env python2.7
import tweepy
import sys
from picamera import PiCamera
from time import sleep
from datetime import datetime
from gpiozero import Button

consumer_key        = 'goes here'
consumer_secret     = 'goes here'
access_token        = 'access token code goes here'
access_token_secret = 'access secret goes here'
button = Button(14)
camera = PiCamera()
auth = tweepy.OAuthHandler(consumer_key, consumer_secret)
auth.set_access_token(access_token, access_token_secret)
api = tweepy.API(auth)

while True:
    button.wait_for_press()
    status = "#LobsterWedding"
    timestamp = datetime.now().isoformat()
    photo_path = '/home/pi/wedding/photo/%s.jpg' % timestamp
    sleep(3)
    camera.capture(photo_path)

    with open(photo_path, 'rb') as photo:
        api.update_with_media(photo_path, status=status)


-------------------------------------------------------------------

The status part of the code is what text you want to display with the picture I used a hashtag so it be easy for people to find pictures or even add theirs for the wedding.  If you are interested, lobsters are supposedly meant to mate and be loyal to the same partner for life.

photo_path is where the picture is stored in my case its stored in folder called wedding in another folder within called photo.  each file saved here is given a unique filename and the program then tweets the latest picture using the twitter api via tweepy.

I saved the file as camera.py and chmod +x the file.  Once in place I vnc'd into it opened up a terminal and ran camera.py and then left it.

So throughout the evening guests (and especially the younger ones) had something to do and even my selfie obsessed daughter had a go as you will see below.  Guests could look up what had been tweeted by the camera at @angelapawedding or by searching the hashtag #lobsterwedding.



Sure the code could be cleaned up a bit more and more could be done with it, but for a quick project between finalising the final parts of the wedding I thought it was pretty good and was also a good talking point to guests.

If you do find a way of tidying up code then feel free to comment below and I will add it to the blog.

Wednesday 22 June 2016

raspberry pi news ticker

Ive been trying to do more with the max7219 for a while. Whilst playing with an 8x8 square can get you started a 16x8 gets fun but addictive.

Last week i got a 32x8 board through which is basically 4x 8x8 matrixes still not happy i ordered another that arrived today and soldered the two together so i have 8x 8x8 matrixes and with editing led.matrix() from 4 to 8 it worked.




The wiring was a case of wiring vcc to 3.3v. ground to ground. Din to pi pin 19. Cs to pin 24 and the last one clk to 23.

With the help my last post and rmhull s github code for the 7219 chip i was soon running various code.  Next was to get a news ticker working and after a search i found feedparser a python module which can be installed with apt-get python-feedparser.

Running into a bit of difficulty i turned to twitter with what i had coded so far and help from @rgee0 aka richard gee we got there in getting a news ticker on screen.

Next was to merge the two codes and bingo worked on first attempt


Here is my newsticker in action.




There we go feel free to add and change the code and comment below.

Monday 13 June 2016

Keyes 16x8 led matrix add on board

I bought one of these keys 16x8 led boards a while back but couldnt get it working. Well a lie i couldnt get both screens working.

So tonight whilst looking for something different I found this board and decided to give it another try. On googling i kept finding arduino set ups which wasnt what i wanted and after using git clone https://github.com/rm-hull/max7219.git i searched for projects which used mr hulls code and came across one which pointed me to another github repo.

So here we go:

First enable SPI in sudo raspi-config (look in advanced menu)

next type:

sudo git clone https://github.com/leon-anavi/raspberrypi-matrix-led-max7219

cd raspberrypi-matrix-led-max7219

sudo python setup.py install

There we go. Some good example codes there and after some playing around i managed to get it to display the time.

.



Sunday 29 May 2016

Reintroduction to caching

After the passing of my beloved dog Frodo a couple of weeks ago I decided to brush the cobwebs off my basic looking mountain bike that I had been given a while back and decided to take it for a ride and do a few geocaches as a carrot to the donkey to ensure i didnt give up to quick.  First thing i noticed was I lost my pen. after trying to sign in with a dirty stick I managed to find a waxy crayon in the puncture repair kit and decided this was my pen for the day.

It was nice to get back into the countryside and felt weird as this was where me and Frodo had come many times, but in recent years we had gone from unlimited miles per walk, to 10, then 6, down to 3 then less than a mile.

I was disappointed to the fact there were not any traditional size caches just tiny boring micros.

I had been for a while playing Ingress another location game but after being caught up in a widespread ban for allegedly breaking TOS which to this date I still dont have a clue but it be something to do with travelling to fast between locations or something stupid to which i have lodged a appeal as reaching level 14 without cheating and playing within the rules feels like an insult.  The other option would be to start all over again and work my way back up and with what i know these days it would take long, but still why should I after the way they have treated me in this mass world wide ban sweep that took place last week.  Ive heard that those that appeal have a very low chance of having their accounts reinstated so who knows I should hopefully be one of those.

But on a huge positive I thought about my raspberry pi geocaching device. It was made with a pi model b. now thinking about it I could remake it as a wrist band device with a pi zero and a long lead to a battery pack in my bike bag and have a new gps system. maybe i will work on this idea next.