Rethink, Repurpose, Reuse… Rain Hell

Uh thanks for coming to my talk. Uh my name is Mike Zupo and uh this is repurpose uh sorry rethink, repurpose, reuse rain hell. Um try to get a little bit more functionality out of some of your devices and um moving forward the using that type of criteria with new devices that are coming out to to quickly um uh use them functionally. So uh sorry, we'll go into that real quick. Uh I I know I have to put a legal disclaimer up here. I'm not too big on that type of [ __ ] but uh you know what? You're going to break your device through this type of talk if you've never done it before. It's going to

happen at some point in time. So, I'm sorry. I can't be responsible for anything you do with this type of stuff. But, uh I guess everybody knows that type of stuff anyways. Uh oh, [ __ ] We're done. Yeah, that's it. All right. Have a good day, guys. [ __ ] It had to be XP, right? It had to be XP. What? I love Windows XP, man. Yo, we're we're we're reusing stuff, right? You know, we're just being frugal and and you know, that's it, man. It's all uh Come on. Sorry, everyone. Of course, that has to happen. Okay, so um I'm a hobbyist. Um I don't work for like an IT company and anything I'm

doing here has nothing to do with my job. Um I love this type of stuff and I love talking about it. So I hope you guys are interested in the same sense. Um I'm still learning a lot about it and the main thing is if I can do this, you can do this. So it's simple but there's really simple uh methodologies that get complicated as we go through it. Everybody knows Rob Ford, right? Um so today uh how can we get more functionality out of some old devices that you own? Um the pace of these things coming out is awesome, right? market competition is pushing them out like crazy. How can I actually run what

I want to on these types of things? When I was a kid, the first computer I got was a Pentium 133 and it was awesome, man. It was quick. I can play Quake on it. These days, I'm getting a quad-core processor and the thing's slow as [ __ ] So, why can't I use this the way I want to use it? Why can't I? So, we're going to get into there. Um, there's x86 based devices. There's a lot of ARM devices and um you have to translate um you know there's intermediates and stuff to to make sure that you can use desktop programs on an ARM device. x86 ones it's almost you know there's no translation

you're you're good to go. So how can we use desktop software wherever you want? Um and screw Apple. I don't like Apple. Community is awesome. Um, the only reason that I could ever learn anything like this and and and pass it on is because somebody else came up with it first. But they have different types of building blocks. So, we put them together and we make our own type of solution. What do you need? What's your objective? It's easy. Um, if you've ever jailbroken a phone, done a custom ROM, modded console, ever thought about, you know, hacking what? That's why we're here, isn't it? Um, you can do this. uh like any platform, the more people that

are are are on it are are exposed to it, people with their own little innovations are going to push it forward. Um and that's what a lot of this is where so many people came up with little tiny tweaks and you add them together and you finally get to where you want to be. Um with anything uh so most of these devices you need to get to the boot loader and they're so generic. Good luck trying to do that. You know, they've closed sourced it. They've not given you any tools, no factory support. How can I get in there? You can't. Um, with anything, if if if you're up to the challenge, and so many people are with

like cryptography and different types of hack methods here, um, sure, with time, you can you can hack anything, get in there, but what's that worth to you? What do you need to do, and what's your objective? So, screw that. What have people done already? Why can't I use what they've done and then throw my spin on top of it? Um, do appreciate the process and the time though. like they've done the hard work and uh to do it yourself is is is something different. Um so today uh we started off where uh I got my inspiration was with the Nokia N900. Um it's an old uh old phone with a whole bunch of uh awesome

packed features in there that you can really use uh as long as you get creative. We're going to go into Android Crruit, which is or tr um some kind of method to get a little more functionality on devices that are at least rooted and uh to play a I'll be careful with using that word virtualization cuz it's not virtualized but it's um it acts in that same manner where it you're not natively running it. Um one of my little fun projects, the hack TV, um the things you can do with Android and stuff and as long as you're creative, you can do anything. Then we're going to go into x86 uh x86 type devices. Uh my stream 7 project which is

um where I got the inspiration for this type of talk and then uh where we can go from there. Um and I'm going to go through some links and I'm going to reference some stuff. I want to put all of it on my blog. I'm not a big blogger and I don't really care about like ads or anything stupid like that, but I want to put everything in one spot for people to access. Um, and then from there, you know, everybody, somebody else might have a better idea that they can throw at me and then we'll go further bouncing it back and forth. Um, things to consider. Um, you're definitely going to screw up one

of your devices. You're going to screw it up. Um, if you've never done it before, just be prepared for that. And what are you going to do about it when it's screwed up? Can you go back? Do you have some kind of backup, recovery, restore point, something you can do to, you know, make sure it's not a brick? Um, that's why junk phones, they're kind of half and half. You know, you've got an old like Motorola Atrix, let's say. It's got HDMI out. It's got USB. It's not a bad phone in general. It's a dual core processor, but that overhead that you have on it, the UN um the boot loader that's locked down for

Motorola. The challenge on there is not really efficient. The type of stuff you want to do, [ __ ] that. It's not worth it's not worth your money. Um so, um the N900 was where I got all of my inspiration. This thing is like a little computer. Um, Nokia released it in 2009 and it's got some pretty cool specs for 2009. Now, we might want to laugh at it, but the fact that it's got some of this stuff is is awesome. Sorry. Um, the um it's got an infrared port that in the instruction manual wasn't even programmed. You had to do it off the bat and then you get creative off it. The best thing is that it's running

a Debian based OS. So, from there, you can install Debian based packages and have a little bit of fun as long as you get creative with that. So in 2011 uh a developer and he I think he was contracted by uh a third party uh he came out with an injection driver for the N900. So all of a sudden you wanted to run weap attacks WPA cracking you could do it on the phone. Now maybe not cracking the WPA password but you could get that handshake send it off to somewhere else because you have a data connection on there. So as long as you get creative with it they're you know sky's the limit. Um, Pony Express came

out with the first Pone phone and that was where they released a community image where you could literally take that SD card, load it into your phone and have all of their apps pre-installed. Now, you could have done that by yourself. You could have manually got all these things, but they gave you a a level playing ground for you to start learning on that stuff. Um, the community started playing with it and they keep coming out with more stuff. Um, sorry. So, they even came out with STR support now for it. So, anybody that's interested in softwaredefined radio, you could use this little tiny, you know, $100 device now that you can connect to remotely. Leave it

where Hi folks, Angie here. Unfortunately, the ad media crapped out on me again. It freezes up here and you don't get audio until about the 16 minute 29 second mark. Yes, I am looking at the start stuff. Unfortunately, I may need two of them for each rig. In any event, sorry about that. And if you fast forward to the about the 16 minute 49 second mark, audio resumes. Sorry for the problems.

a rock ship based which is like you know a little generic but they give you tools to modify them. and they give you tools to play with the bootloadader to uh modify the recovery and people have in the community and they've allowed them out there where they're just trying to you know create a better kernel that's higher definition that gives you access to on the- go ports but as they were trying to do that so you can load you know XBMC on there with your two TB hard drive to watch all your movies at the same time that's allowed you to put an injection capable card on there and hide this on the back of the TV and SSH into

it. It depends on what your objective is. If you want to use it for fun or malicious purposes. Um, yeah, sorry, that's an example of it. Um, the they're like sold out now cuz they're so old. And there's way newer versions coming out that are quad core, octaore now that blowing these things out of the water. So, as long as you can do that same type of thing with that that criteria where you're going to load um somebody's modded software on there, you're you're set for the races. Um, there's a lot of Android specific apps where sometimes you can't unlock stuff, you can't break the bootloader, but you still want to use this as like a

drop and hack device. Um, Dloit is amazing. It's uh any Android device that's rooted and if you're on a Wi-Fi network is the man-in-the-middle master. Like, this thing really uh art poisons and does everything that you want. Um, it's the best thing that that I've seen um compared to actually using uh apps straight out. Um, but then they have the GUI ones where I'm sorry, not everybody but if you've ever heard of Reaver, it's a type of Android app. Oh, sorry, it's a type of Linux app to uh exploit WPS uh Wi-Fi networks and stuff to get in. Um, you can run that on Android and it's got this really terrible GUI that doesn't work half the time. You press a

button and what what's it doing? It's just hanging for a bit. If you had command line, at least you can control it, right? If you had terminal, you can control what's going on. You can cancel it, you restart when you're at the mercy of somebody's GUI. It's not the same, but at least it gives you that touchcreen input to to to do something. Um, ideally, um, now Offensive Security used to have this on their site, and I feel like they took it off. They took the actual image off, but they've got several other ones for different armed devices. Beagle Bone Black, all kinds of other little the Raspberry Pi 2 where you can take this

this really cheap ARM uh device and run a full version of Linux on it um just following their instructions. Um it's really simple in the sense where you you flash a custom recovery, you flash a custom bootloader, you put an SD card in and those cover that recovery in that boot loader looks to the SD card to load your OS and then you're off to the races. Um, okay. So, going into the good stuff. So, the Android repurposing is fun and it's nice when you have an old device that you want to, you know, make something of nothing with. But moving forward, we want a fully capable mobile device. So, in your hands, I don't have

to go anywhere. Everything's at my fingertips. X86 stuff. Why do I have to play around with ARM when I can use a real distribution on a tiny device? a little bit of finagling to get it going. But um the first one I saw was HP Stream 7. It was a Windows 8.1 tablet that came out and I feel like it was a loss leader where Microsoft wanted you to subscribe to Windows 8.1 and you know it was fun to give it a kick but get out of my way. I want Cali. Um so it was 64-bit processor. It's a quad core 1.3 GHz and because it at least had HP behind it. If you've ever had a laptop and tried to boot off

live uh HP laptops, it's got the same type of bootloader. So, it's kind of familiar. Um, it ran Windows smooth. The [ __ ] So, Linux is going to be a lot better. So, that's what they wanted. You know, it to run stupid that with a with a little hub and USB stick. You got Linux running on there instead. Um, so the possibilities now that we can run anything we want on this little device. Maybe Ubuntu touch that you have a way to actually get in there to actually interface with it. Windows 10 works, but you know, it might just be a better thing to hack, use as a sheep so that you can uh exploit it. You can

virtualize Linux on these types of Windows devices, but once again, we're trying to get away with the translation. We want it to natively run on here so it's stronger and faster. Um, you can dual boot, you know, there's a couple of Windows apps you might need, so you can go back and forth, but you know, that depends on your objective. Once again, um, so this was a pathetic attempt at trying to take an MP4 into a GIF. So, I was going to show how smooth it runs. Yeah, not quite. But anyways, that's Kali Linux running on HP Stream 7 tablet. It was a lot smoother. It's just when I when I put it into a gift form,

it came a lot choppier. But you've got the entire tool set of the live USB. So, got on the go. And once again, whatever your objective is, and I can't stress that enough. Um, so tiny hurdles coming with these x86 devices. Um, Bit Locker is funny, and that's only if you're going to dual boot. You got to disable that on the Windows side of stuff. Um, secure boot, they've been thrown at us with BIOS or UFI systems where you have to turn secure boot off if you want to put anything else on here. Once again, I feel like that's why it was like a loss leader and types of things like that are are enabled so that that type of hacking

is not allowed. Just get it out of your way and you can put whatever you want on there. So, most UFI systems are 64-bit, right? And most Linux distros, I think pretty well all of them come with 64-bit UFI loaders. Um, this one uses a 32-bit one. So, as soon as you put a 64-bit or regular type of disc on there, it doesn't know what you're doing. And, um, randomly, uh, this device I ran into, it's got a kernel bug with a with its MMC uh, or sorry, the solid state drive where it will hang for such a long period of time trying to access a part of it that it's not allowed to. It's a

kernel bug. So, you can actually make your own kernel and patch it your own way. Uh, we'll get into that in just a sec. Um, so this is just a picture taken off secure boot. So this is on the stream 7 and it looks really familiar, doesn't it? It's like your regular UFI BIOS. Like I've seen this type of thing before. How can I play with it? Um, so that's just disabling it. You can sell the I just did that and I didn't change the boot order around yet, but you can put USB to the top so that as long as you got it plugged in after the race just like any other uh device. Um, so

the EFI file, uh, I this is regurgitated and like like I said before, there's a lot of building blocks that make this stuff come together. So, someone was trying to make a Fedora for a bait a bait tablet, which is the type of uh, Intel Atom processor that's on this tablet. Um, they came out with a 32-bit efi boot, but their grub config file wasn't there. You know, you're not going to be able to load. So, I stole an old one. Prior to when Cali did not support EFI, people had their own Grub configs. So, you steal that, add it with the um with the new EF 32-bit EFI, and you actually get it to boot. Um so, any

Intel Betrail tablets coming out, um if you use that EFI file, you make your live USB any which way you want, you know, net boot or Rufus, um add that directory to there. I'm going to have it available for anybody. Um any Intel Betrail tablet, you can get to run any uh Linux dro you like on there. Um, and get creative with that in any way you feel. So, sorry, this was that uh MMC error where it just hangs. The thing's trying to load and over and over and over it just keeps going. If I made that custom kernel and patched it, that's not going to happen. So, after I install it, it'll be fine. But once again, um, I'm

learning and as soon as I can, I will make that available for anybody that's interested. Uh, in the meantime though, if if anyone does use my files, it might take about 3 or 4 minutes to boot up just going through um these stupid error messages. Um, so yeah, you know, you'd build it like a regular kernel. Um, and try and make it lighter because these devices aren't fully powered, but it's still a little better than what we're used to. Um, like for example, the old Linux kernel uh 3.18 or 3.17 that uh Callie's running on right now doesn't have the touchcreen drivers or Wi-Fi on there. So as soon as you load it, you have to add

uh like a USB type of keyboard to get functionality. Then you can compile the drivers, mod probe them, and then the thing works. Ideally, you make the custom one, you add it on there, and you don't have any of those problems. Um, and once again, uh, you can only add meta packages that you need. So, if you're doing Wi-Fi hacking, why out all this other crap that, you know, just bogs you down? Um, ideally, um, one of my inspirations for this talk was last year there was an NSA playet one called Twilight Vegetable and it was wonderful. Um, I wanted to take that so that you didn't have to run on a desktop and you

can run it mobiley anywhere you wanted. There's still a little bit of finagling I have to get there, but we're getting there. We're getting there. So that you can take anybody's idea and use it anywhere you want. Um, so generic made devices are awesome, but they're hit and miss. They have these weird kind of like innovations where they had different ports and like it's got HDMI out on it with Bluetooth and it's 50 bucks. Okay, how can I play with that? Um, ideally, if it's running Intel um chipset, as long as I can get to that boot loader, then I can do uh anything I feel like. Um, so this was an example of uh

Sorry, these pictures are terrible. I do apologize um of an a of rock ship based tablet where I've got several Android specific apps like Dloit and Droid Sheep BCON on there. Um but with Rock Ships's loader, you can install your custom recovery or or different boot image that's been modified and uh load Cali straight on there or a different OS. Um that uh that uh tablet cost me about 40 bucks and on there it had the Broadcom 4329 chipset so it was ready for injection and it's so cheap that I can just leave it somewhere I could, you know, hack into something and who gives a crap after if it gets stolen. Um definitely shop around. Um everybody's

trying to sell you something and uh there's so much competition out there. It's working in your favor. So just look at the tech specs that you need and go anywhere that you feel. Um, there's a point on Expansis. They were selling the Nexus 7 and the Nexus 4 for 150 bucks. It was like 75 bucks a piece and they're running right now. Sorry, they're fully supported by that Cali Net Hunter DRO that I was talking about. So, each one of these is like a perfectly awesome device that you can throw around. Um, it's almost like nobody cares about them anymore and they're jaded, but they're good. Um, and now some of these weird generic devices, now I I hate to say like they

come out of China, but they most of them really do. Um, this thing's running 8.1 and uh Android 4.4. So, it's got a bootloadader on there where I can possibly manipulate it and throw my own OS on there without having to reinvent that wheel. It's already got a bootloader. How do I get on there and say, "Get the hell out of here. I want to put Cali on I want to put Ubuntu on there and load in that sense because it's already x86based and the new kernel's got touchscreen Wi-Fi drivers. You don't have to do anything else. Um, now you can make a hack box with some of these things. So, like I said with the Nexus 4 and that Nexus 7,

they're almost throwaway where not, you know, you don't want to throw away $75, but compared to traditionally how much these things used to cost us, it it's it's it's it's frugal. Um, so as long as you get creative, you can connect any onthe-go sensors you want, RTL, STR, Wi-Fi. You could jam somebody's um, let's just say a 4G network and then make them connect in 2G and uh, run Twilight Vegetable and go through their text messages. Depends on what you want. Once again, um, now sometimes this stuff really does go wrong and like I said, the best thing is having some kind of way to recover here. Um, I bought actually my my my dad

got them for me. It was hilarious. He uh he knows he knows I love playing around with this stuff. So, he bought three $75 tablets from Walmart. And sorry, $25 tablets from Walmart for 75 bucks. And they're cheap as hell. They're pieces of crap. But like, hey, maybe I can play around with this. Um, I didn't back it up. I went into it right away and I said, let's route it. No, broken. Um, at least I got two more to play with. And I'll try and u I'll dump their um regular system and see if I can uh load it on here. But I screwed it up because I didn't have a backup method. But with

anything, right, you know what you're getting into and that does happen. So, uh, what we're getting on to next, uh, when when these new Cali or sorry, Linux kernels do come out, they've got support for so many of these devices built in. You can build it on your own. you can add those driver support, but if it's already there, then you just have to worry about what your objective is. What are you trying to do with this device? You don't just need it to get this functionality. You want this functionality for a purpose. You want it to do something. Um, so at least you can focus on that. Um, ideally, there's so many Samsung phones out there, the S3,

the S4, the S5, now they're on the S6, right? Like even the S3 is on par with the Nexus 4. It's perfectly goddamn good piece of hardware, but people are throwing it away now. So, at least you can rip it apart. You can rip it into pieces and um install Linux on there. Uh obviously the new Nexus stuff is is easy to deal with. Um Android Wear would be fun. It'd be fun to hack like a uh stupid little watch or something and run that stuff on there, but it's it's something we're going to get to. Um it's not quite as as open as it would like to be. Um just quick mention for Nvidia

stuff. They feel I feel like they're always pushing their latest chipset and their new GPU or the little tiny ARM processor. So, they sell their latest uh almost devkit at at like a rock bottom price. So, as long as you can get into that, you can satiate that criteria we were talking about before where you can get into the bootloader, you can get root access, then um you have a top end piece of of hardware at at your fingertips to once again do what you want to do. Hey. Yeah. [Music] Oh yeah, the the new one that came out. Oh [ __ ] Oh, is that the case? Hey, I did not hear about that. [ __ ] Was that

on the latest one? Okay, fair enough. Not a very good shield I guess. Um, and this is way too far away to talk about, but I feel like it's worth it. Has anybody heard about Project Aro yet? the uh the Google project. That's where we want to be. These phones are, you know, they're not modular. It's like everyone's selling me like the old Apple thing where I can't touch anything in my phone. I want an IBM based PC where I can add my own [ __ ] graphics card or device to it or change the processor when I feel like AR is getting there. So, when it does though, then I can add that RTL SDR dongle to there or module

to it. I can add that uh the Wi-Fi chip that's got injection without having to redevelop it for this device. Um, so eventually I think that's where we want to be, but um, it's going to take a bit, so it's way too far away to really consider. Uh, sorry, I feel like I went really quick with this, but I wanted to ask people questions on this where I'm not an expert with it. I really like talking about it and a lot of people know a lot more about this than I do. Anybody got anything to add to this? That's So currently division formats are supported. Sorry. currently working. [Music] I can hear you. Don't worry.

So, currently, what CD images uh formats are being supported, you know, is it like, you know, ISO, you know, bin. Yeah. You know what? It's mostly mostly ISO stuff, but whatever you can get to live boot on a normal desktop PC, the objective is to do that on these tablets. If it can run like that there, I can pull it out of my desktop, plug it into this tablet and get it to do the same thing. Um, the worst part is, you know, your interface because it's a tablet, you know, where's my keyboard? You know, the touch screen working and such. But, uh, yeah, uh, pretty well anything that you can get running on a

desktop. Question. So, have you thought about doing any work with uh, Blackbox? Blackbox, sorry. What's that? It's kind of like Ki basically. It's just another uh, disc. Oh, yeah. Like, yeah, there's like pen two out there and different stuff. Absolutely. Same type of thing. If if those will run on your desktop PC and you can get it to run on on other x86 devices. You just want Ubuntu to control your LED lights, you know, around your house for Christmas time, the same thing. Um, it really depends on your objective once again. Um, sorry, does anybody else got anything uh to add on top of that? Um, so I I did skip through a lot of the

information that I wanted to talk about and I cut a lot of my slides out. I'm going to throw so much of what uh of the actual abstract on top of my blog. Like I said, I'm not a big blogger and I don't really care about, you know, followers and all that stupid stuff, but I want to make it accessible to everybody. So check it out after. Uh, all right. So I got one more question. So currently you're talking about quad course. Is there support for like octaores? Oh, for support. Um, yeah, there's support for for for any type of device in that sense. As long as the Linux kernel can, then then you're good to go. Um, the quad core

devices were more fun because, yeah, they're quick and they're cheap. But yeah, as soon as the Arcticore ones come out, they can harness it just the same as as any kernel would. Um, yeah, so that's about it. Uh, I want to give a special thanks cuz sorry, this was my first talk ever. Uh, I did originally go for proven ground, but they said there was too many, so they threw me in common ground. Uh, I didn't get a mentor, but I asked, uh, soldier forran for a little help. So, I just want to give him a little plug there. Um, thanks so much for coming. I'm sorry I blazed through the talk really quick. Um, if anybody has any questions,

please. Yeah, sir. Yeah absolutely. Shop around. Where's that? Sorry, go back to that slide. Yeah, absolutely. eBay, Amazon. Uh eBay is actually pretty good. I found uh just before uh probably the first week of July, I was looking again for the prices. They're going for about 110 120 US. So, you can still play around with it. Mind you, they are getting a little dated, but as long as you're creative, they're they're awesome. I got one here if you want to play around with it after. But, uh yeah. Um yeah, sir. Anything else, guys? [Music] Yeah. Oh, so I guess I'd toss in that uh a lot of the devices there's I found even on Android there's a lot more uses

that are coming out. Um one case you can use an RTLSDR in host mode and you can actually uh use it to decode uh aircraft transmissions. Absolutely right. Yeah. Uh that that's a pretty cool thing you can do. Um there was another one I couldn't think of at the moment but I I did see where if you have devices laying around there's a lot of cool stuff you can do with it. Absolutely. I don't know if anyone follows the trend of beer money too. Uh that's a way to hack. uh you just basically use your old devices and there's various ads you can watch and you get points and when you get so many points you can get gift cards so

they exploit them in that sense right absolutely okay not bad something to consider um sir anything else [Music]

anybody got shops that have uh little bins for e e-waste So, you know, if you got a a friend in one of those shops or, you know, you might get a handful of devices that are pretty good to the tip. And especially when you're first learning on that stuff, like I said, you're going to break it, right? If you've never done it before, you'll [ __ ] it up the first time. So, at least you have something to play around with that's not so bad, right? And it's cheap, man. Absolutely. Thanks dude. You again. I see this as being a really good thing. You just Yeah. I see this as being a really good thing because it's really

eco-friendly. You know, it's like you really should try to preserve these old devices. They have a lot of life left and Absolutely. Right. And you know, until the chips are falling out of the motherboards on them, like they're perfectly good, right? Pretty much they're fast and and it's all about your creativity with it, right? As long as you get creative, you know, you can do anything with them. It can run headless, so it's still fast enough. Sorry. Anybody else? I don't know. Uh I do apologize. as I did absolutely um run through that talk. But that's quite all right. That's quite all right. Well, so much for coming here, guys. I really appreciate it, man. Thanks, guys. Thank you. Thank

you. Thank you. Thanks. And I'm sure our speaker will be here for a little bit afterwards. If anybody wants to come bug me about anything, please.