Author Archives: Pedro Umbelino

ESP-ing a Phillips Sound System.

Posted on by

IoT-ifying old stuff is cool. Or even new, offline stuff. It seems to be a trend. And it’s sexy. Yes, it is. Why are people doing this, you may ask: we say why not? Why shouldn’t a toaster be on the IoT? Or a drill press? Or a radio? Yes, a radio.

[Dr. Wummi] just added another device to the IoT, the Internet of Thongs as he calls it. It’s a Phillips MCM205 Micro Sound System radio. He wanted to automate his radio but his original idea of building a setup with an infrared LED to remotely control it failed. …read more

Continue reading ESP-ing a Phillips Sound System.

The Cyborg Artist – Tattoo Machine Arm Prosthesis

Posted on by

[JC Sheitan Tenet] lost his right arm when he was 10 years old. As most of us, he was right-handed, so the challenges he had to face by not having an arm become even harder.

Have you ever tried to perform mundane tasks with your non-dominant hand? If you’re right-handed, have you ever tried to feed yourself with your left? Or if you’re left-handed, how well can you write with your right? For some people, using both hands comes naturally, but if you’re anything like me, your non-dominant hand is just about useless.

The thing is, he wanted to be …read more

Continue reading The Cyborg Artist – Tattoo Machine Arm Prosthesis

RooBee One, an open-source SLA/DLP 3D printer

Posted on by

[Aldric Negrier] is no stranger to the 3D printing world. Having built a few already, he designed and built an SLA/DLP 3D printer, named RooBee One, sharing the plans on Instructables. He also published tons of other stuff, like a 3D Printed Syringe Pump Rack and a 3D Scanning Rig And DIY Turntable. It’s really worth while going through his whole Instructables repository.

This open-source 3D printer was inspired by the Cristelia – SLA/LCD 3d printer and the Vulcanus MAX 3D printer (that he designed). RooBee One has an aluminium frame and an adjustable print area of 80x60x200 mm, with …read more

Continue reading RooBee One, an open-source SLA/DLP 3D printer

Santa Knows If Your Contact Form Uses PHPMailer < 5.2.18

Posted on by

PHPMailer, one of the most used classes for sending emails from within PHP, has a serious vulnerability in versions less than 5.2.18 (current version). The security researcher [Dawid Golunski] just published a limited advisory stating that PHPMailer suffers from a critical flaw that might lead an attacker to achieve remote code execution in the context of the web server user. PHPMailer is used by several open-source projects, among them are: WordPress, Drupal, 1CRM, SugarCRM, Yii and Joomla. A fix has been issued and PHPMailer is urging all users to upgrade their systems.

To trigger this vulnerability (CVE-2016-10033) it seems that …read more

Continue reading Santa Knows If Your Contact Form Uses PHPMailer < 5.2.18

IKEA Table 3D Printer

Posted on by

In this Instructable, [Wayne Mason-Drust] shares the step by step guide on how to make a cool, good-looking, 3D printer based on the Ikea LACK table. From an Ikea lantern weather station to a fully printed CNC based on an Ikea table, it’s almost safe to say that a 3D printer Ikea hack was overdue.

The idea to use a Ikea table as a base for a 3D printer first came to [Wayne] as he used this table to support other 3D printer he had working in his business. He realized that, even after five years of use, the table …read more

Continue reading IKEA Table 3D Printer

Reliably Exploiting Apport in Ubuntu

Posted on by

[Donncha O’Cearbhaill] has successfully exploited two flaws in Apport, the crash report mechanism in Ubuntu. Apport is installed by default in all Ubuntu Desktop installations >= 12.10 (Quantal). Inspired by [Chris Evan] work on exploiting 6502 processor opcodes on the NES, [Donncha] describes the whole process of finding and exploiting a 0-day on a modern linux system.

One of the flaws, tracked as CVE-2016-9949, relies on a python code injection in the crash file. Apport blindly uses the python eval() function on an unsanitized field (CrashDB) inside the .crash file. This leads directly to arbitrary python code execution. The other …read more

Continue reading Reliably Exploiting Apport in Ubuntu