ESPTool – A WiFi Security Tool

Daniel Grießhaber over hackaday.io created a project called ESPTool. It is a tool to test WiFi networks security and to demonstrate how easy it is to crack a WiFi password or jam a WiFi network. Daniel designed ESPTool for education and self-test purpose.

ESPTool_img

The Device has SSD1306 based OLED display, microSD card socket, 3 general purpose buttons, ESP8266-12E module, TPS63031 Buck-/Boost converter with an input range from 1.8V – 5.5V, MCP73831 Single-Cell LiPo Charger Chip and CP2012 USB to UART converter chip.

ESPTool_SCH

The firmware of ESPTool has the following layers of attacks, according to Daniel’s documentation:

  • Layer 1:

Since the ESPs Radio is not really configurable, it is not possible to create a WiFi Jammer that works by emitting broadband noise or any other Layer 1 attacks.

  • Layer 2:
    • Deauthentification attack
    • Collecting authentication frames and save the keys to SD card for later decryption (using a wordlist on a computer, the ESP neither has enough memory nor enough processing power to crack them on the system)
    • arp spoofing and session hijacking when connected (needs investigation)
    • evil twin hotspot
  • Layer 3 (after connecting to an AP):
    • Host discovery (IP Scanner)
    • Ping flooding (ICMP Pings)
  • Layer 4 (after connecting to an AP):
    • Port Scan on Host

 

ESPTool_PCB

The source code and the design files, using Eagle CAD, (SCH & BRD) can be found here.

[Project page over hackaday.io]

SMDGuide – A gift for all electronic enthusiasts

SMDGuide_011

Alberto @ pighixxx.com has published the first pages of a series of SMD components guides. Total guide will consist of 20 pages.

The definitive guide to SMD components!
Cheat Sheets, Package Types, Conversions, Size Codes and more…

SMDGuide – A gift for all electronic enthusiasts – [Link]

Build a $1 per Watt parallelizable MPPT controller

5286091470194068548

Jonathan Bruneau designed a $1/W maximum power point tracker used to extract maximum power from solar panels and published his project on hackaday.io:

Maximum Power Point Tracking (MPPT) is a technique whereupon special electronics attempts to extract the optimal amount of energy from a solar panel. This optimal point fluctuates in function of a variety of factors including: temperature, quantity of incoming light, solar panel age, etc.

Current MPPT controllers tend to be expensive. They range from tens of dollars for 3W supplies to hundreds of dollars for 100W and above. Lower costs can be achieved but typically trade-off functionality essential for proper MPPT operation. This makes MPPTs poor candidates for cost sensitive applications

If the cost could be reduced to a more attractive price point, MPPT controllers could become synonymous with solar panels, opening doors for new renewable applications.

Build a $1 per Watt parallelizable MPPT controller – [Link]

Silicon-air Battery A New Achievement in Energy Storage Area

Researchers from Jülich Research Center (Jülich, Germany) announced their new invention, a silicon-air battery. The new battery features high energy density so it’s a lighter and smaller battery solution.

silicon-air-battery

Silicon-air battery is made of silicon which means it’s cheap to make from virtually unlimited resources rather than a rare earth material. It can deliver energy for up to 46 days (about 1000 hour). It’s a big step but it not means it’s the perfect solution. This new type of battery suffers from short lifetime of just a few minutes, therefore the researchers made a workaround by refills the electrolyte from time to time using a pump system.

About how it works, the news states that “As long as the silicon anode is in contact with the electrolytes, the battery will generate electricity. With this method, the Jülich battery remained active until the silicon was used up after more than 1100 hours. Once the electrode is used up, it can be reactivated by replacing the anode.”

Via: elektormagazine

Bq501210 the Wireless Power Transmitter from TI

Texas Instruments (TI) announced the Qi-Certified Wireless Power (WPC) v1.2 solution for 15-W operation wireless power transmission for Smart Phones, Tablets, and Other Handheld devices, Point-of-Sale devices and other custom wireless power applications.

Bq501210 supports Bi-directional Communication and fast charge operation with compatible receivers. The user is informed for the state of charge by 10 configurable LED codes that indicate also fault status.

If you’re not familiar with the term of wireless power transmission then let’s see how TI describes it in the datasheet. It basically consists of a transmitter and receiver coils. When the receiver coil is positioned on the transmitter coil with some distance (wireless), magnetic coupling occurs when the transmitter coil is driven. The flux is coupled into the secondary coil, which induces a voltage and current flows. The secondary voltage is rectified, and power can be transferred effectively to a load.

According to the datasheet, bq501210 supports multiple levels of protection against heating metal objects placed in the magnetic field.

bq501210_BD

TI provides an evaluation module bq501210EVM-756 costs 150$ with the following features:

  • WPC v1.2 15-W charging capability with bq55221 receiver.
  • 5-W solution for WPC v1.1 receivers.
  • 15-V to 19-V input and fixed operatiing frequency for full 15-W results.
  • 12-V input for reduced power (> 10W) solutions.
  • Enchanced Foreign Object Detection (FOD) with FOD ping detecting objects prior to power transfer.
  • WPC v1.2 FOD, WPC v1.1 FOD and WPC v1.0 Parasitic metal Object Detection (PMOD).
  • Transmitter-coil mounting pad providing the corect ereceiver interface.
  • Compact power section design using the bq500100 NexFET power stage.
  • Wurth 760 308 141 transmitter coil with no magnet.
  • LED and audio indication of power transfer.

bq501210evm-756

Bq501210 is available in 9*9mm 64-VQFN package and is priced at US$3.75 in 1,000-unit quantities.

Via: eeweb

ClearFog Base from SolidRun A New 90$ Single Board Computer

SoildRun launched ClearFog Base, a SBC (Single Board Computer) designed for IoT and networking applications.

ClearFog Base includes SoM (System on Module) designed by SolidRun too and it is based on Marvell’s ARMADA A388 SoC (System On Chip) with Dual core ARM Cortex A9 @ up to 1.6 GHZ and supports Linux Kernel 3.x and OpenWrt OS.

armada-38x-microsom-block-diagrammicrosom-a388-top-transparent

The Board features up to 2GB storage and optional 8GB uSD/4GB eMMC with the following connectivity options, 1× mPCIE, 1×USB 3.0 port, 2 ×Port dedicated Ethernet  and 1×SFP.

ClearFog_TOPClearFog_Down

ClearFog Base has a mikroBUS™ connector to add accessories and supports MikroElektronika’s Click board modules. More than 150 Click boards are available, including I/O, wireless, sensors, transceivers, displays, encoders, pushbuttons, and advanced GPS modules.

ClearFogFeatures

The price of ClearFog base can reach 117$ with the optional power adapter, 8GB SD card and 4GB eMMC.

Via: cnx-software

Thermal-imaging DMM, in distribution

160805edne-conrad-fluke
Distributor Conrad Business Supplies has the thermal multimeter 279 FC from Fluke, that combines a thermal imager with a fully-featured true RMS digital multimeter to enable faster and more thorough troubleshooting with a single tool. By Graham Prophet@ edn-europe.com

The 279 FC’s thermal multimeter measures AC/DC voltage, resistance, continuity, capacitance, diode test, min/max, and can carry out frequency tests. At the same time, the integrated thermal imager allows the 279 FC to quickly and safely check for hot spots in fuses, wires, insulators, connectors, splices, and switches and then troubleshoot and analyze issues with the DMM. An integrated 3.5 inch (8.89 cm) full-colour LCD screen provides clear viewing of data and images. This powerful combination ensures electricians and technicians can carry fewer tools and have a greater chance of identifying an issue wherever it might occur.

Thermal-imaging DMM, in distribution – [Link]

CP2102N – The Latest USB Controller From Silicon Labs

CP2102N-press

Recently, Silicon Labs announced a new USB controller called CP2102N which is part of the USBXpress™ bridge devices family.
CP2102N have a battery charger detect functionality to notify an external battery charger with the amount of current available from the USB interface (100 mA, 500 mA or 1.5A). CP2102N also have up to 7 GPIOs that can be controlled from the host, and a RS485 pin which is an optional control pin that can be connected to the DE and RE inputs of the transceiver to be asserted during UART data transmission.

The key features according to the datasheet:

  • Integrated USB transceiver; no external resistors required.
  • Integrated clock; no external crystal required.
  • Internal 960-byte programmable ROM for vendor ID, product ID, serial number, power descriptor, release number, and product description strings.
  • On-chip voltage regulator — 3.3 V output.
  • USB 2.0 full-speed compatible Data transfer rates up to 3 Mbaud USB.
  • Battery Charger Detection (USB BCS 1.2 Specification).
  • Remote wakeup for waking a suspended host.
  • Low operating current : 9.5 mA.
  • Royalty-free Virtual COM port drivers.

The new chip is available in the following packages QFN20, QFN24, or QFN28.

The price per unit is $0.91 (USD) in 10,000-unit quantities according to the press release, and an evaluation kit for CP2102N-EK is available at $25.00.

Via: circuitcellar

IRis – An Infrared Sensor using Photodiode amplification Circuit

IRis_PCB

[devttys0] designed a sensitive IR detector for capturing weak infrared signals. He shared in detail how he designed the circuit, beginning from the basic components, walking through solving the problems and finally ended up with a complete working circuit.

Craig Heffner/[devttys0] built this circuit for a friend’s Defcon talk, Blinded by the Light, the talk concerned about the emitted IR signals from the IR proximity detector in our devices like mobiles, and how we can identify the type of the device/OS using these signals.

Craig wanted to build a general purpose IR detector to capture and analysis the raw IR transmissions where IR receivers is designed to sense the modulated IR signals at 36-38 kHz. “But there is so much more to the world of IR than this” Craig said.

The first basic idea in the design is to use transimpedance amplifier which is basically a current-to-voltage converter.
When photons strike the photo diode, it will actually emit charge carriers, so the output of this sensor is a current. The output voltage (Vout= Ip*Rf) is linear in respect to the current.

IRis_cir1

The major problem with this particular configuration is the unwanted high frequency oscillation, so a capacitor was added in parallel with the feedback resistor.

IRis_cir2

The next problem solved by Craig, is the saturation of the amplifier in high and low side by adding some bias resistors just to keep the reference voltage of the positive input of the op-amp at just under 200 millivolts.

To prevent saturation in high side he added three diodes, in fact three JFETs configured as diode, in the feedback path. The reason of using JFET configured as a diode is that it has less leakage current than normal silicon diodes, so when the voltage exceeds 3*0.7=2.1V then they short the feedback resistor, this point is important in our design because it has a current flow from photo diode.

The last thing to solve in first stage of the design is the problem of constant current from ambient light, which will generate a DC component in the output. So Craig added a high pass filter in the output.

IRis_cir3

Now the circuit will still have some analog signals in output, noise and some negative spikes. So he cleaned things up by using a comparator with a Schottky diode in the non-inverting input to omit the negative pulses less than 0.2 Volt.

IRis_cir4

To see the full details of the design you can see the video below, and also you can reach the design files (SCH & PCB) over Github.

In addition, you can see the references pointed by Craig in his site analogzoo.

RELATED POSTS