Saturday, July 19, 2014

Use Arduino Yun to send emails (simple instructions for new users)

To send emails for your projects in Arduino Yun, you can install SSMTP. SSMTP allows you to send emails directly from the yun and is a package you can install from the browser or over ssh.

I'll create a simple project to demonstrate pushing a button to sending an email. First, we need to set up the Yun. Make sure it's connected to wifi and you can connect to it over SSH.

Using putty (or your favorite terminal) log into the Yun as root and update your packages:
opkg update

Install SSMTP 
opkg install ssmtp

Once installed, make a backup of the current ssmtp conf file
mv /etc/ssmtp/ssmtp.conf /etc/ssmtp/ssmtp.bkp

Create a new conf file
vi /etc/ssmtp/ssmtp.conf

(for new vi users press "I" here to enter insert mode)

Paste this in and update your email, password and username (works with Google Hosted email accounts as well)
# The user that gets all the mails (UID < 1000, usually the admin)
root=my@email.com

# The mail server (where the mail is sent to), both port 465 or 587 should be acceptable
# See also http://mail.google.com/support/bin/answer.py?answer=78799
mailhub=smtp.gmail.com:587

# The address where the mail appears to come from for user authentication.
rewriteDomain=gmail.com

# The full hostname
hostname=YUN

# Use SSL/TLS before starting negotiation
UseTLS=Yes
UseSTARTTLS=Yes

# Username/Password
AuthUser=my@email.com
AuthPass=password

# Email 'From header's can override the default domain?
FromLineOverride=yes


(again, for new vi users save the file by pressing Escape and typing :wq)

Update the security for your conf file since your password is in plain text
chmod 640 /etc/ssmtp/ssmtp.conf

Go back to /root
cd /root

Create a new test file called test.txt with "Hello world"
echo "Hello world" >  test.txt

Now we can test this out by sending it to an email
cat test.txt | ssmtp myemail@gmail.com

If it works you should get an email from "root" with no subject and "Hello world" in the body



Once this works, we can create a simple push button project to send that email whenever a button is pressed.

Make sure your Arduino app is installed and you have selected the board Arduino Yun and the port is set to the correct IP. 
  • Tools > Board > Arduino Yun
  • Tools > Port > YUN at 192.168.x.x (Arduino Yún)
Clear out the blank sketch and paste this


#include <FileIO.h>
#include <Process.h>

int pushButton = 2;

void setup() {
Bridge.begin();  
Serial.begin(9600);
FileSystem.begin();
}

void loop() {

 // read the pin number 2
 int buttonState = digitalRead(pushButton);

Process p;
if (buttonState > 0)
  p.runShellCommand("cat /root/test.txt | ssmtp myemail@gmail.com");
  delay(5);  // wait 5 milliseconds before you do it again
}

Unplug the Yun and wire it up like this. I'm using a 10K ohm resistor.




Power it up and wait for it to connect to wifi. Now you should be able to press the button and get an email.




Some notes on this setup.

The code is very small so it has some shortcomings. The delay is set to 5 milliseconds, which should be good for a quick press... but if you hold it down too long you will get multiple emails. There are ways around this using (millis) and other tricks, but the purpose of this example is for a simple code to use so you can build on.

Also, you can modify the test.txt file to include a subject, or even insert values. vi the file again and use this template instead:

From:arduino yun
Subject: put subject here
put message body here

Saturday, June 14, 2014

Debugging Elertus (and a general review)

Since no information on the hacking of the Elertus door/water sensor is available, I thought I'd share some basic information about the device.

The Elertus is a simple, but powerful, wifi alert sensor. It captures temperature, humidity, light, movement and optionally a door sensor or water sensor. It then sends an email/sms/push notification to your Android.

There's not much in the way of a custom Android app for this to tie in with IFTTT and the app itself is pretty basic. The device connects to Elertus every hour (or more frequent if movement is detected). The app connects to the Elertus server. The app never connects directly to the device, except during initial setup.

Using Wireshark to capture the packets, it looks to be a very basic POST to 108.166.81.152 with the following information:


device_type=1
posix_time=1402786108
email_id=test@test.com
mac_address=000680000000
alert_flags=
light=5
temp=301
humidity=50
battery=100
motion=1
int_contact=1
ext_contact=1
ext_temp=-1
fw_ver=4.0.1_EL_v7
debug=rssi:49


The device itself seems to be a very basic. The CPU is a Freescale Kinetis K (K10 48pin series) with the following specs:



Silicon - Rev 2.0
MC Partnumber - MK10DN512VLK10(R)
Superset - PK10DN512ZVLK10
CPU Frequency - 100MHz
Package - 80LQFP
Total Flash Memory - 512KB
Flash - 512KB
SRAM - 128KB




The Elertus device lacks in some basic areas:

  • No graphing
  • No "all clear" when the threshold for alert situation subsides
  • No IFTTT integration
  • Fixed hourly check-ins with no option to adjust
  • Battery powered only
  • Fixed external IP with information sent cleartext, unencrypted
  • No Android integrated features (widgets, nested api, deep links)
  • The alerts advise you of an alert, but not what the alert is. You have to open the app.
  • No way of updating the firmware, from what I've seen... but I could be wrong...
I've tackled the graphing issue by setting up a small VM with wireshark to continually monitor any traffic from the mac address to the external IP with a filter for the POST traffic. This in turn updates a very basic sql server with the temperature and humidity levels and displays this information on an internal webserver. While not ideal, this is the only way I can find to hack the Elertus to enable historical view. 

While I hope changes are made, I still think this was a good purchase. It does what I need, but can do more. Hopefully an update is in order.

Monday, May 26, 2014

Convert Scribd offline documents to PDF using Android

(Current info as of 2014-05-26 using Android 4.4.2 and Scribd version 3.5.1)

Documents saved offline using the Scribd Android app are stored in

     /data/media/0/document_cache/<DOC ID>

For instance, if the file you are trying to access is:

http://www.scribd.com/doc/20628549/Linux-Commands

The location would be:

     /data/media/0/document_cache/20628549/

The actual file would be:

     /data/media/0/document_cache/20628549/content

This file has no extension, but if you copy it and rename it to a .pdf file you can access it from other PDF viewers or export it to Google Drive/Dropbox

Tuesday, March 25, 2014

Create a DNS ad blocklist in pfSense

The steps are 100% identical to the post about configuring the dns in IPCop (see this) with one extra step

Instead of:

vi /var/ipcop/dhcp/dnsmasq.local

Do this

vi /usr/local/etc/dnsmasq.conf

You will notice that this will create a new file if it's your first time. All other steps are identical (here).

Verified working on pfSense 2.1-RELEASE (amd64) 

Wednesday, January 1, 2014

Flash Maguro AOKP ROM on Toroplus Galaxy Nexus

AOKP stopped support for ToroPlus (Sprint) devices since jb-mr1, but you can still flash the Maguro version on top of it. This will probably prevent the phone from functioning as a phone, but will allow you to use the phone as a wifi only device (or possibly pluck the radio roms individually out of the old rom... but I have not tested this method as I'm no longer a Sprint customer).

First get the Maguro versions of the ROM and GAPPS 4.4

http://aokp.co/devices/maguro

Open the zip for the ROM and navigate to the folder: META-INF > com > google > android

Open the file updater-script and save it. Delete the file from the zip. We want to modify this file and remove this assert tag entirely:

assert(getprop("ro.product.device") == "maguro" || getprop("ro.build.product") == "maguro" || abort("This package is for \"maguro\" devices; this is a \"" + getprop("ro.product.device") + "\"."););

Save the file and drag it back into the zip file in the same directory as before.

Flash maguro AOKP ROM and GAPPS like normal.

Saturday, June 8, 2013

Block a specific IP in IPCop

SSH into IPCop and type this (replace x.x.x.x with the IP). The /32 provides a subnet for that particular IP. Should work instantaneously.

/sbin/iptables -I FORWARD -s x.x.x.x/32 -j DROP

If you made a mistake or if you want to delete the entry, type this:

/sbin/iptables -D FORWARD -s x.x.x.x/32 -j DROP 

Wednesday, June 5, 2013

Create a DNS ad blocklist in IPCop

You can use a host file in Windows or Linux per desktop (and even smartphone/tablet with root access), but this can get overwritten and you will have to modify the file across every desktop in your environment.

Another drawback to this method is handling subdomains. There is no easy method to create a wildcard block for subdomains. For instance:


  • ads1.spammycompany.com
  • ads2.spammycompany.com
  • ads3.spammycompany.com
  • bannerhosting321.spammycompany.com


If you use a Linux based firewall like IPCop, you can use dnsmasq to banish subdomains to 127.0.0.1. Here's my method:

First, you need IPCop up and configured. This should be relatively straightforward, but if you need help, do a bit of Googling to get it. You will also need working knowledge of SSH and VI

Second, SSH into IPCop. You will want to vi into your /var/ipcop/dhcp/dnsmasq.local

vi /var/ipcop/dhcp/dnsmasq.local

We need to set the DNS manually, I prefer the Google DNS 8.8.8.8


# dnsmasq Google Public DNS 
server=8.8.8.8

We will also want to enter the addresses that we want to block. For instance, if we want to block anything.blahblah.com we will do this

address=/.blahblah.com/127.0.0.1

Enter any address lines below that and save the file. Here is an example of my dnsmasq.local

# Used for private dnsmasq (DHCP) options.
# See dnsmasq manual http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
# After making modifications restart the DHCP server using the web interface
# or restartdhcp.
# Changes made will then propagate to the DHCP server.

# dnsmasq Google Public DNS 

server=8.8.8.8

address=/.2o7.net/127.0.0.1

address=/.adbrite.com/127.0.0.1
address=/.addthis.com/127.0.0.1
address=/.admeld.com/127.0.0.1
address=/.adnxs.com/127.0.0.1
address=/.adzerk.net/127.0.0.1
address=/.bluekai.com/127.0.0.1
address=/.clickbank.net/127.0.0.1
address=/.criteo.com/127.0.0.1
address=/.crsspxl.com/127.0.0.1
address=/.crwdcntrl.net/127.0.0.1
address=/.disqus.com/127.0.0.1
address=/.doubleclick.com/127.0.0.1
address=/.doubleclick.net/127.0.0.1
address=/.effectivemeasure.net/127.0.0.1
address=/.esm1.net/127.0.0.1
address=/.estat.com/127.0.0.1
address=/.exelator.com/127.0.0.1
address=/.gigya.com/127.0.0.1
address=/.gravity.com/127.0.0.1
address=/.imrworldwide.com/127.0.0.1
address=/.kinja.com/127.0.0.1
address=/.linkbucks.com/127.0.0.1
address=/.liveadvert.com/127.0.0.1
address=/.livefreetimenews.com/127.0.0.1
address=/.mail-corp.com/127.0.0.1
address=/.mktoresp.com/127.0.0.1
address=/.ooyala.com/127.0.0.1
address=/.optimizely.com/127.0.0.1
address=/.outbrain.com/127.0.0.1
address=/.owneriq.com/127.0.0.1
address=/.paresly.com/127.0.0.1
address=/.quantserve.com/127.0.0.1
address=/.res-x.com/127.0.0.1
address=/.revsci.net/127.0.0.1
address=/.scorecardresearch.com/127.0.0.1
address=/.searchmarketing.com/127.0.0.1
address=/.shareaholic.com/127.0.0.1
address=/.sitemeter.com/127.0.0.1
address=/.statcounter.com/127.0.0.1
address=/.techcrunch.com/127.0.0.1
address=/.tklist.net/127.0.0.1
address=/.triggit.com/127.0.0.1
address=/.tynt.com/127.0.0.1
address=/.xiti.com/127.0.0.1
address=/.yieldmanager.com/127.0.0.1
address=/.po.st/127.0.0.1
address=/.zdbb.net/127.0.0.1
address=/.newrelic.com/127.0.0.1
address=/.stipple.com/127.0.0.1
address=/.invitemedia.com/127.0.0.1
address=/.rubiconproject.com/127.0.0.1
address=/.casalemedia.com/127.0.0.1
address=/.adsonar.com/127.0.0.1
address=/.serving-sys.com/127.0.0.1
address=/.vizu.com/127.0.0.1
address=/.serving-sys.com/127.0.0.1
address=/.gravity.com/127.0.0.1
address=/.mixpo.com/127.0.0.1
address=/.yadro.ru/127.0.0.1


Now we save and restart the dnsmasq

killall dnsmasq

and then restart dnsmasq

dnsmasq

Also, flush your DNS on your main desktop. You will now be unsuccessful at pinging the domain or any subdomain under it.

For instance:


C:\Users\binarypower>ping outbrain.com

Pinging outbrain.com [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms


C:\Users\binarypower>ping somestupidsubdomain.outbrain.com

Pinging somestupidsubdomain.outbrain.com [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms