Skip to content

secmobi/attack-arduino-and-reprap

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
BlindBlinkDroid
 
 
BlindBlink.py
 
 
HalfTemperature.py
 
 
IHex.py
 
 
README.md
 
 
Utils.py
 
 
Three Demos of Attacking Arduino and RepRap 3D Printers About Author Warning BlindBlink BlindBlinkDroid HalfTemperature Further Details

README.md

Three Demos of Attacking Arduino and RepRap 3D Printers

About

These are three demos used in my presentation at XCON security conference 2013. Them demonstrate that Arduino-based devices, especially RepRap 3D printers, are very easy to attack through an USB cable connected PC or Android device. These attacks will change Arduino or RepRap's firmware and can be executed automatically.

Author

Claud Xiao secmobi@gmail.com

Warning

The HalfTemperature.py will rewrites your RepRap printer's firmware, makes its behaviour abnormal, and may physically breaks it. DO NOT run it unless you know exactly what you're doing!

BlindBlink

The BlindBlink.py will download the 'Blink' firmware from Arduino Uno, find digitalWrite calls in it, changes their parameter from HIGH to LOW, and then upload the fixed firmware to Arduino Uno again. Thus, the 'Blink' will becomes 'Blind'.

It has been tested and works well under this environment:

  • Arduino Uno board
  • Arduino IDE 1.0.5
  • The Blink example program

On other board, like Arduino Mega2560, or using other compiler, like Arduino IDE 0023, it won't works.

You will need to insure the avr-objdump and avrdude tools can be found in $PATH.

BlindBlinkDroid

The BlindBlinkDroid is an Android version of BlindBlink. This means, you can connect the Arduino board with just an Android device with USB OTG capability and launches similiar attack from Android.

Besides of above requirements, you will need:

After connect Android device and Arduino Uno board with USB OTG cable and USB cable, push all files in the 'BlindBlinkDroid' folder into you Android phone, launch Terminal Emulator, get root permission by su, and run 'sh run.sh'.

HalfTemperature

The HalfTemperature.py will downloads Sprinter firmware from RepRap 3D printer's Sanguinololu board, changes temperature related data in it, and upload the fixed firmware to RepRap. After finished these steps, the RepRap's hot end and print bed's actual work temperature will be the half of what you will see through any RepRap control software like Printrun.

The code will only works as expected under EXACTLY these environments:

  • RepRap Prusa Mendel
  • Sanguinololu Rev 1.3a
  • ATmega644p
  • Sprinter firmware git commit 3dca6f0
  • Arduino IDE 0023

I don't know what will happen if you run it in other environments. So, you'd better just read its code and just to know how it works.

Further Details

Please refer my slides at the XCON2013:

English version: http://www.claudxiao.net/Attack3DPrinting-Claud-en.pdf

Chinese version: http://www.claudxiao.net/Attack3DPrinting-Claud-zh_cn.pdf

--

IN MEMORY OF Q, 25/08/13

About

PoC code of my talk at XCON 2013 for demonstrating security attacks to 3D printer (reprap) and Arduino board.

Resources

Readme

Stars

1 star

Watchers

2 watching

Forks

3 forks

Releases

No releases published

Packages

No packages published

Languages