
Hacking the Zsun WiFi SD Card Reader - nanis
https://wiki.hackerspace.pl/projects:zsun-wifi-card-reader
======
lucaspiller
There are also a lot of 'smart wifi plugs' which use the same chipset
(although with less RAM), which can be bought for ~$20:

[http://www.anites.com/2015/01/hacking-kankun-smart-wifi-
plug...](http://www.anites.com/2015/01/hacking-kankun-smart-wifi-plug.html)

~~~
Nursie
Interesting. IS it wrong that my first thought was that they look benign and
unobtrusive enough that they could be easily socially engineered into
somewhere to start scanning for vulnerabilities... ?

When flashed with the appropriate firmware of course.

~~~
digi_owl
[https://xkcd.com/1494/](https://xkcd.com/1494/)

Seemed relevant.

~~~
Nursie
LOL.

Not sure it's 100% applicable, but certainly my proposal would indeed by
illegal black-hattery, unless done by a legit pen-tester.

I'd never do such a thing, but I might now be more aware that the little
plastic block attached to the socket over there could easily be a cheap, full
linux system running some sort of metasploit/neopwn variant...

~~~
leejoramo
We are now beyond assuming that you can "see" the tiny computer over there.
You can pretty assume that for example that any electrical device could have
one of these concealed in it. That includes electric cords and light bulbs.

Additionally these can be hidden in non-electrical objects with small
batteries and run for weeks.

~~~
ggoss
This is exactly why I dismantle and inspect all 'unimaginably cheap' pieces of
tech before using them for their intended purpose. That, and curiosity. There
are many clever cost-cutting hacks to be learned that way.

~~~
DanBC
One of my favourite youtube channels is BigClivedotcom's, where he takes apart
a bunch of cheap gadgets.

[https://www.youtube.com/user/bigclivedotcom](https://www.youtube.com/user/bigclivedotcom)

~~~
ggoss
Agreed.

------
ck2
Wow it's only a $9 device (see below)

Definitely trying this out.

I wonder what the power draw is?

Shame they didn't use microusb connector.

No idea about the trustworthiness of this seller but use the page for general
info and lots of photos:

[http://www.gearbest.com/memory-
cards/pp_246125.html](http://www.gearbest.com/memory-cards/pp_246125.html)

 _update: only $9.13 with coupon code GBJANRT and use paypal checkout for
safety_

There is also a source on aliexpress that is $1 cheaper if you are buying
bulk.

I wonder if openWRT gives it wifi-N ability, factory firmware only does wifi-G

~~~
Magnets
Another similar device is the gl.inet AR-150

$24 but you get 2xEthernet, USB host, stable openwrt, a button + 2 state
switch (handy for triggering scripts) and the option of an external antenna.

[https://wiki.openwrt.org/toh/gl-inet/gl-
ar150](https://wiki.openwrt.org/toh/gl-inet/gl-ar150)

[http://www.aliexpress.com/item/GL-iNet-GL-AR150-150Mbps-
WiFi...](http://www.aliexpress.com/item/GL-iNet-GL-AR150-150Mbps-WiFi-Router-
OPENWRT-ENGLISH-Firmware-Wi-Fi-Repeater-Wifi-Signal-Booster/32518790497.html)

I'm so tempted to order this for $9 but I don't really have a use for it!

~~~
ck2
I have zero use for it also but playing with and learning this chipset for $9
is something I cannot passup.

I am sure I'll use it as a repeater or remote storage device at some point.

Now if I could justify the two dozen smartphones I have...

------
exo762
This is strange - original blog post is not searchable through google. All I
see is pages that point to wiki.hackerspace.pl.

~~~
q3k
Yeah, a few days ago we noticed that our wiki pages fell off Google and Bing
search results. No idea why, and Google Webmaster Tools aren't helpful,
either. :(

~~~
avian
You have <meta name="robots" content="noindex,nofollow"/> tag on your pages.
See:

[https://support.google.com/webmasters/answer/93710?hl=en](https://support.google.com/webmasters/answer/93710?hl=en)

~~~
q3k
Ah, thanks. Apparently it was due to the indexdelay [1] option in dokuwiki,
which I've now lowered.

[1] -
[https://www.dokuwiki.org/config:indexdelay](https://www.dokuwiki.org/config:indexdelay)

------
duncan_bayne
Presumably, as this is running Busybox, one ought to be able to contact the
manufacturer and request the source code?

I checked out their website but it's Chinese-only, so not of great help to me.

------
BeowulfCluster
Can you run other general Linux tasks on a DDWRT build?

~~~
gh02t
This is OpenWRT, not the same thing as DD-WRT. It's basically a full embedded
Linux distro with extra emphasis on networking and complete with its own
package manager, so the answer is yes you can do quite a lot with it.

It's possible to do more general purpose stuff with DD-WRT as well, but it's
not quite as flexible . IIRC you can install your own packages there too, but
it is set up to be more streamlined as a SOHO router.

