
Hack Rifle - blueintegral
http://www.hscott.net/projects-2/hack-rifle/
======
andrewguenther
We could spend all day talking about the morality, possible government uses,
and legality of all this, but I would personally just like to take a moment to
appreciate how fucking cool this thing is.

~~~
rkuykendall-com
It looks like something out of Buckaroo Banzai or Hackers.

~~~
platz
The military-industrial-complex aesthetic doesn't really fit either of those
two movies, but I agree there is a hacker's charm going on there.

~~~
rkuykendall-com
I think I was mostly thinking of the exposed colored wires and screws. It not
a clean-faced product. Plus, the science / action combination of hacking and
guns made me think of those movies.

[http://johnkennethmuir.files.wordpress.com/2010/11/banzai4.j...](http://johnkennethmuir.files.wordpress.com/2010/11/banzai4.jpg)

[http://www.hscott.net/wp-
content/uploads/2014/04/IMG_6491.jp...](http://www.hscott.net/wp-
content/uploads/2014/04/IMG_6491.jpg)

------
praptak
When you actually use it, WiFi cracking will be the last thing you're
suspected of. Clever!

------
Yetanfou
You could replace the scope with a viewfinder from an older video camera.
These are essentially smallish monitors with eyepieces, giving you all the
freedom you want wrt. spectrum displays overlaid over video imagery of the
targeted area. Driving the thing might be an exercise in itself but it should
be doable from the HDMI port on the Pi using a VGA converter or through a USB
display adapter.

Personally I'd tone down the gun aspect of the whole thing though... lying on
a roof somewhere in the US of A, pointing this thing at a window in an office
building nearby is an open invitation for unwanted attention from trigger-
happy defenders of the realm.

------
mschuster91
What is the use of any wifi cracking equipment these days?

Here in Munich (and also other German cities I've visited), no one carries a
WEP WiFi anymore, and even the WPA1-only WiFis have nearly vanished...

~~~
helllllllo
You'd be surprised how many routers have shipped with WPS on by default, and
without rate limiting. Your 25 character, randomly generated password isn't
much help when you can simply try about 11000 WPS PINs and have it spit out
the plaintext key to you :)

~~~
hxc
Even if it is turned off the router can still be vulnerable. Reaver use to be
the go to script for this but now bully has taken over.[1]

[1][https://github.com/bdpurcell/bully](https://github.com/bdpurcell/bully)

~~~
vezzy-fnord
Not to mention OpenCL-accelerated WPA handshake cracking can still pay off
reasonably.

~~~
icelancer
Definitely agree. I've audited my fair share of WPA captured handshakes and
had a lot of success. People choose shitty passwords.

------
forrestthewoods
Maybe I'm dumb. What does this thing do exactly? It doesn't seem like the post
actually says.

~~~
blueintegral
It's basically a portable extremely long range WiFi adapter with an embedded
computer on it that can be used for nefarious purposes. The form factor is
based on an earlier project, which used a rifle stock as an easier way to aim
a big Yagi antenna.

------
jotux
Reminds me of the "BlueSniper" rifle from a few years ago:
[http://www.tomsguide.com/us/how-to-bluesniper-
pt1,review-408...](http://www.tomsguide.com/us/how-to-bluesniper-
pt1,review-408.html)

~~~
blueintegral
That might actually be the same original project I was referring to.

------
100k
Remind anyone else of the smart rifle in Ken MacLeod's The Star Fraction?

[http://en.wikipedia.org/wiki/The_Star_Fraction](http://en.wikipedia.org/wiki/The_Star_Fraction)

~~~
vertis
Yeah, it reminded me of that too.

------
gamed
Another pretty awesome device modified for WiFi hacking is Denis' motorcycle.

Article: [http://www.itnews.com.au/News/323897,pen-tester-builds-
wifi-...](http://www.itnews.com.au/News/323897,pen-tester-builds-wifi-war-
bike.aspx)

Kiwicon presentation:
[https://www.youtube.com/watch?v=Pr7YAhf4IG0](https://www.youtube.com/watch?v=Pr7YAhf4IG0)

------
rdl
Semi-related: has anyone read this paper which claims to have a WPA2 rekeying
vulnerability and evaluated it? They published in a journal I don't have
access to, and don't have a preprint online, so it's probably not very
important, but I'm still curious.

Achilleas Tsitroulis, Dimitris Lampoudis, Emmanuel Tsekleves. Exposing WPA2
security protocol vulnerabilities. International Journal of Information and
Computer Security, 2014; 6 (1): 93 DOI: 10.1504/IJICS.2014.059797

(Fucking journals are extortion; the system must be destroyed.)

~~~
dfc
All of the tor exit nodes on campuses with good journal subscriptions have
disappeared or they have been marked as open proxies by the journal cabal. I
used to be able to get any journal pub via an exit node at BostonU or GaTech.

dx.doi.org needs to disappear too. Two of the three ipv6 endpoints are always
down and unbound never seems to shuffle the addresses in such a way I get the
working address first:

    
    
      dfc@ronin:~$ wget http://dx.doi.org/10.1504/IJICS.2014.059797
      --2014-04-21 00:32:13--  http://dx.doi.org/10.1504/IJICS.2014.059797
      Resolving dx.doi.org (dx.doi.org)... 2001:550:100:6::203, 2001:550:100:6::202, 2a00:1a48:7805:112:2c13:65be:ff08:2e89, ...
      Connecting to dx.doi.org (dx.doi.org)|2001:550:100:6::203|:80... failed: Connection timed out.
      Connecting to dx.doi.org (dx.doi.org)|2001:550:100:6::202|:80... failed: Connection timed out.
      Connecting to dx.doi.org (dx.doi.org)|2a00:1a48:7805:112:2c13:65be:ff08:2e89|:80... connected.

------
cinquemb
I'm curious about the total weight before and after modification? I can only
imagine that in the near future someone is going to want to 3d print this and
mount it on some type of consumer UAV and open source the software/hardware
setup. I'm also pretty curious what, if any, measurements can be taken with
this setup?

~~~
blueintegral
I didn't weigh it, but before it was probably 2 or 3 pounds and adding
everything to it was like an extra two pounds. As it is, you can do anything
you could with a regular laptop and wifi card, but if you added an SDR, you
could measure I and Q and do whatever you want.

------
erikig
Hmm, I wonder how long before someone fits one of these (airsoft or not) onto
a drone and starts causing havoc?

~~~
rdl
I've seen this as a payload for military UAVs (Hunter); it's a 700kg aircraft,
though.

I don't think you could put the right electronics on a small quadcopter, but
the gas powered quadcopters are perfectly capable -- anything which can carry
a DSLR.

The nice thing about antennas is they're super directional (if desired), so
really all you need is altitude, not necessarily maneuverability -- a tethered
balloon or just being on top of a building would work fine. For SIGINT, you
probably want longer loiter times than a small UAV will give you; a small UAV
with wifi/cell would mainly be for tracking a moving target, or killing a
target which happens to be radiating on a specific frequency (i.e. find/kill a
certain cellphone).

In general the military cares more about cellular signals than wifi, at least
so far.

~~~
hga
I don't think a tethered balloon would be an ideal platform for such a
directional antenna in any vaguely windy location, you need a lot of stability
for it to be useful. I'm having difficult imagining any way to make that work
which isn't essentially a stayed vertical support with the balloon ...
probably not at net helping.

~~~
rdl
JLENS works with a variety of sensors (optical and RF) today, although I'm
more familiar with the smaller systems (just a big tower with a payload on
top)

------
madengr
Needs to pull out all that extra cable wrapped around the barrel. It's not
helping the noise figure any.

------
michaelmcmillan
For the love of everything that is holy, please do not get MITM'ed.

------
curlyquote
I don't find this interesting or cool; it's pretty disgusting and immoral for
someone to spend their time 'hacking' weapons and then publishing an article
detailing their work.

~~~
wyager
> it's pretty disgusting and immoral for someone to spend their time 'hacking'
> weapons and then publishing an article detailing their work.

Unstated major premises:

1\. Weapons are inherently bad.

2\. Modifying something bad is bad.

3\. Publishing how to do bad things is bad.

Call me crazy, but I don't agree with any of those.

~~~
CHY872
Well, it's probably at least lame. All this kinda crap is just some guy who
had a free weekend and happens to have a decent podium to speak about it on.
Clearly the device itself is useless because it's the opposite of what you
want - something inconspicuous.

------
sunilkumarc
Do you need any permission from government for hacking around with a rifle ?

~~~
rdl
This isn't a rifle, it is airsoft.

I actually think the rifle form factor is a horrible idea in use, due to
people flipping out when a rifle is pointed at their building. But for shock
value, it wins.

The ideal is probably to use a panel antenna on the back of a laptop, or some
non threatening way to conceal a higher gain antenna. It would be cute if
someone put all this in an SLR camera form factor, I think...a 70-200 f2.8 is
big enough for a high gain yagi.

~~~
hga
" _I actually think the rifle form factor is a horrible idea in use, due to_
police _flipping out when_ " they see them and shooting innocent children.

Fixed it for you: [http://www.huffingtonpost.com/2013/10/23/andy-
lopez_n_415281...](http://www.huffingtonpost.com/2013/10/23/andy-
lopez_n_4152819.html), see also e.g.
[http://www.storyleak.com/airsoft/](http://www.storyleak.com/airsoft/)

This is a beyond horrible idea, it could easily get you killed. Use it in an
apparently offensive manner, i.e. point it at someone, and the shooting would
even be justified, unlike at least one of the two above incidents.

~~~
pnathan
+1, it's not a good idea to use a rifle form factor. A good hack, but a bad
idea considering others' reactions. I'm pretty comfortable with guns (raised
in more rural Idaho), and I'm not particularly keen on the idea of seeing
someone point a "rifle" out their window.

