Desk of Ladyada - Long weekend for toy hacking
83This weekend at the Desk of Ladyada we're working on recreating a hack from Defcon 26 for a Teddy Ruxpin (https://en.wikipedia.org/wiki/Teddy_Ruxpin) from 2017 with advanced circuitry inside. The original reverse-engineering talk (https://www.youtube.com/watch?v=C7SIL_JNSto) by super-hacker team @zenofex and @Exploiteers (https://twitter.com/Exploiteers) will help us bring this now-no-longer-supported Teddy Ruxpin 2017 edition back to life and maybe create some custom content as well!
this week we started parsing out the SNXROM file (https://www.exploitee.rs/index.php/Teddy_Ruxpin) to replace the eye bitmap frames in a 'story file' using python and Pillow. we just replaced em all with this adafruit logo but you could use any 128x128 RGB drawings. now we're trying to figure out the audio32 format to try and decode/encode custom audio. so far no cigar, but we're learning a lot about some ways to approach reverse engineering including trying out some tools we've been meaning to check out like ghidra (https://github.com/NationalSecurityAgency/ghidra/releases) and buildroot for creating a uClibc-based linux install (https://buildroot.org/)
The Great Search - Bluetooth LE Modules with nRF5 Chipset
https://www.digikey.com/short/bbw04mfh
This week we've been doing some more toy hacking on a 2017 edition Teddy Ruxpin (https://en.wikipedia.org/wiki/Teddy_Ruxpin) - this toy has a SONIX SN7001 plus an nRF51 module (https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/DEFCON-26-Amir-Etemadieh-Zenofex-Dissecting-Teddy-Ruxpin-Reverse-Engineering-the-Smart%20Bear.pdf) for the Bluetooth LE connectivity to an app. Why not an all-in-one BLE chipset? Well perhaps now-a-days you'd be able to run the whole thing off of an nRF52 or nRF53 but at the time the SONIX chip was probably a well-trod core for many toys, with ready-to-go SDK and a Cortex M4 for audio / graphics handling, and the nRF51 was one of the only reliable BLE chips available. You may also want to add BLE to an existing design, DigiKey has lots of BLE modules that you can use either for standalone or as a 'BLE friend forever' - a.k.a. BFF! Let's check out what's available for your modulating needs.
Visit the Adafruit shop online - http://www.adafruit.com
-----------------------------------------
LIVE CHAT IS HERE! http://adafru.it/discord
Adafruit on Instagram: https://www.instagram.com/adafruit
Subscribe to Adafruit on YouTube: http://adafru.it/subscribe
New tutorials on the Adafruit Learning System: http://learn.adafruit.com/
-----------------------------------------
#adafruit #deskofladyada #diy