Friday, November 18, 2022

Bridging Mobile-Sms with XMPP-Instant-Messaging


When on a international travel - have you ever come across a situation where you could not receive an sms sent by your bank or any other online service for 2FA(user-verification-code)? Did you miss to enable international-roaming? or was there any limitation on using your local sim card abroad?

One of the work-arounds for such a situation is to leave your phone at home-network and ask a trusted person to read-out the 2FA verification code for you over the phone - Ever wondered how many times you had to disturb someone off hours for reading out the verification code? how's about having an online machine to do this for you 24/7?

I know it sounds like a bad idea to to bypass 2FA security mechanism by connecting your sim-card to internet, but this is the real problem many of us might be facing and continue to rely on someone in a remote location to read out the 2FA verification code during the international travel.

Using encrypted Xmpp or mqtt connection, it is possible to deliver an sms over the internet in a secure way to a remote location. Here is an example where xmpp instant messaging agent is used on raspberry-pi with Huawei-E173 3g USB dongle.

All the code presented here in this setup is opensource and you are free to decide any of the xmpp servers available on the internet(or you could deploy your own xmpp server using opensource projects like prosody). In this example I have created two accounts on jabber.de and prepared them to send/receive messages to each other(just login using both accounts on xabber-android-app and send friend requests between both accounts and accept the requests - messages can be sent/received between these two accounts now)

How to prepare sdcard for raspberry pi?

  1. Download Raspberry Pi Imager application
  2. Open the Raspberry Pi Imager application ==> CHOOSE OS ==> Raspberry pi OS(Other) ==> Raspberry Pi OS Lite(32-bit)
  3. Insert the sdcard on your PC and select the sdcard by clicking "CHOOSE STORAGE" button on Raspberry pi Imager Application
  4. press "CTRL + Shift + X" to open the advanced options
  5. In advanced options, set your hostname/enable-ssh/username/pw/local-time-settings as shown in the picture below and click SAVE button.
  6. When done, click on the WRITE button to start creating the bootable sdcard for raspberry pi.

Next Steps:
  1. Insert your local SIM card(ensure that it is not pin locked) in Huawei-E173(or Huawei-E303) usb-dongle and connect it to Raspberry-PI and keep the Raspberry-Pi powered ON and connected to your home internet 24/7.
  2. Once the Raspberry-pi has done booting, login using ssh or putty.exe "ssh pi@my-raspi-001" (you should know your hostname and login pw which was set during image creation)
  3. On Linux shell terminal of raspberry pi, run following commands,
  • sudo apt-get install -y git
  • git clone --recursive https://github.com/hackboxguy/xmpp-remote-agent.git
  • cd xmpp-remote-agent
  • ./setup.sh -u raspi-sim-1@jabber.de -p my-raspi-xmpp-secret-pw
  • sudo reboot;exit
Please note, in the setup.sh command above, replace example xmpp username/pw with your custom created username and pw (setup.sh command may take 10 to 15 minutes on Raspberry-pi-1 to complete the installation).

On your android(or ios) xabber app, login using your account(e.g john.doe@jabber.de) and you will see raspberry pi being online - send "help" message and you will get an auto reply with all available commands.

How to Read SMS?
From your xabber xmpp app, send following commands to raspberry-pi-xmpp-client
  • smsupdate  (wait for return=Success : result=taskID=x )
  • smstotal (shall return the number of sms read to the local cache)
  • smsget 0 (will show the 1st sms from the local cache)

How to Send SMS?
From your xabber xmpp app, send following commands to raspberry-pi-xmpp-client

  • smssend +919876543210 this is a test message

How to Delete SMS?
Depending on the sim card size, when it is full, you will have to delete old messages to make room for new ones else you would stop receiving the new messages, following is the command to delete all messages from your SIM-card memory
  • smsdeleteall

Functional details: How does an SMS-Read flow work?
  • When you initiate an online transactions(e.g banking), as a 2FA mechanism, banking server (1)would send a security code to your registered mobile phone number(as shown in the 1st picture above, sms would flow from component 1==>2==>3==>5)
  • 5th component in the picture above is a 3g-gsm-modem which stores incoming sms messages in the sim memory
  • 6th component which is a Linux machine is running a service called bboxsmsrv which is based on libgammu - a mobile phone access library.
  • 6th component as a Linux machine is also running a service called xmproxysrv based on libgloox library and acts as a "headless xmpp client service", this client service logs into xmpp server(9) using provided username/password(e.g raspi-sim-1@jabber.de) and continues to send heartbeats to xmpp-server(9) to show its online status.
  • Xabber app on component 13 is also an xmpp client, but it has an UI where user can "chat" with friends just like whatsapp/telegram/sygnal/etc. Xabber-xmpp-client-app when connected to xmpp-server(9), will continue to show its online status through heart-beat packets.
  • when xmpp-clients (component 13 and 6) initiates a connection to xmpp-server(9), this server would pass on the roster data(contacts) to both xmpp-clients - this way xmpp clients know their "friends" and their online status and are able to send/receive message between them
  • when user sends "smsupdate" message from 13 to 6(through 9), xmproxysrv on 6, will parse this messages and asks bboxsmssrv to fetch all available sms from simcard memory through USB interface of the 3g-gsm-modem.
  • bboxsmsrv - after reading all sms messages, sends and event to xmproxysrv to notify the completion of last request, and then xmproxysrv woud forward this notification(return=Success : result=taskID=x) to xabber-xmpp-client-app(13)
  • In the next step, 13 would send "smstotal" to 6(through 9) and 6(with help of bboxsmsrv) would count number of sms messages in the cache and returns the total-sms-message-count back to 13.
  • 13 would send "smsget 0" to 6(through 9) for fetching the 1st message from bboxsmsrv's cache.

Functional details: How does an SMS-Send flow work?
Lets say, you want to send an sms to an international phone(component-4 as shown in the 1st picture) from component 13 or 15(both 13 and 15 are xmpp client apps with human interface) - e.g : when 13 sends a message(smssend +919876543210 this is test) - this message would flow as.. 13==>12==>10==>9==>8==>7==>6==>5==>3==>4, this means, 13(from a different country) was able to deliver an sms to 4 without paying any premium roaming charges.


Can Xmpp-xabber-app(13) ring a gsm-phone(4)?
Yes, using "dialvoice +919876543210" from 13, gsm-phone(4) would start ringing with called id of SIM-1 on component-5, other than just ringing a number, there is no functionality for dialvoice command.


Can Xmpp-Xabber-app(13) be able to send usdd-code to the provider(3) for reading the balance amount(incase if SIM-1 on 5 is a prepaid plan)?
Yes, using "dialussd" and "readussd" it is possible to send ussd-code and readback the response, here is an example to read prepaid balance of fonic-lidl sim card.
  • dialussd *100# (wait till response is received i.e: return=Success : result=taskID=x)
  • readussd (would show the balance amount received on this SIM-1)


Posted by at 1 comment:

Sunday, October 09, 2022

Re-purpose your $30 Pocket-Router as an AWS-IoT-Edge-Device

 


This blog is about upgrading default firmware of GL.iNet-MT300N-V2 pocket router with a custom built  Openwrt-Linux Image which includes a AWS-IoT-Device-SDK and aws-iot-pubsub-demo application.

With this demo image, you can turn your low cost Gl.iNet-MT300N-V2 pocket router into an AWS-IoT-Edge device which can feed local sensor data to the AWS-Cloud and it opens up many interesting use cases for developing various IoT applications.

As an average user, here are 3 easy steps which can turn your low cost pocket router into an AWS-IoT -Edge-Device,
  1. Overwrite OEM firmware with custom gl-mt300nv2-awsiot-demo.bin
  2. Using webUI, upload AWS-Cloud generated Device-certificate/Private-Key and set the Endpoint.
  3. Reboot the device and watch Hello-World messages being published to your Aws-IoT-Core.

Step-1: Prepare the Setup as shown in this picture below and Power-ON(wait for LED to stop blinking)



Step-2: On your Browser PC, open URL: http://192.168.8.1/cgi-bin/luci/admin/system/flashops (or you may be guided through a different onboarding process of GL.iNet's webUI)

Step-3: Find the sw upgrade menu on the webUI and upgrade the OEM sw with gl-mt300nv2-awsiot-demo.bin (make sure to disable "keep-settings" menu - we want to start with default settings)

Step-4: Wait for about 2minutes(till LED's on pocket router stops blinking)

Step-5: On you PC, Remove the network cable and re-plug so that your PC gets new IP starting with 192.168.20.x

Step-6: On your Browser PC, change the ULR to http://192.168.20.1 and you shall see the following:


Read more »
Posted by at 1 comment:

Sunday, October 02, 2022

Linux-PREEMPT_RT Scheduler latency measurement with Oscilloscope


For those exploring Realtime capabilities of Linux using Preempt-RT patch, Here is a bootable sdcard-image for Beaglebone-Black(or Green) with fully preemptible kernel. This image includes all required libraries/utils/binaries and kernel-debug-capabilities required for evaluating Linux-Preempt-RT behavior. As a bonus, this image includes a gpio-test-program that mirrors an input signal to a gpio-output pin for measuring the scheduler latency using an Oscilloscope(Thanks to Maxime Chevallier of Bootlin for providing this demo-utility during PREEMPT_RT Training).

Setup Diagram: 


Required Items:

  1. Beaglebone-Black or Green
  2. +5V adapter
  3. micro-sdcard(1Gb or higher)
  4. Programmable-signal-generator-board
  5. 2-Channel-Oscilloscope
  6. Jumper-wires
Instructions:
  1. Prepare the setup as shown above(As a starter, set signal generator frequency to 100Hz with 50% duty)
  2. Download sdcard-beaglebone-preemptrt-demo.img.xz (image size is just under 25MB)
  3. Write sdcard-beaglebone-preemptrt-demo.img.xz to micro-sdcard using Balena-Etcher-Application.
  4. Remove the micro-sdcard from your PC and insert in Beaglebone and power ON the +5V
  5. After Linux boot, you will be able to see two square waves with a small phase difference between them(yellow waveform is the input to beaglebone and blue waveform is output from the beaglebone).
  6. Phase difference between yellow and blue signal indicates the latency introduced by scheduler while scheduling preemptrt-gpiotest program
  7.  On startup, /etc/init.d/S99PreemptrtGpioTester invokes "chrt -r 99 /usr/sbin/preemptrt-gpiotest gpiochip0 28 gpiochip0 17 h p" - which means starting preemptrt-gpiotest utility with priority 99. 

What is the purpose of this image?
For a quick evaluation of Linux-PREEMPT_RT behavior(or as a training material) one case use this readymade image to avoid long build process from sources using buildroot.
Using this image, you can study and tune your application to have deterministic timing behavior of the Linux scheduler at different load conditions. preemptrt-gpiotest program included in this image, mirrors a gpio-input to an output and the phase difference between these two signals gives an idea on how fast scheduler is able to give the required context to your application and the jitter(when measured with persist mode of the scope) on the output signal indicates the best and worst case scenario of the scheduler latency. Following picture shows best and worst case latency of the scheduler when subjected to different load on the hw(e.g network-traffic/interrupts/etc). For further details on this topic, check here to access Bootlin's PREEMPT_RT training material.




How can I build this bootable Linux-Image for beaglebone from sources?
Detailed build instructions are available here on my git-repository.

How do I modify and run my customized preemptrt-gpio utility on this beaglebone's target Linux?
Cross-compile instructions are available here on my git-repository.







Posted by at 3 comments:

Saturday, September 24, 2022

Raspi-4 Lightweight Custom Linux with AWS IoT Device SDK demo

This blog explains 6 simple steps to have a running AWS-IoT-Device-Sdk Demo in few minutes.

  1. Download sdcard-pi4-aws-iot-demo.img.xz (image size is just under 25MB)
  2. Write sdcard-pi4-aws-iot-demo.img.xz to sdcard using Balena-Etcher-Application
  3. After writing the sdcard image, un-plug/re-plug the sdcard to see the boot partition on your windows PC(e.g D or E drive)
  4. Open aws-iot-pubsub-agent.conf using text editor and set your endpoint(see picture below).
  5. Copy aws-console generated iot certificates to boot partition of the sdcard(e.g xyz-certificate.pem and xyz-private.pem.key)
  6. Insert the sdcard in rpi-4 hw and power-ON, after boot, aws-iot-pubsub-agent binary would start publishing the custom message to your AWS-IoT-Core.

Following image shows the steps 4/5/6 in detail,















Read more »
Posted by at 3 comments:
Subscribe to: Posts (Atom)