GOPRO introduces new VR 360 camera, launched August 17

GOPRO introduces new VR 360 camera, launched August 17

Battling activity camera producer GoPro at long last has a 360-degree virtual reality camera accessible for people in general. One catch, however: It's pointed towards masters, not customers.

GoPro, which has seen deals slide significantly in the course of the most recent year, is discharging its six-camera Omni rig on Aug. 17, the organization said today.

The Omni isn't shabby. The sticker cost is a profound $5,000 and goes with 6 GoPro Hero Black cameras, remote control, extra battery power and a license to use its item. The item, which comes thoughtfulness of GoPro's acquiring of Savoie, France-based Kolor, joined the firm in April, is offered to thusly "secure" the six shots from the particular cameras into one. The contraption is moreover open without the cameras, ruffle or programming license, for a level cost of $1.500.

A couple buyer VR cameras are available from Ricoh, Kodak, Samsung and 360fly, yet GoPro has yet to share on this level. The association said in January it would have liked to release a client 360 camera "soon," yet has yet to reveal more. It game plans to familiarize another redesign with its Hero line of little cameras in the fall.

The 360-degree search for filmmaking has removed for this present year bigly. Facebook and YouTube opened up their stages to the "360" recordings, which offer perspectives from left, right, above and beneath, for a more immersive take a gander at the world.

(GoPro has a more sweeping 16-camera settle, the $15,000 Jump Odyssey, yet it's not available to the general masses, fundamentally - industry).

Regardless, they've been unquestionably not easy to use, requiring stores of time coordinating up the various cameras and guaranteeing all have sufficient battery.

In the mean time, while producers sat tight for GoPro to at long last discharge a VR camera, a few workarounds got to be accessible, with apparatuses that put a pack of GoPro cameras together for VR from organizations like Izugur and Freedom 360.

The Omni intends to settle that with a one-touch remote to begin every one of the six cameras in the meantime, and more battery force in the Omni Rig.

GoPro HERO 4 Session: Smallest and lightest GoPro yet out this July 2015!

GoPro, the makers of one of the best action cameras out there, has unveiled its latest camera. The GoPro Hero 4 Session.

GoPro users have evolved. GoPro Action cameras have found its way not only on outdoor or extreme activities, but also for indoor use, even for selfies. We see it in the beach, we see GoPros in almost any concert. It's present in EDM scene. Some even made their personal camera capturing life's daily offerings. In short, GoPro cameras are everywhere.

Now with the announcement of GoPro Hero 4 Session's release, we can't help but to wonder: What can we do with the latest GoPro Hero 4 camera that we haven't done before?

Compared to previous GoPro Hero 4 cameras, its lighter and smaller. It just weigh 74 grams. Though they chipped the size and weight, the Hero 4 Session can shoot 8MP still pictures and 1080p videos. Hero4 Session is already built with ProTune to allow more control when shooting videos.

GoPro Hero 4 Session: So powerful, yet so small.

GoPro Hero4 Session will be available in two editions:

• Hero 4 Session Standard Edition
• Hero 4 Session Surf Edition

Two editions to cater different needs but both delivers the same old GoPro quality shots and videos. New attachments, mounts and accessories will also be offered soon.

"With HERO4 Session, we challenged ourselves to produce the smallest, lightest, most convenient GoPro possible,” said Nicholas Woodman, GoPro founder and CEO. “HERO4 Session combines the best of our engineering and user-experience know-how to deliver our most convenient life-capture solution, yet.” Woodman adds, “I’m so excited about the launch of HERO4 Session because now I can finally use mine in public!”

We're so stoked too with the announcement of the latest and advancned GoPro yet. See the GoPro Hero4 Session in action by watching this clip below: Just like the previous GoPro cameras, you can sync the Hero Session 4 with your android or iOS devices for wireless photo-capture, instant download of pictures to your device, etc.

GoPro Hero4 Session will be available for purchase starting July 12. GoPro Hero 4 Session in the Philippines will sold around PHP 17981.33 before tax ($399 USD). Much the same price as a Hero 4 Silver, yet smaller in size and the latest GoPro model for 2015.

Wanna know the other leading action cameras out there? Click here to know more.

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

Go Deep Pro (1 de 2)

GO Deep Pro

Analizando el WIFI de la GoPro

En esta pequeña entrada analizaremos el trafico de portátil, diminuta pero potente GoPro Hero 3.

Por ahí alguno aun no lo sabe, pero las nuevas GoPro Hero en su serie 3 incluyen conectividad wifi para poder operarlas remotamente. También existe el adaptador para convertir tu "vieja" hero 1 y 2 en wifi también. que funciona casi de la misma manera.

La camara posee un boton directo para prender la funcion wifi sin encender la camara en si. Este boton dispara el modulo de wifi y levanta un navegador web internamente en la camara. Por defecto es algo asi como GOPRO-BP-######, donde # el numero de serie de la camara, y sin password. Para poder cambiar el SSID y ponerle password hay que descargar una tool de gopro, que baja el firmware y lo edita con la configuracion que nosotros elijamos y re-flashea la camara (en resumen no es algo de todos los dias andar cambiando la configuracion de la wifi).

Para poder acceder a la camara desde la GOPRO o desde la pc (como mostraremos) necesitamos conectarnos a esa red wifi que no da (si, la camara queda en modo AP). 

Al conectanos nos otorga una IP en el rango 10.5.5.100 en adelante, y siendo siempre la 10.5.5.9 la IP de la camara, (la respuesta de DHCP tambien asigna como puerta de enlace la ip 10.5.5.9, dns 8.8.8.8 y sec 4.4.4.4)

La aplicacion oficial de GoPro de android al abrirse dispara 2 peticiones:

1 - DNS Query a gopro.com

2 - Connection HTTP a 10.5.5.9 

Si el query de DNS responde, la app comienza a hacer peticiones de URL al servidor de GoPro y de Youtube para luego cargar los videos destacados de la semana, sino resuelve no intenta abrir ningun link.

Si la conneccion a 10.5.5.9 es correcta comienza a hacer una serie de peticiones bastantes peculiares que las analizaremos a continuacion:

1: GET /bacpac/cv HTTP/1.1\r\n 

La respuesta de la peticion es un archivo llamado cv, que contiene la SSID de la wifi de la camara, o sea si configuramos nuestra camara para que la wifi se llamara "pepe" el archivo CV contendra "pepe"

2: GET /bacpac/sd HTTP/1.1\\r\\n

La respuesta de la peticion es un archivo llamado sd, que contiene la password de la wifi de la camara, o sea si configuramos para que sea 1234, el contendi de este archivo sera 1234.

La contraseña de la wifi es la que nos dara acceso al servidor web. Imagino yo (y es una opinion personal) con el afan de hacer la aplicacion facil y sin mucha configuracion, los programadores hicieron esto de que la camara devuelva la contraseña tras una peticion especifica, total hay que tener la contraseña para poder conectarte a la wifi en una primera instancia, y siendo que la APP no puede obtener la contraseña del wifi almacenada en el celular (al menos no sin acceso root).

3: GET /bacpac/se?t=1234

Esto es una especie de "ping". El software hace esta peticion cada 2 segundos, para saber que la camara aun sigue ahi. La respuesta es un archivo llamado se, de 14 bytes, en este archivo le dice a la app en que modo esta la camara (video, photo, burst, etc) y el nivel de bateria. Notese tambien que de ahora en adelante toda la comunicacion con la camara se realiza con el parametro t con el contenido (si, en plano y por url) la contraseña.

De esta manera ya nos vamos dando cuenta que toda la comunicacion con la camara es mediante peticiones GET, no por post.

Comandos encontrados:

PW: (Power)
A: GET /bacpac/PW?t=1234&p=%01

Comando PW: Encender y apagar camara, el valor %01 enciende la camara y el valor la apaga. (o sea haciendo esta peticion desde cualquier navegador, hacia la ip de la camara la encenderá o apagara)

PV: (Preview)
B: GET /camera/PV?t=1234&p=%01

(notese que el directorio de la peticion cambio a "camara") Comando PV: Este comando nos permite activar y desactivar el modo streamning de la camara siendo el valor %01 off y el %02 on.

Cuando activamos el streamming (la aplicacion de android lo hace para mostrar el preview en pantalla del celular) el SO de la camara abre el puerto 8080

Live Stream: (Una ves activdo el commando PV)
C: GET /live/amba.m3u8 (peticion realizada en el puerto 8080)

Esto inicia la descarga del archivo de datos de stream AMBA.m3u8. Si usamos un cliente de stream como el VLC podremos ver la camara computadora. 

A esta altura todo ya viaja sin autenticacion (ni basica), o sea, si la camara tiene habilitado el "preview" o streaming, con ir directo a esa URL ya podremos ver la camara, o hasta podremos pedir los archivos separados de secuencia:

#EXTM3U
#EXT-X-TARGETDURATION:1
#EXT-X-VERSION:3
#EXT-X-ALLOW-CACHE:NO
#EXT-X-MEDIA-SEQUENCE:7016
#EXTINF:0.26693,
amba_hls-16.ts
#EXTINF:0.26693,
amba_hls-1.ts
#EXTINF:0.26693,
amba_hls-2.ts
#EXTINF:0.26693,
amba_hls-3.ts
#EXTINF:0.26693,
amba_hls-4.ts
#EXTINF:0.26693,
amba_hls-5.ts
#EXTINF:0.26693,
amba_hls-6.ts
#EXTINF:0.26693,
amba_hls-7.ts

con hacer un get directo de cualquier archivo .ts del listado tendremos un video de 2 segundos directo de la camara.

SH: (Shooter)
D: GET /bacpac/SH?t=1234&p=%01
Comando SH: Activa el disparo, dependiendo de el modo en que se encuentre la camara, si es video comienza a grabar, si es foto, saca una foto, es virtualmente simil a precionar el boton de disparo de la camara (fisicamente), se encuentra la variable esta funciona solo en modo video o time lapse, que detiene la grabacion.

CM: (ChangeMode)
E: GET /camera/CM?t=1234&p=
El comando CM cambia el modo de la camara (el modo actual de la camara, al apagar la camara y encender volvera a iniciar con el modo predefinido). Modificadores:
: Modo Video
%01: Modo Foto
%02: Modo Burst (Foto secuencia)
%03: Modo Time Lapse (Foto cada X segundos)

VR: (VideoRecording)
F: GET /camera/VR?t=1234&p=
El comando VR cambia las opciones del modo de grabacion de Video. Modificadores:
: WVGA 60
%01:
%02: 720 30
%03: 720 60
%04: 960 30
%05:
%06: 1080 30

TM: (Time)
G: GET /camera/TM?t=1234&p=%0d%07%07%10%2b%2d
El comando TM setea la fecha de la cam.

LL: (Locate)
H: GET /camera/LL?t=1234&p=%01
El commando LL inicia una serie de pitidos en la camara para encontrarla. Esta segura pitando hasta que se le pase el comando con el modificador

CN: (ChangeName)
I: GET /camera/CN?t=1234&p=%09Nombre_Nuevo
El comando CH cambia el nombre interno de la camara (no la SSID de la wifi). Este nombre figurara en la APP cuando se conecte a esta camara.

DL: (Delete)
J: GET /camera/DL?t=1234
El comando DL borra el ultimo archivo de la SD

DA: (Delete All)
K: GET /camera/DA?t=1234
Borra todo el contenido de la SD (Incluyendo los archivos ocultos .LRV que genera la camara cuando graba video.  No toca ningun archivo que no tenga el formato de nombre de gopro (o sea, generado por la camara). 


Otras Curiosidades:
La camara al encender genera un archivo dentro de /MISC/version.txt donde contiene los datos de la camara. Este archivo es consultado desde el servidor web (en modo preview en el puerto 8080) por la aplicacion.

{
"info version":"1.1",
"firmware version":"HD3.01.01.10",
"wifi version": "3.4.2.9",
"wifi bootloader version": "0.2.2",
"wifi mac":"xx:xx:xx:xx:xx:xx",
"camera type":"Hero3-White Edition",
} 

Tambien la aplicacion de actualizacion de gopro (java) consulta este archivo.

Opinion sobre seguridad.

Mas alla de lo obvio, de la peticion en plano, del protocolo http (y no ssl o ttl), y si nos conformaramos con que la seguridad sea el saber la pass de la wifi, igual surgen pequeñeces:

• Si desconectas el wifi del celu, por ejemplo te acordastes de chekear un correo o mandar un mensaje por internet, y te cambias de wifi a uno con acceso a internet, la app de gopro, sigue enviando el "ping" a la camara para ver si aun sigue ahi, con la password en plano en la peticion. Por lo que quedara pegado por todos lados la contraseña de la camara.
• Lo mismo pasa si apagas el wifi de la camara, algo bastante normal. Si te has cansado de jugar con la camara o se quedo sin bateria, el celular al no tener conexion con la wifi, se conectara a la proxima en  su lista, y la app de la gopro enviara la peticion con la contraseña, hacia ese AP. 
• Debido a que tarde o temprano el soft de gopro se conecta enviando la contraseña en plano por la url, cuando configuras la firmware para ponerle una contraseña, el software no te deja poner caracteres "raros" ni espacios. Por lo que ya sabemos que la contraseña de la gopro tendra solo caracteres alfanumericos (por ahi facilitando un poquito mas un ataque de bruteforce).
• Si tienes acceso a la red wifi de la camara, tienes acceso a todo. Reflashear un firmware no es algo que cualquiera haga, ni que se realice todos los dias. Muchas camaras quedaran con la wifi por defecto, y quienes le hayan puesto una, si se descubre la contraseña (ya sea viendo los de un ap o accediendo al telefono o pc donde se guardo la red wifi) es dificil que el dueño de la camara vuelva a pasar por todo el proceso de flasheo para cambiar periodicamente la contraseña (recordemos que es la unica manera de cambiar la SSID y PASS del wifi de la gopro).
• La firmware es procesada localmente por el soft y luego enviada a la camara, por lo que facilita el trabajo a quienes gusten modificar el firmware a gusto y flashearselo (claro, con el riesgo que conlleva "brikear" la cam).

WebServer

     Habilitando el modo streaming, la camara abre el puerto 8080, sin restricciones (cualquiera conectado a la red wifi tiene acceso a la memoria de la camara de forma directa, al igual que al streaming en vivo)

GoPro Connector PIN-Out

1. GND
2. R video out – component Pb/Cb or composite (composite video out activated by grounding ID3 and ID4, component video out activate by grounding ID2 – only valid for old firmwares, current versions require eeprom).
3. G video out – component Y
4. B video out – component Pr/Cr
5. USB +5V power
6. as above
7. USB Data+
8. USB Data-
9. GND
10. Audio out Right
11. Audio out Left
12. Pwr/Mode button (tie to ground to activate)
13. Playback mode button (tie to ground to activate)
14. Audio in Right
15. Audio in Left
16. IR input
17. Trig digital output
18. GND (?)
19. ID1 digital input
20. ID2 digital input
21. ID3 digital input
22. ID4 digital input
23. Adapter output – power output for external equipment (follows internal battery power).
24. as above, but only powered when camera is on
25. VBat+ external power input ?
26. as above
27. GND
28. DATA interface I2C
29. CLK interface I2C
30. GND

GO Deep Pro (1 of 2)

GO Deep Pro

Analyzing GoPro's WIFI.

In this little post we are going to analyze the traffic of this tinny but powerful camera: GoPro Hero 3.

May be there is someone that did not know but the GoPro's serie 3 (Hero 3) got embedded WiFi feature that give you the functionality to control the cam and see it in real time. The same function can be added for the Hero2 buying the wifi backpack, that works just same like the embedded in the hero 3.

The camera got a direct button to start this feature (turn on the wifi). This button start the AP mode of the wifi and start an embedded web browser. The default SSID for the wifi is something like "GOPRO-BP#####" (where # part of the serial number of the camera), new firmwares come with just "goprohero" as default ssid, and without  any password. TO change the ssid and the password of the camera you need to follow steps that basically re flash the firmware of the camera (is not something that normally people do...).

To access to the features of control the cam you need to connect to the wifi.

When you connect to the cam you obtain the IP range 10.5.5.X (first ip is 100), and always the cam is 10.5.5.9  (the reply from the dhcp server also contains the 10.5.5.9 as default gateway and primary dns 8.8.8.8 and secundary 4.4.4.4

When you open the Android GOPRO APP, 2 petitions are triggered:

1 - DNS Query a gopro.com

2 - Connection HTTP a 10.5.5.9 

If the DNS query is responding, the app starts making petition to the url of the GoPro (The web server on internet of the brand) and youtube channel too, starting to show on the app the Videos of the days.

If the connection to 10.5.5.9 is correct (open port) there is a series of query that start to happen, we are going to analyze those:

1: GET /bacpac/cv HTTP/1.1\r\n 

The reply of that GET is a file called CV, thats contain the SSID of the camera's wifi. (Because the gopro's android app can't know the wifi name or the password, what better than ask to the camera itself??) 

2: GET /bacpac/sd HTTP/1.1\\r\\n

The reply to this GETis a file called SD, this file contains the password of the SSID of the cam. Yes, in plain text. The same password that you need to execute future functions on the cam,  the cam itself give it to you. I guess this is for easiest way to use the app (for beginners users).

3: GET /bacpac/se?t=1234

The app start making this GETs every 2 seconds. The reply is a 12 Bytes file called SE with some data (no in plain text) of the cam. Like, battery level, for example, and used like a "ping" to know the cam still there. From now, all the "commands" sent to the camera are with the parameter "t" with the password, in plain. Also when you are upgrading the firmware (or just changing the ssid and password) the software just let you put numbers, letters, @, - and _. No special characters, because this will broke in some cases the URL for commands. So we know what characters we are not going to use when cracking ;). 

Commands found:

PW: (Power)
A: GET /bacpac/PW?t=1234&p=%01

Command PW: To power on and off the camera, value %01 power on and %0 0 to off. 

PV: (Preview)
B: GET /camera/PV?t=1234&p=%01

(Note here that the URL folder changed)
Command PV: This command start the "preview" mode on the camera. This basically open the port 8080 with the Cherokee web server pointing to the SD contends and a folder with streaming files. Value %01 off and %02 on (different from power values)

Live Stream: 
C: GET /live/amba.m3u8 (TO the port 8080)

This download the file amba.m3u8, common live stream file that you can play it on media player classic or vlc players (to se the preview in normal browsers)

All in this server (8080) are without any autentication. Content of the amba.m3u8 file: 

#EXTM3U
#EXT-X-TARGETDURATION:1
#EXT-X-VERSION:3
#EXT-X-ALLOW-CACHE:NO
#EXT-X-MEDIA-SEQUENCE:7016
#EXTINF:0.26693,
amba_hls-16.ts
#EXTINF:0.26693,
amba_hls-1.ts
#EXTINF:0.26693,
amba_hls-2.ts
#EXTINF:0.26693,
amba_hls-3.ts
#EXTINF:0.26693,
amba_hls-4.ts
#EXTINF:0.26693,
amba_hls-5.ts
#EXTINF:0.26693,
amba_hls-6.ts
#EXTINF:0.26693,
amba_hls-7.ts

SH: (Shooter)
D: GET /bacpac/SH?t=1234&p=%01
Command SH: Enable or Disable the shutter, depending on what mode the camera is. If you are in photo mode, %01 will take a photo. if you are in video or time lapse mode, %01 will start the recording and you will need to send to stop the %0 0 recording. Its almost the same like hit the physical button .

CM: (ChangeMode)
E: GET /camera/CM?t=1234&p=
The command CM changes the camera mode (the starting mode is not altered). 

Modificator
%0 0: Video Mode
%01: Photo Mode
%02: Burst Mode
%03: Time Lapse Mode

VR: (VideoRecording)
F: GET /camera/VR?t=1234&p=
Command VR change the Video Recording formats.
Modificators: 

%0 0: WVGA 60
%01:
%02: 720 30
%03: 720 60
%04: 960 30
%05:
%06: 1080 30

TM: (Time)
G: GET /camera/TM?t=1234&p=%0d%07%07%10%2b%2d
The command TM sets the date to the internal clock of the cam.

LL: (Locate)
H: GET /camera/LL?t=1234&p=%01
Command LL start the buzzer to easily found your camera (following the sound). This beeps sounds will keep runing until you send the %0 0 value.

CN: (ChangeName)
I: GET /camera/CN?t=1234&p=%09Nombre_Nuevo
The command CN changes the internal camera's name (not the WIfi SSID). 

DL: (Delete)
J: GET /camera/DL?t=1234
Command DL deletes the last file on the SD. 

DA: (Delete All)
K: GET /camera/DA?t=1234
This command deletes all the SD content (Including the .LRV files (.LRV files are lower video quality files generated by the camera during the recording). Does not format the SD and does not delete any other file (For example a file that you copy to the sd. 

Others Curiosities: 
When the camera start, its generate a file called /MISC/version.txt where you can find some data about the cam. This file is obtained from some app to show you some data about the cam (you can get it over the preview web server (on port 8080). This is the content of the file:

{
"info version":"1.1",
"firmware version":"HD3.01.01.10",
"wifi version": "3.4.2.9",
"wifi bootloader version": "0.2.2",
"wifi mac":"xx:xx:xx:xx:xx:xx",
"camera type":"Hero3-White Edition",
} 

Also the JAVA applet from gopro.com that help you to update the camera, get this file.


Some toughs  about the security:

Beyond the obviously (the password sent in plain text via URL parameter and no SSL or TTL), and if we settle with the wifi password security to access the camera, some thinks arise:

• If we disconect the wifi of the cellphone (some android for example at not detecting internet change the wifi on the next in list) or you leave the app on background and remember to check email by changing the wifi by hand, some times the GoPro APP sends that "ping" (GET /bacpac/se?t=1234) to the gateway on the new wifi. So the password of your cam is now on some navigation logs
• Same happens if your gopro get out of battery or you shutdown the wifi physically on the cam. 
• Like we said early, because the limitation of characters on the password (that will be send on the url) you know that there is not special character on the wifi password, may be making a little (just a little) less complicated to make a brute force on the wifi password. 
• If you have access to the Wifi of the cam, you got access to everything. Its very common that a normal user will not change the wifi settings, so there is a lots of cams arround the world, with no password. Remember that change the ssid and password involves to re flash the camera.
• You got full access to the firmware files (even to gopro guys put all in open source). Making a little more easy take a look to the source code. 

WebServer

    When you enable the Preview (streaming) the camera oipen the port 8080 thats maps to a local cherrokee server (running in port 80 locally) you got access to the SD. This is what you see:

GoPro Connector PIN-Out (in case that someone like to start doing cool thinks on it):

1. GND
2. R video out – component Pb/Cb or composite (composite video out activated by grounding ID3 and ID4, component video out activate by grounding ID2 – only valid for old firmwares, current versions require eeprom).
3. G video out – component Y
4. B video out – component Pr/Cr
5. USB +5V power
6. as above
7. USB Data+
8. USB Data-
9. GND
10. Audio out Right
11. Audio out Left
12. Pwr/Mode button (tie to ground to activate)
13. Playback mode button (tie to ground to activate)
14. Audio in Right
15. Audio in Left
16. IR input
17. Trig digital output
18. GND (?)
19. ID1 digital input
20. ID2 digital input
21. ID3 digital input
22. ID4 digital input
23. Adapter output – power output for external equipment (follows internal battery power).
24. as above, but only powered when camera is on
25. VBat+ external power input ?
26. as above
27. GND
28. DATA interface I2C
29. CLK interface I2C
30. GND