Taking Over The World with Scratch
A talk from EMF 2018 by Kev Sheldrake
On Friday August 31, 2018 at – in Stage C
Scratch is a popular language/IDE for teaching children to code. It is possible to extend the offline version of Scratch 2 with a Python module that communicates with Scratch via a web service.
I have extended Scratch to control Midi instruments and Arduino projects, including controlling Lego Power Functions motors, having reverse engineered the infrared protocol they use.
In addition, and perhaps most scarily, I have implemented a TCP/IP sockets extension with which I have exploited vulnerabilities in network services and gained remote code execution. It is literally possible to create 0day exploits with Scratch!
I will discuss the framework and the format of the extensions, and I will demonstrate my projects, including hacking a target virtual machine, controlling Lego motors and making noises with a Midi instrument.
Video
- View this video on media.ccc.de.
- View this video on YouTube.