 When you come into the contest area and you see a vending machine like this, it's not to buy water. And this one doesn't sell water, it sells shells. Like Susie sold two shells down at the sea shore. Wow, I can actually do that. You buy shells on this vending machine. And this is not a vending machine. What is this? This is our Shell on Demand appliance. This vending machine has been heavily modified to provide a service here at DEF CON for attendees to be able to come up anonymously, to be able to buy a virtual machine that they can access over the DEF CON network or over tour at a cheap price. We have 25 cents. We have a dollar. We have $5 for Cali or Windows as well. So hold on, I can throw a coin in here. And it's real money. I actually throw a real quarter in here. Throw a quarter in there. And you'll see that the lights will change to which ones you can afford. So select the second green. One by a diet open WRT. Yeah, and it's gonna spit out your shell down here. Oh my gosh. And so there's your login information. It will be valid until Sunday at 1 p.m. And how long does this buy me one for? Anyone who wants this, who's watching the video, it is available. Yeah, you can access it over tour. And so you can, so it's available until Sunday at 1 p.m. That's when we close everything down to a contest closed. And so... This is so cool. So okay, so I put money in. Yeah. I wanna hear about the hardware inside. Right before he did, I put money in, I pushed a button and I have a shell on demand. Let's go ahead and open it up. What is in here? So you open it up like a standard sort of machine, and then we open to the glorious land inside. My gosh. Hi, there's the scav hunt in here. So this is all new. There is, well, the coin stuff that looks new. I don't know, this is the original from the Dixie Mountain. I mean, which is original, but there's also like raspberry pies in here and arduinos. Yeah. Walk me through, I stick a coin in, what happens? Okay, so when you stick a coin in to the front, it actually will drop down through this chute here and into the coin acceptor. The coin acceptor then has a data bus very similar to Canbus, it's called MBD. It's used in vending machines. And it talks to this little controller here. This controller then talks over USB to the Raspberry Pi. The Raspberry Pi is also connected to the Adreno as well, which handles the button front and the button matrix. So it's also for the bill acceptor comes in through the same bus. So you see, Joel D has done a very nice job in all the wiring here. I'm gonna get a flashlight in here so we can see it a little bit better. Gower, you wanna come on in? So you can see that's the OLED display up front. That's an IR blaster we haven't really used yet. See the new custom displays in this thing. Yes. And then if we look down here, this is behind the buttons. So this is all the NeoPixels that Zoro wired up. And then obviously you had to do custom labels for everything. Yeah, you can see how they're just paper and we've got brand new labels for it from Dixie Narco. Okay, so I put coins in, it registers a button click. Yep, and so then that goes to, the button click goes where though? I hit the button, where do we go? So it goes to the Adreno. He goes to an Arduino to recognize a button click so it's, it hit low. And then I can talk to the Pi, which then is even more complicated. And we'll show you this here real fast. This is a printout of the PHP being used to detect the coin acceptor and the bill acceptor. Oh, do you have this like open source or anything like that? We will release it after the con. Oh, that is so cool. This is the PHP you wrote. Yes. This is not, there's no libraries in here. It's off my functions. This is so cool. All right, so it goes to the Raspberry Pi. The Raspberry Pi looks like it's connected to two thorough printouts. Oh, it's more complicated than that. Oh, oh please. So we're going into the data center here now. You might want to get some good light in here. So this is the data center inside the soda machine. So this has four Dell R630s in it and a management unit. This management unit is I think of 430 or 460. And so it actually contains the code that's running the PHP that I showed you. It's handling all everything for management. Hey, Gary, really quick. We're seeing, able to see this as they light. Yeah. Excellent, okay. So it's all connected over the network. So the Raspberry Pi is just a serial relay. I'm talking from the management over TCP to the serial devices. So really all the code is ran on here. Raspberry Pi comes on here, it comes into here. And then what is this? This is a Dell 430, I think. It's pretty very, it's lower than the Pi. Yep. So, and that's all handled through this dumb switch here for management. There you can actually see the primary tether from the door. They put main ethernet and then the power for it. We do have a switch on the inside. And that switch is right here. The four port switch that handles everything. Yep, right down here. So. All right. So we're now in management. Once management decides that your payment is valid and you've pressed your button, it will print it through the thermal printers here. These are not worked as well. This is dual-star TSP650s, pretty standard restaurant thermal printers. And then it's kind of Velcroed in and there's a little guard on them to kind of prevent people from tampering with them. And so that's pretty much it. We pre-warmed the virtual machines. So whenever you request one, it's already been running for several hours. Just waiting for somebody to buy one. We jumped a ton of steps. I mean, you walk through each individual step, but there's so much more to this. So I have now put a coin in. I provisioned it. Raspberry Pi has recognized the serial connection. We've come back over to this. We've come into this. This now says to these servers. There's like four servers here. Backwards. So these spin up the VMs, whenever they say that we need more idle ones and pushes it to the database. Oh, and pushes it to the database. Yeah, so they're already running on here. And then when you buy one, you're a selected one that's already been running. How are these running? These VMs are like, are they full blown VMs? Are they Docker images? So they're QM, KVM virtual machines, with no management engine around them. So no libvert, no, you know, any of the other main ones. I'm literally launching the processes by hand with switches. Oh, that is so cool. And I'm running them on as an unprivileged user, re-niced, and so that way they are well behaved and they're directly joining to the bridges that I want them to. All right, so it's now, database picks up on the fact that someone's ordered one, go do it, go connect this one or it's in the database. And it gathers the credentials. It gathers the credentials, and then it sends it where? What's in the project and back it? This server brings it right back to the printer directly. Yes. And it prints out. All right, we've talked about the technical details. Well, let's get it shut because I know there's, there's like, what's, the other thing we haven't even mentioned here. Obviously, with everything at DEF CON, you need good art. You need good hardware. You need good software and PHP code and all of this, but you also need like hardware hacking and manufacturing skills. The airflow I know had to be cut all the way through this to get good airflow through all these servers. Yeah. How many of these have been bought even though we're early in the con? So we're at 250 virtual machines right now. And so, we've made north of $500 for a donation, they'll all be donated to the National Upcycling Computing Cooperative, which is kind of a research slash institute. It does a lot of dumpster diving and scavenging to be able to give out to others. Yeah, this is dual of these knuck. This was built using knuck equipment. Yeah, everything in this auto machine was dumpster dived. This is, this is amazing. All of this was dumpster dived. Even the vending machine? Yeah, we got it for free from a contact from Skull. I think it was like a mation lodge or something. I mean, you even saw the squirt in it when we got it. We talk about dumpster diving. And again, this is a whole story in and of itself. And I need to talk to Dual D at one point about his adventures in dumpster diving, but never does anyone consider, you could build something like this just from dumpster diving. Oh yeah, for sure. At this point, you've kicked it out, but what I was talking about is you had to do custom cutting, you need to do custom airflow, but now all of that is done. But we haven't even turned to the right yet. The moment we go over to the right, we get to see all of the different specs. We call it the Leaning Tower of Visa. Oh goodness. Okay, so what we have here is on the top is the web UI for it. So for instance, if I push a button on the front of it, and we give it a second, it'll tell you the VM specs. So you can see here, we got Diet OpenWart, Sugar Free BSD. In WN0. When you're pushing these button, this was new functionality you also had to build in because when each one of these buttons are pressed, not only does it need to detect has there been money in it, but if there isn't money in it, to go all the way through the process to then show this information on screen. Oh yeah, for sure. This was very cool. It's six daemons that are currently running. Six separate PHP scripts. They're all running in separate processes. They synchronize through the database. So the web UI is just pulling states back out from the database. So when the button daemon says, hey, a button was pushed, it doesn't know that there's no money in it. It just says a button was pushed. Processor, which is huge. I printed it out like this thick process. It's the one who actually handles the receipt and VM capture. And so it's the one who kind of handles the money a little bit, the payment logic a little bit more. So here's really where it comes down to. I have seen many projects at DEF CON. This incorporates physical. It incorporates fabrication and software in art. This may be, this is hacking at DEF CON. Oh, for sure. This is what I envision hacking at DEF CON. This is, I'm kind of just flabbergasted. With that though, if you are at DEF CON, check this out. Check what else the NUC has figured out in what they've been building. I'll leave links in the video description because the NUC, if they can build something like this from dumpster diving, we need to find out what else could be built after DEF CON? Where is this going? So after DEF CON, this soda machine will be exhibited at the Rochester Institute of Technology Global Cybersecurity Institute in the Experience Center. We have a little museum that's open to the public of different hacker things. And so we're going to bring this up there and make it live, available for students and staff or anybody else around to be able to get shells at will. And then we'll bring it back to DEF CON next year. And so RIT's going to pay to bring it back next year. And so it's going to be great so it can continue to live on forever. And this is shells. And what does shells stand for again? Oh no, soda. Soda. This is the soda machine. Yeah, for the shell on demand appliance. We'd be popping shells over here. Thank you so much for sharing this with us. Thank you just for building something so cool. Thank you for watching. And as always, hack on.