dash2pi
RE-PURPOSING THE AMAZON DASH BUTTON WITH A RASPBERRY PI
This writeup details how to use the dash button for your own purposes using only a Pi to monitor it: there's no need for an internet connection or WiFi router.
CONFIGURING THE BUTTON
You need to configure the dash button to connect to your Pi. The easiest way is to borrow a WiFi router, configure it's SSID to temporary, and make it an open access point (authentication disabled). Connect the router to the internet.
Set up the dash button per these instructions but only through step 4. It's not necessary to have an Amazon Prime account. Note that you don't select a product. After you're done, power off the router: you don't need it anymore, and it'll interfere with the Pi.
CREATING AN ACCESS POINT
Install a WiFi dongle on the Pi and get connected to the Internet. Install needed software:
sudo su
apt-get install hostapd dnsmasq tcpdump
Edit your /etc/hostapd/hostapd.conf file to look like this:
interface=wlan0
driver=nl80211
ssid=temporary
channel=1
auth_algs=1
ignore_broadcast_ssid=1
Run hostapd and test it:
killall wpa_supplicant
hostapd /etc/hostapd/hostapd.conf
If you get an error message like "Driver does not support authentication...", hostapd doesn't support the WiFi driver the Pi is loading. If you're using the 8192cu driver (type lsmodto check) you can fix this by getting a special version of hostapd. Follow these excellent instructions, change the driver line in hostapd.conf to driver=rtl871xdrv then re-run the command.
Now press the dash button. In about ten seconds you should see text indicating the button tried to connect. The button's MAC address is also displayed: write it down for later use. Mine was 74:C2:46:E4:5B:99, and is used in the examples below.
To have a bit better control over how hostapd runs, run systemctl disable hostapd then add the following lines to /etc/rc.local:
ifconfig wlan0 10.0.0.1
hostapd -B /etc/hostapd/hostapd.conf
Now change the name of the /etc/wpa_supplicant directory to keep wpa_supplicant from causing problems. There's probably a more elegant way to control hostapd and wpa_supplicant, but I didn't have time to research further.
If you stop here, you can detect the button press by monitoring for arp probes, however the button will remain on for longer than a minute. With a little extra work you can shorten this time to under twenty seconds. That'll make the battery last about 4 times longer!
SETTING UP DHCP AND DNS
After the button connects to it's configured access point it gets an address via dhcp, queries Google's dns server at 8.8.8.8 for the address of parker-gateway-na.amazon.com, then begins communicating with it via https. You can use a combination of the dnsmasq program and Linux's built in packet translation capability to simulate most of this:
Edit your /etc/hosts file to look like this:
27.0.0.1 localhost
10.0.0.1 parker-gateway-na.amazon.com
10.0.0.1 parker-gateway-na.amazon.com.https
And edit your /etc/dnsmasq.conf file to look like this:
domain-needed
bogus-priv
no-resolv
local=/amazon.com/
domain=amazon.com
interface=wlan0
dhcp-range=10.0.0.2,10.0.0.3,12h
dhcp-host=74:C2:46:E4:5B:99,10.0.0.10
dhcp-ignore=tag:!known
NOTE: Change the dhcp-host line to match the mac address you wrote down.
Finally add the following to the /etc/rc.local file:
iptables -I PREROUTING -t nat --destination 8.8.8.8 -j DNAT --to-destination 10.0.0.1 -i wlan0
iptables -A INPUT -j ACCEPT -m mac --mac-source 74:C2:46:E4:5B:99 -i wlan0
iptables -A OUTPUT -j ACCEPT -o wlan0
iptables -P OUTPUT DROP
iptables -P INPUT DROP
iptables -P FORWARD DROP
NOTE: Change the mac-source line to match the mac address you wrote down.
Now reboot the Pi and give it a test. After pressing the button it's light should turn to solid red after about fifteen seconds.
DETECTING THE BUTTON PUSH
Tcpdump can be used to monitor the button as it tries to access the Amazon https server. The following command will wait for a press from the button, then exit:
tcpdump -l -c 1 dst host parker-gateway-na.amazon.com and dst port https
It can be used in a shell script or other program to trigger an action. I'll leave the details as an exercise for the reader.
BATTERY LIFE
Should be around 600 presses as long as the button is only active for twenty seconds at a time. This will happen as long as the Pi is on and working correctly. If not, the default button on time of over a minute will reduce this to around 200 presses.
SECURITY
There isn't much. The good news: the firewall and dhcp are configured to only allow access from the button's mac address, and the action is only triggered when the dash button tries to connect to it's server. The bad news: the mac address is is easily discovered and spoofed, and the server address is public knowledge. So the button could be simulated easily by an attacker.
You could improve things by configuring the button and the Pi to use a WiFi password. You can find how using the hostapd-conf man page. Then set up the dash button to match. This is hackable given enough traffic, which I doubt the button generates.
You should also disable any unneeded services - especially ssh. And the firewall rules could be improved. Maybe I'll work on this bit later...
At any rate, I recommend you get it running without security first. It's one less thing to troubleshoot. Which leads to....
TROUBLESHOOTING
The end of the file /var/log/daemon.log will have entries showing progress. There should be entries something like this if everything is working:
Oct 14 07:04:52 raspberrypi hostapd: wlan0: STA 74:c2:46:e4:5b:99 IEEE 802.11: associated
Oct 14 07:04:52 raspberrypi hostapd: wlan0: STA 74:c2:46:e4:5b:99 RADIUS: starting accounting session 561E60F8
Oct 14 07:04:52 raspberrypi dnsmasq-dhcp[458]: DHCPDISCOVER(wlan0) 74:c2:46:e4:5b:99
Oct 14 07:04:52 raspberrypi dnsmasq-dhcp[458]: DHCPOFFER(wlan0) 10.0.0.10 74:c2:46:e4:5b:99
Oct 14 07:04:52 raspberrypi dnsmasq-dhcp[458]: DHCPREQUEST(wlan0) 10.0.0.10 74:c2:46:e4:5b:99
Oct 14 07:04:52 raspberrypi dnsmasq-dhcp[458]: DHCPACK(wlan0) 10.0.0.10 74:c2:46:e4:5b:99
Oct 14 07:05:11 raspberrypi hostapd: wlan0: STA 74:c2:46:e4:5b:99 IEEE 802.11: disassociated
You can see that the button connected successfully to hostapd, got an address of 10.0.0.10 via dhcp, then disconnected 19 seconds later.
This site has been tested to display correctly using Epiphany on the Raspberry Pi