Comments (14)
Looking forward to Tuesday with half the digiblurDIY Army in tow..
from tuya-cloudcutter.
ref bk firmware dumping, note also my fork of the beken python stuff... also does SPI from RPi if you stuff the bootloader...
https://github.com/btsimonh/hid_download_py
from tuya-cloudcutter.
tomorrow !!!
from tuya-cloudcutter.
I guess I get the soldering iron out to put openbeken on the device which will arrive today, and light my kitchen tomorrow.... I suppose I can always test on my test device by returning it to the factory firmware. - and maybe test on the device which is arriving as it's not TOO difficult to extract after installation.
I take it you will want reports of success to add to the list?
Looking forward to the details next week!
br,
Simon
from tuya-cloudcutter.
Nice work!
I'm going to assume that Tuya are looking at this thread....
To Tuya:
For those of us who love the hardware cost, but hate the cloud requirement (and have a strong distrust of commercial closed source networkable firmware), it would be great if Tuya took this into account in their devices -
I see two ways;
1/ enable local control by default, allowing people to block outgoing traffic, or run in an isolated LAN.
2/ enable local flashing with OSS firmware. It may never be as featured as the Tuya ecosystem, but that's our loss.
Let's face it, if these were Russian originated, we would have been told to turn off all of our lights in the last few weeks...
from tuya-cloudcutter.
Hi @tfrew-r7, thanks for your interest. The coordinated disclosure window with Tuya ends on March 29th (next Tuesday). We'll publish a write-up directly after, and will release our tooling either then or a few days after, depending on how fast we can polish it up. We're working on that right now.
tl;dr: any day now! ;)
from tuya-cloudcutter.
@btsimonh yep, we'd love to hear about successful exploitation. Do note that each unique firmware will need its own exploit chain addresses, which we currently build by hand. We've found a handful of devices that have the exact same firmware (and thus addresses), but most are different.
So if you have a device that's not yet in the supported list, the addresses first need to be determined. You can send a fw dump to us and we'll try to check it out, or you can find them yourself after we publish the writeup.
Talk soon!
from tuya-cloudcutter.
@tjclement - device is the one in this post:
https://www.elektroda.com/rtvforum/viewtopic.php?p=19932845#19932845
full dump (less bootloader) is attached to the post.
My other one (my true dev device) is a uk Calex LED strip, will use this to test the 'methods' of extracting the required :).
@digiblur - completely off topic - you have Tuya devices with Tasmota? - i'll need some help with Tuya testing... post an isuse at https://github.com/btsimonh/Tasmota/tree/Tuya if you feel you could help.
from tuya-cloudcutter.
Will the release include a dumper? Keep getting a CRC error trying to dump an N chip
from tuya-cloudcutter.
@tfrew-r7 have you tried https://github.com/khalednassar/bk7231tools ? There's a flag for this exact issue described in the README.
from tuya-cloudcutter.
Thanks, I will dump with that tool later today, should I email you the files?
from tuya-cloudcutter.
There's no particular process we've thought of yet, but please don't email it to us and instead make an issue here with a link to the dump or some other publicly readable form.
That way everyone can see it and others can help building payloads without us becoming a bottleneck.
from tuya-cloudcutter.
@tjclement - device is the one in this post: https://www.elektroda.com/rtvforum/viewtopic.php?p=19932845#19932845 full dump (less bootloader) is attached to the post. My other one (my true dev device) is a uk Calex LED strip, will use this to test the 'methods' of extracting the required :).
@digiblur - completely off topic - you have Tuya devices with Tasmota? - i'll need some help with Tuya testing... post an isuse at https://github.com/btsimonh/Tasmota/tree/Tuya if you feel you could help.
Sent you a message on that proejct branch.
from tuya-cloudcutter.
tomorrow !!!
now!
from tuya-cloudcutter.
Related Issues (20)
- MAC overwritten HOT 12
- Moes Smart Curtain Switch HOT 12
- Tuya BHT-002-GALW (BHT-002GA) Water/Gas heating thermostat HOT 7
- nl80211: Could not configure driver mode HOT 2
- Deta DET902HA Series 2 Downlight - WB2L HOT 3
- device dump for Geeni BW223 Bulb HOT 1
- hostapd_free_hapd_data: Interface wlan0 wasn't started HOT 5
- EARU EAWCPT-J - Circuit breaker HOT 1
- Could not connect to SSID HOT 4
- Add EMAX Smart plug HOT 1
- Tuya LED BULB W5K - bluetooth and wifi. HOT 4
- Issue when trying to build docker image HOT 2
- PSKKEY/AUTHKEY do not match device. HOT 3
- new device Calex smart multi color LED strip UPK2Home dump HOT 3
- New Device Calex Smart plug 900011.1 v1.1.2 HOT 1
- Tuya Human Presence Detector ZG-205-W doesn't goes to AP mode HOT 1
- LSC Smart Led Strip 3203632 HOT 2
- tuya-generic-universal-ir-remote-control-cb3s-v2.0.0 HOT 5
- Can tuya-cloudcutter be run on Proxmox on NUC? HOT 1
- Tuya IR Remote 2.2.3 can't exploit HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tuya-cloudcutter.