Xiaomi Air Purifier 3H Reverse Engineering Part 3: ESP32 DUMP

Yesterday, I received a mail! By a user named : tuxuser. I thought I was alone in the world of Xiaomi Air purifier poking… Since more people are getting involved I decided to update some more information on the web! I dumped the ESP Flash contents using : Link (look closely and you will see… Continue reading Xiaomi Air Purifier 3H Reverse Engineering Part 3: ESP32 DUMP

Xiaomi Air Purifier 3H Reverse Engineering Part 2: Fremont EEPROM dump

As stated in the first post, the main PCBA contains a Fremont EEPROM. I used one of many Chinese flash tools (mine is a SP8-F made by fly-pro…) ROM dump: The first thing I do with a ROM dump is to analyze the data using a website called : http://binvis.io I then upload my binary… Continue reading Xiaomi Air Purifier 3H Reverse Engineering Part 2: Fremont EEPROM dump

Installing and using ESPtools

Step 1.Install Python (On Windows 10) Option 1: On Windows 10, you may type “python” in the Windows search box beside the Windows Start button and download Python from the Windows App Store. Option 2: Download the latest version of python from their website: click Don’t forget to check the “Add Python X to PATH”… Continue reading Installing and using ESPtools

Xiaomi Air Purifier 3H Reverse Engineering Part 1: Probing Around

Welcome to the family Xiaomi Air Purifier H3! If something enters my house I open it as quickly as possible and start probing around. The following information is for educational Purposes only! Note, I absolutely love Xiaomi stuff since it is cheap, of decent build quality, and it’s fun to probe around in! How to… Continue reading Xiaomi Air Purifier 3H Reverse Engineering Part 1: Probing Around

Xiaomi Xiaofang S1 RTSP hack 2

Xiaomi-xiaofang-S1

As I suspected in the previous post (16 Feb 2019, i know its been a while) this firmware is not really safe. stacksmashing made a nice video about a firmware hack. Full explanation in the video below: it’s really cool to watch a software hacker do its thing!    

Xiaomi Xiaofang S1 RTSP hack

Xiaomi-xiaofang-S1

how to flash custom firmware: download: https://github.com/EliasKotlyar/Xiaomi-Dafang-Hacks/raw/master/hacks/cfw/xiaofang/cfw-1.0.bin 1:Format your microSD to FAT32 (use a micro SD card smaller than 4GB) my 16GB kingston  cards where giving me trouble. 2:put the CFW-1.0.bin file on the MicroSD and rename CFW-1.0.bin to demo.bin 3: insert micro SD card into camera 4:hold reset buton & power on, keep pushing the… Continue reading Xiaomi Xiaofang S1 RTSP hack