Open iointerrupt opened 2 years ago
the wyze device sets up through the wyze app. The device reads a QR code produced by the app. I've not checked the contents of the QR code, but at a minimum it contains the SSID / password. I'd suspect it also contains the username and some sort of key.
Yeah the QR code generates a string in the following format: b=[RANDOM ALPHANUMERIC]&s=[BASE 64 ENCODED SSID]=&p=[BASE 64 ENCODED AND RANDOM ENCODED SSID PASSWORD]&t=-6&r=USA&ty=1
The b parameter is random and the password is encrypted as well (possibly using the value of b as a salt??). The funny thing is, I noticed a lot of other cheap cameras with their own app use the same format (Yi Home App, 360 Camera APP).
After the scanning and when the camera connects to the wifi, the camera still needs to communicate with the App and do some further initializations like liking with the wyze account to the cloud.
I was also able to use the same QR code 2x to connect the camera to the wifi which means the qr code is probably time based. If I had more than one camera, would like to see if the QR code could be scanned for multiple devices
EDIT: I just did some further testing and did a full factory reset on camera and use the same QR code to connect the Wyze cam to the same wifi. This was originally scanned over a month ago. This leads me to believe that the QR code is used just to encode the wifi ssid and password and not necessarily connected to the initialization session. This means the same QR code is likely not device dependent nor time based.
This appears to be possible if you use a side loaded hack that utilizes the factory_t31_ZMC6tiIDQN
boot method such as wz_mini_hacks.
The hurdles with a completely offline approach are:
bindOk=1
so it connects with the saved wifi password and ssid./configs/.user_config
manually. Some of these options / settings are documented on my personal notes here. Reboot the camera or restart iCamera for these to take effect.I was poking away at making the Wyze Cam v3 run without internet and came up with a binary based patch for iCamera. As part of my testing, I was able to set up a new Wyze Cam v3 (straight out of a box, never connected to the cloud) without using the Wyze App or having the Wyze Cam connect to the internet at all.
Here is what I did to setup a Wyze Cam as a RTSP/IP camera without touching the cloud or internet (copied from my Wiki):
I just unboxed my Wyze v3 cam and I want to use it without internet on my own IoT (internet-less) VLAN with RTSP streaming and without the use of the Wyze App. I've looked at unofficial firmware/workaround repos for any guide that will allow me to initally setup the camera on my local wifi but all of them require you to use the Wyze App (which means install wyze app, sign up for a Wyze account, and initialize the camera with their cloud service first).
Is it possible to initialize the camera without using the app to my local WiFi? If it requires a hardware access, I can do UART/serial if necessary but I just need to know what pins to use for RX,TX,GND/VCC. I read an earlier post where someone bricked the device by accidentally setting up with the wrong pin.
Usually with some IoT devices, i've seen, you can put the device in setup-mode which would initialize the device WiFi, so that you can connect to its SSID and send it commands to initialize the device. When I power up the wyze v3 and press setup, I don't see any new SSIDs to connect to.