Nekmo
commented
4 years ago I don't know any way, but I think it's an interested topic. I leave this issue open. :+1:
Closed FearlessPotatoKing closed 4 years ago
Nekmo
commented
4 years ago I don't know any way, but I think it's an interested topic. I leave this issue open. :+1:
fffonion
commented
4 years ago I was running into the same issue and google leads me here : ). Then I found a useful blog https://mpetroff.net/2016/07/new-amazon-dash-button-teardown-jk29lp/ that works for my JK29LP.
So I made a script https://gist.github.com/fffonion/d4960503ff6782640286163d47a30080. All you need to do is long press the dash button and connect to the hotspot Amazon ConfigureMe.
Emm but it seems only the first press after setup is working, might be missing something here.
Nekmo
commented
4 years ago Great job @fffonion ! I ask your permission to use your work in a future version of Amazon-dash, if you want. Of course I would include you in the contributors.
fffonion
commented
4 years ago @Nekmo Yes feel free to (please also include the original blog post).Though the current code might need some extra work, it doesn't seem stable.
Nekmo
commented
4 years ago @Nekmo Yes feel free to (please also include the original blog post).Though the current code might need some extra work, it doesn't seem stable.
Thanks! I have enough buttons to do tests.
drthanwho
commented
4 years ago Does your script work with python ion windows? It won't go passed the waiting for connection" step. Have I understood correctly that need to run it like this:
py setup-dashbutton.py *wifi name* *wifi password*
cribbstechnologies
commented
4 years ago @fffonion I read something a while back that when the button is activated it connects to the Amazon API and if it doesn't get a proper response the button resets itself. I assume it's making a SSL call to Amazon but I doubt it has strict certificate checking so you could probably "man in the middle" and sniff the traffic
jogilder
commented
4 years ago I had three buttons set up and working until about a week or so ago at which point they dropped off my WiFi network. I'm trying to reconfigure them using Amazon configure me but I can't get the buttons to connect. Sometimes I can see the hotspot, other times I can't. I have yet to manage to connect for long enough to use the setup. Just to check @fffonion when you say it only works once - can you then reset the button again? Are you stopping your button from talking to the internet? Previously the buttons were connected to the internet and I'm wondering if they've been flashed so they don't work/setup as they did before. Anyone else?
fffonion
commented
4 years ago @jogilder I tried on two buttons that using the script, they blinked white LED and sends DHCP in the network, followed with red LED blinks like other normal configured buttons. The second time I press on those two buttons they just show up with a long red LED, then went off. No wifi connection attempt. I was not able to make those buttons work again using the script (they always reply with red LED). I didn't do anything to stop it from connecting to internet. But would be happy to see more data points if anyone wants to try.
@cribbstechnologies The author of the blog post above mentioned in other post that said the button does strict ssl checking. Though I haven't checked by myself.
jogilder
commented
4 years ago @fffonion I had the same problem. Looking at the traffic after they stopped working, pressing the button didn't produce anything on my wifi network. I wonder if they flashed them. I am going to experiment with zigbee but will keep the buttons in case there is a solution.
cribbstechnologies
commented
4 years ago @cribbstechnologies The author of the blog post above mentioned in other post that said the button does strict ssl checking. Though I haven't checked by myself.
I don't see anything about strict checking. There's a guy that was masquerading his server as Amazon and it communicated with it but the button is absolutely expecting some form of communication from Amazon and if it doesn't get it, it dumps its settings. I don't know how to set up a man in the middle situation where the server could examine what's coming back from Amazon but I bet if someone had the know how it could be done and a simple web endpoint could be set up to pretend it's Amazon and give the "everything's okay" response.
rohitsud
commented
4 years ago FWIW I face the same problem when using the endpoint to manually configure the SSID it should connect to. I get an HTTP 200 on the GET request but then the button seems to reboot and doesn't connect to WiFi. My firmware version is 40018220_WS and the button doesn't respond on https://192.168.0.1 only on http.
FearlessPotatoKing
commented
4 years ago Hey Nekmo, is there any way to warn all the amazon-dash users that Amazon will send out a patch on December 31st to disable all amazon dash buttons? They should blacklist the server that the dash buttons try to connect to in their routers if they want them to keep working afterwards. (Hopefully that would be enough) https://www.amazon.com/gp/help/customer/display.html?nodeId=201746440
Here is my pihole log of the connections my dash buttons try to make when i click them.
`
2019-12-03 11:28:34 A dash-button-na-aws-opf.amazon.com 192.168.1.121 Blocked (blacklist)
2019-12-03 11:28:34 A 3.amazon.pool.ntp.org 192.168.1.121 Blocked (blacklist) - (0.2ms)
2019-12-03 11:28:34 A 2.amazon.pool.ntp.org 192.168.1.121 Blocked (blacklist) - (0.2ms)
2019-12-03 11:28:34 A 1.amazon.pool.ntp.org 192.168.1.121 Blocked (blacklist) - (0.2ms)
2019-12-03 11:28:34 A 0.amazon.pool.ntp.org 192.168.1.121 Blocked (blacklist) - (0.3ms)
`
Also, a feature request: Is there a way we can keep track of how many times each dash button has been pressed? I think i've heard that the battery has a lifetime of about 2k clicks. I have a couple of buttons that i use 3-4 times a day for different tasks, and would like to replace the battery once they start getting close to maybe 1700 clicks. I would be okay with just having the mac address appended to a txt file which i could check every so often to see if it was time for a battery replacement soon.
Nekmo
commented
4 years ago I can launch an update with a warning for all amazon-dash users.
Nekmo
commented
4 years ago Hey Nekmo, is there any way to warn all the amazon-dash users that Amazon will send out a patch on December 31st to disable all amazon dash buttons? They should blacklist the server that the dash buttons try to connect to in their routers if they want them to keep working afterwards. (Hopefully that would be enough) https://www.amazon.com/gp/help/customer/display.html?nodeId=201746440
Here is my pihole log of the connections my dash buttons try to make when i click them.
`
2019-12-03 11:28:34 A dash-button-na-aws-opf.amazon.com 192.168.1.121 Blocked (blacklist) 2019-12-03 11:28:34 A 3.amazon.pool.ntp.org 192.168.1.121 Blocked (blacklist) - (0.2ms) 2019-12-03 11:28:34 A 2.amazon.pool.ntp.org 192.168.1.121 Blocked (blacklist) - (0.2ms) 2019-12-03 11:28:34 A 1.amazon.pool.ntp.org 192.168.1.121 Blocked (blacklist) - (0.2ms) 2019-12-03 11:28:34 A 0.amazon.pool.ntp.org 192.168.1.121 Blocked (blacklist) - (0.3ms)
`
Also, a feature request: Is there a way we can keep track of how many times each dash button has been pressed? I think i've heard that the battery has a lifetime of about 2k clicks. I have a couple of buttons that i use 3-4 times a day for different tasks, and would like to replace the battery once they start getting close to maybe 1700 clicks. I would be okay with just having the mac address appended to a txt file which i could check every so often to see if it was time for a battery replacement soon.
I have included a warning with an update. I have also updated the readme.
sidoh
commented
4 years ago I found a way to complete the setup process without the button needing to phone home. It requires that the button is running an older version of firmware that is vulnerable to an exploit in the HFA audio setup process. If your button has received an OTA update at any point, it's probably been patched.
Writeup is here: https://blog.christophermullins.com/2019/12/20/rescue-your-amazon-dash-buttons/
happy hacking everyone!
sidoh
commented
4 years ago btw -- dash-button-na-aws-opf.amazon.com looks region specific.
If you're in Europe, the domain is likely dash-button-eu-aws-opf.amazon.com:
$ nslookup dash-button-eu-aws-opf.amazon.com
Non-authoritative answer:
Name: dash-button-eu-aws-opf.amazon.com
Address: 52.95.116.142But can't say for sure. Probably safest to just keep the buttons off APs with Internet access.
mattia2007
commented
4 years ago hello, i'm new but i how can i connect the dash button to the wifi ? if you can explain me something, thank you sorry for the bad english i'm from italy
Nekmo
commented
4 years ago @mattia2007 I am working a new version with a wizard to configure the buttons. This wizard will not require advanced knowledge. It will be available very soon.
davepet
commented
4 years ago Great to hear.
mattia2007
commented
4 years ago thank you you saved me
mattia2007
commented
4 years ago but does it works for home assistant for the smart home?
Nekmo
commented
4 years ago @mattia2007 amazon-dash is compatible with Home Assistant.
https://docs.nekmo.org/amazon-dash/config_file.html#home-assistant-event
Nekmo
commented
4 years ago sidoh
commented
4 years ago @Nekmo, reading your script, I'm pretty sure it'll only work for:
It won't work for:
I explain why in the blog post i linked above, and also show how to get around it if the button is running older firmware.
In short, buttons need a secret that they normally got from Amazon during the setup process within the app. There's no direct way to trick the button into writing this secret, as it's pinned Amazon's TLS certs. So we're left with the types of hacks I wrote about in the blog post.
I spent a few days in a dissasembler looking at the dash button's firmware, which is why I'm able to state this with confidence.
mattia2007
commented
4 years ago buy it doesn't work
Nekmo
commented
4 years ago @sidoh thank you for your work! :) I understand that the audio hack only works on May 2016 and earlier models. If you agree I could put the audio in the setup wizard. I can add you to the contributors page. I would also put a link to your blog.
sidoh
commented
4 years ago You're more than welcome to put it in the wizard.
The caveats worth mentioning to your users are:
Nekmo
commented
4 years ago Thanks @sidoh :) I will include your recommendations in the wizard. I will also include you on the contributors page.
Nekmo
commented
4 years ago A question @sidoh , is it necessary to connect to the device via wifi to be able to hack? That is, does the device only start listening using the microphone after connecting via Wi-Fi?
sidoh
commented
4 years ago No, not necessary to connect. It'll listen for HFA packets as well as wait for wifi connections in setup mode.
Nekmo
commented
4 years ago Thanks @sidoh ! :) In my tests with the buttons that I have,It doesn't seem to connect to the router in the setup process. Does the same happen in the first configuration?
sidoh
commented
4 years ago Apologies if I'm misunderstanding -- are you asking if the button connects to an external wifi network during setup? As far as I'm aware, it never does this during the setup process, whether or not it's been set up before.
Nekmo
commented
4 years ago @sidoh to document the setup process, I would like to know if it is necessary to block the device's internet connections before sending the ssid and password, or is it safe to block the connections afterwards, before using the button for the first time.
In my tests with the buttons that I have, the device does not connect to the router during configuration after receiving the ssid and the password but it may not connect because I have already configured these buttons in the past.
Sorry for my English, it is not my native language :(
sidoh
commented
4 years ago Got it, question makes sense. I had misunderstood (my fault, not yours) and thought we were talking about the setup process before ssid/psk are entered.
A button with the audio hack applied and a button that's already been set up before are functionally in the same state. I'd expect them to behave in the same way.
I believe that a button that hasn't been set up before and doesn't have the audio hack applied just refuses to save wifi credentials.
So I don't think the button tries to connect until after the first button press.
That said, I think the safest approach would be:
Nekmo
commented
4 years ago @sidoh I have added a new command that uses your hack, thanks :)
Thanks also for your help. I will follow your advice to inform the user during device setup. I will use your help to write the documentation.
Nekmo
commented
4 years ago Okay! Everything is ready for this issue. The next release will include this change.
Thank you all! :)
Put an
xinto all the boxes [ ] relevant to your issue (like this:[x])What is the purpose of your issue?
I went to add a new dash button to my home network today, and found out that I can no longer set up new dash buttons through the Amazon Shopping app on my phone. I tried downgrading the Amazon Shopping app to a version from a year ago, and got the same result. Amazon has removed the ability to activate new Amazon Dash buttons. I found out that they discontinued Amazon Dash about a month ago or so.
Does anyone know of a way to activate a button without using Amazon's app? I have about 30 of them around my house that will work just fine for the foreseeable future, but i have about 5-6 that haven't been set up, and i currently have no way of configuring them to my network. Tried doing a google search, and reddit search, with no luck.