Open amazingproducer opened 2 years ago
I'm using python3.8 and have not enabled MFA -- is MFA a requirement?
I see the same on my end. MFA isn't a requirement. It looks like Wyze changed their API in a way that breaks WyzeUpdater. I'll take a look today or tomorrow.
Yep, Wyze changed their API -- it looks like they're actually validating firmware upgrade requests against a list of approved URLs. There go the fruits of 100+ hours of my life ðŸ˜.
The upload request payload used to be:
{
"action_params":{
"model":"WLPP1",
"url":"https:\/\/s3-us-west-2.amazonaws.com\/wuv2\/upgrade\/WLPP1\/firmware\/1.2.0.80a.bin",
"md5":"b26317e115923f5975218aacbeceb92a"
}
}
Now, it's:
{
"action_params":{
"model":"WLPP1",
"url":"https:\/\/s3-us-west-2.amazonaws.com\/wuv2\/upgrade\/WLPP1\/firmware\/1.2.0.80a.bin",
"md5":"b26317e115923f5975218aacbeceb92a",
"firmware_ver":"1.2.0.80"
}
}
If the URL field contains an unofficial firmware URL, the request runs long and the server returns a 500 error. The same happens if firmware_ver
and url
binary don't match. Wyze is probably keeping a table on their end with official URLs for each firmware version and is only passing through legit URLs.
There's one more approach that can be used to upgrade firmware OTA. Wyze manages devices using the AWS IoT framework and their devices don't validate server certificates (not validating seems to be common with these types of devices):
This means that Wyze plugs are probably susceptible to MITM attacks. They could be connected to a WiFi network created on, say, a Raspberry Pi, that routes AWS IoT traffic to a local, rogue AWS IoT server that feeds the device a custom firmware URL.
Regardless of approach, I don't have much free time right now and would have to hold off on finding a workaround. I'd be happy to help anyone willing to invest time into building a new loader. esp2ino should still work once loaded onto a device.
Wow. I just got my starter kit bulbs and plugs completely flashed over last week. Glad I did. MITM definitely seems like the right approach for future work. Maybe even just a local DNS reroute of those URLs?
Shucks. I guess for now, my wyze bulbs will continue to languish, unused. The idea of asking a Seattle startup for permission every time i want to use my lights is disgusting.
Dang! I saw this same error and missed the window by just a couple days. Too bad. If only they'd make the bulbs friendlier to other hubs I'd stick with their stuff.
Can you downgrade the firmware?
@HclX Wyze is filtering requests via their API servers without involving individual devices. Device firmware is actually unchanged and this impacts all firmware versions.
@elahd @HclX lol, after trying to flash a few plugs from a Linux and Windows machine and replicating this Request failed, error 3005:UnauthorizedOperation
I had a bad feeling they had blocked off their API's.
If you can open the plug up I'm sure you can still manually flash it
Just attempted to flash my first device in order to move away from Wyze and ran into this error. Bummer
Is this Wyze denying my request? Information about my device: