Does the hack still work?

GuillaumeBraillon commented 6 years ago

I am with the firmware version 3.3.6_2017111315 and the hack does not launch.

ghoost82 commented 6 years ago

Hi,

the hack is usually working with latest firmware version 3.3.6_2017111315. This was confirmed by various users in #1

Egidius commented 6 years ago

I've got the same problem on the same firmware version. This is what I did

Downloaded the precompiled release: https://github.com/ghoost82/mijia-720p-hack/releases/download/v0.9/mijia-720p-hack.zip
Formatted a 32GB SD Card to FAT32 using Disk Utility
Copied all files inside of the mijia-720p-hack/sdcard/ folder in the unzipped release to the root of the SD Card I just formatted.

Here's my config:

## Password for root user, needed for SSH server and Samba R7W access
ROOT_PASSWORD="myrootpassword"
## Set WIFI STA SSID, when empty no configuration is done
WIFI_SSID="My Wifi SSD"
WIFI_KEY_MGMT="WPA-PSK"
## Set WIFI STA password
WIFI_PASS="mywifipassword"
## Set timezone -> http://svn.fonosfera.org/fon-ng/trunk/luci/modules/admin-fon/root/etc/timezones.db
TIMEZONE="UTC"
## Prefered NTP server
NTP_SERVER="pool.ntp.org"
## Start syslog (0/1)
ENABLE_SYSLOG=0
## Total Disconnect from Xioami servers, includes disable of streaming and OTA updater (0/1)
DISABLE_CLOUD=1
## Manage the camera via cloud but don't stream anything outside your network (0/1)
DISABLE_CLOUD_STREAMING=1
## Manage the camera via cloud but prevent online updates (0/1)
DISABLE_OTA=1
## Start telnet server at system boot (0/1)
ENABLE_TELNETD=0
## Start SSH server at system boot (0/1)
ENABLE_SSHD=1
## Start web server at system boot (0/1)
ENABLE_HTTPD=1
## Start FTP server at system boot (0/1)
ENABLE_FTPD=0
## Start samba server at system boot (0/1)
ENABLE_SAMBA=0
## Start local streaming server at system boot (0/1)
ENABLE_RTSP=1
## Disable the execution of the hack scripts (0/1)
DISABLE_HACK=0
## Use custom english sound files (0/1) WIP
SOUND_EN="0"

I inserted the SD Card into the camera and it follows this exact procedure:

yellow: camera startup blue blinking: network configuration in progress (connec to wifi, set up the IP address) blue: network configuration is OK. Camera is ready to use.

When I open the Mii app and I copy the device's IP Address from Device Settings>Network info into my browser's omnibar I get a 404. SSH'ing throws a "Connection refused" error.

I assume the hack wasn't applied as the HTTP server is not running, but I'm not sure what I did wrong. I enabled the ENABLE_SYSLOG flag, but the log folder remains empty.

Transylvanier commented 6 years ago

Hello,

i´m face similar situation on firmware version 3.3.6_2017111315. The hack seams to work but I can´t acess to my wifi network.

Downloaded the precompiled release: https://github.com/ghoost82/mijia-720p-hack/releases/download/v0.9/mijia-720p-hack.zip

Formatted a 1GB SD Card to FAT32 Copied all files inside of the mijia-720p-hack/sdcard/ folder in to the SD Card

Attached the LOG file. Maybe someone is abel to help me out.

Mijia 720P hack configuration ROOT_PASSWORD=mypassword WIFI_SSID=FRITZ!Box 7490 WIFI_PASS=mypassword TIMEZONE=UTC NTP_SERVER=pool.ntp.org ENABLE_SYSLOG=1 DISABLE_CLOUD=1 DISABLE_CLOUD_STREAMING=1 DISABLE_OTA=1 ENABLE_TELNETD=1 ENABLE_SSHD=0 ENABLE_HTTPD=1 ENABLE_FTPD=0 ENABLE_SAMBA=0 ENABLE_RTSP=1 RTSP_OPTIONS= SOUND_EN=0 /mnt/data/imi/imi_init/_S01logging: line 19: /etc/init.d/S10mdev: not found Starting logging: OK Configure time zone Setting root password Changing password for root New password: Retype password: Password for root changed by root Setting Samba root password tdbsam_open: Converting version 0.0 database to version 4.0. tdbsam_convert_backup: updated /tmp/sd/mijia-720p-hack/tmp/samba/passdb.tdb file. account_policy_get: tdb_fetch_uint32 failed for type 1 (min password length), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 2 (password history), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 3 (user must logon to change password), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 4 (maximum password age), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 5 (minimum password age), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 6 (lockout duration), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 7 (reset count minutes), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 8 (bad lockout attempt), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 9 (disconnect time), returning 0 account_policy_get: tdb_fetch_uint32 failed for type 10 (refuse machine password change), returning 0 Failed to load upcase.dat, will use lame ASCII-only case sensitivity rules Failed to load lowcase.dat, will use lame ASCII-only case sensitivity rules Added user root. Configure WiFi /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 4: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 5: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 9: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 12: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 14: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 17: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 23: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 25: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 31: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 33: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 43: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 45: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 47: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 49: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 61: : not found /tmp/sd/mijia-720p-hack/scripts/configure_wifi: /tmp/sd/mijia-720p-hack.cfg: line 71: WIP: not found Configure WiFi Configure Cloud Services /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 4: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 5: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 9: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 12: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 14: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 17: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 23: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 25: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 31: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 33: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 43: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 45: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 47: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 49: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 61: : not found /tmp/sd/mijia-720p-hack/scripts/cloud_control: /tmp/sd/mijia-720p-hack.cfg: line 71: WIP: not found Stopping restartd...killall: restartd: no process killed Disabling Cloud Disabling miio_client Disabling miio_client_helper_nomqtt.sh Disabling miot_devicekit Disabling miot_qrcode.sh Disabling miio_smb Disabling logmi.sh Disabling Cloud Streaming Disabling miio_avstreamer Disabling OTA Disabling miio_ota Executing /mnt/data/test/boot.sh Starting telnetd: OK Starting web server OK Starting RTSP server OK ntpd: bad address 'pool.ntp.org' handle_light_state() Blue: flashMode = 0, brightness = 80 handle_light_state() Red: flashMode = 0, brightness = 0

haimn commented 6 years ago

@Transylvanier did you try to change the SSID to something without special marks? Try something without the !

ghoost82 commented 6 years ago

Putting all strings in quotes should fix your issues.

JacquesLeJacques commented 6 years ago

Hello,

I'm experiencing a similar issue. The hack is installed on a 16go sd card, formated in fat32. The firmware version is: 3.3.6_20170704113

The hack seams to work: Mi home app tells me that my "Device is offline" anyway I can control the camera and watch it via the app, but I can´t access to it via http/ssh/telnet/rstp

I enabled the log ENABLE_SYSLOG=1 flag, but the folder remains empty too.

Here is my config file:

Password for root user, needed for SSH server and Samba R7W access

ROOT_PASSWORD="password"

Set WIFI STA SSID, when empty no configuration is done

WIFI_SSID="SSID1234" WIFI_KEY_MGMT="WPA2-PSK"

Set WIFI STA password

WIFI_PASS="WifiPassword"

Set timezone -> http://svn.fonosfera.org/fon-ng/trunk/luci/modules/admin-fon/root/etc/timezones.db

TIMEZONE="CET"

Prefered NTP server

NTP_SERVER="pool.ntp.org"

Start syslog (0/1)

ENABLE_SYSLOG=1

Total Disconnect from Xioami servers, includes disable of streaming and OTA updater (0/1)

DISABLE_CLOUD=1

Manage the camera via cloud but don't stream anything outside your network (0/1)

DISABLE_CLOUD_STREAMING=1

Manage the camera via cloud but prevent online updates (0/1)

DISABLE_OTA=1

Start telnet server at system boot (0/1)

ENABLE_TELNETD=1

Start SSH server at system boot (0/1)

ENABLE_SSHD=1

Start web server at system boot (0/1)

ENABLE_HTTPD=1

Start FTP server at system boot (0/1)

ENABLE_FTPD=0

Start samba server at system boot (0/1)

ENABLE_SAMBA=0

Start local streaming server at system boot (0/1)

ENABLE_RTSP=1

Disable the execution of the hack scripts (0/1)

DISABLE_HACK=0

Use custom english sound files (0/1) WIP

SOUND_EN="1"

What did I miss ?

Thank you for your help and advice !

bmwm69 commented 6 years ago

For disable all settings with "DISABLE_xxx" you need change it for "0"

JacquesLeJacques commented 6 years ago

I formated/reinstalled, and now I can get a log file. That's strange, there is an error saying that it cannot change the root password because it doesn't match / too weak, but I'm using the default root password.

Also there is an error: "/etc/init.d/S10mdev"

When I'm trying to connect via web, ssh, telnet or rtsp I have a timeout error.

Here are the log file: Mijia 720P hack configuration ROOT_PASSWORD=1234qwer WIFI_SSID=SSID WIFI_PASS=PASSWORD TIMEZONE=UTC NTP_SERVER=pool.ntp.org ENABLE_SYSLOG=1 DISABLE_CLOUD=1 DISABLE_CLOUD_STREAMING=1 DISABLE_OTA=1 ENABLE_TELNETD=1 ENABLE_SSHD=1 ENABLE_HTTPD=1 ENABLE_FTPD=0 ENABLE_SAMBA=0 ENABLE_RTSP=1 RTSP_OPTIONS= SOUND_EN=0 /mnt/data/imi/imi_init/_S01logging: line 19: /etc/init.d/S10mdev: not found Starting logging: OK Configure time zone Setting root password Changing password for root New password: Bad password: too weak Retype password: Passwords don't match passwd: password for root is unchanged Setting Samba root password Failed to load upcase.dat, will use lame ASCII-only case sensitivity rules Failed to load lowcase.dat, will use lame ASCII-only case sensitivity rules Configure WiFi Configure WiFi Configure Cloud Services Stopping restartd...killall: restartd: no process killed Disabling Cloud Disabling miio_client Disabling miio_client_helper_nomqtt.sh Disabling miot_devicekit Disabling miot_qrcode.sh Disabling miio_smb Disabling logmi.sh Disabling Cloud Streaming Disabling miio_avstreamer Disabling OTA Disabling miio_ota Executing /mnt/data/test/boot.sh Starting telnetd: FAIL Starting SSH server OK Starting web server OK Starting RTSP server OK ntpd: bad address 'pool.ntp.org ' handle_light_state() Blue: flashMode = 0, brightness = 80 handle_light_state() Red: flashMode = 0, brightness = 0

any idea?

bmwm69 commented 6 years ago

You have special characters in SSID or Password?

JacquesLeJacques commented 6 years ago

No, only Lower/Upper case and numbers It also doesn't respond to ping

JacquesLeJacques commented 6 years ago

Is there a way to attribute the camera a static ip in the conf file?

lamorada commented 6 years ago

Hi, firmware 3.3.6_2018051810. Hack doesn't work?

If there a way to downgrade firmware?

Thanks.

aachurin commented 6 years ago

Hi. Just put tf_recovery.img to the root of SD. Here you can download 3.3.6_2017080313: https://4pda.ru/forum/dl/post/10902971/tf_recovery.img You must sign in to download file.

lamorada commented 6 years ago

Hi. Just put tf_recovery.img to the root of SD. Here you can download 3.3.6_2017080313: https://4pda.ru/forum/dl/post/10902971/tf_recovery.img You must sign in to download file.

I cant't download the file from this site. Can you put the file in other site to download? Thanks a lot.

pekidi commented 6 years ago

hi,

try here and report http://c720p-recovery.pekidi.com/

please use qbittorrent or utorrent app

lamorada commented 6 years ago

Hi,

i did a downgrade the firmnware and the hack worked perfectly.

Thanks.

pekidi commented 6 years ago

great

ghoost82 commented 6 years ago

I had some time to have a look at the latest firmware update. Looks like the way the hack is enabled at the first boot is not working anymore. DSo at the moment the downgrade is the only possible way to get the hack running. Once the hack is running it will running even after a firmware update to 3.3.6_2018051810

ragnitos commented 6 years ago

Hi, I'm trying to download firmware 3.3.6_2017080313, but the torrent file is not getting any peer. Is there any place I can download it from? Thanks.

pekidi commented 6 years ago

@ragnitos Hi I just tried it to download file from C720p-recovery and upload it to qbittorrent client and download just went fine.

regards -D

ragnitos commented 6 years ago

Thank you. Was my Sinology client. I used a windows client for torrent and work well.

pekidi commented 6 years ago

@ragnitos Just copy tf_recovery.img file to root of sd card put it back to camera and turn it on. Wait approx 5-10 min and u are ready to use downgrade firmware. But be aware that this firmware is in chinese language. If some has english version he can give it to me and i will share it to all.

yayitazale commented 5 years ago

Hi!

I donwloaded the recovery but it is not downgrading, I have the MIXJ04CM version, 32Gb SD card FAT32 and tried both 3.3.6_2017071114 and 3.3.6_2017080313 with no succes.

Any clues?

Thanks!

fliphess commented 5 years ago

Can you try with an SD card below 32GB? I've heard several people having issues with SDHC and or 32GB cards.

yayitazale commented 5 years ago

Can you try with an SD card below 32GB? I've heard several people having issues with SDHC and or 32GB cards.

I have tried with a 32GB, 16GB and 8GB with no succes. Not only that, now I can't see anything on the MI app on the phone. I can connect to the camera but the motor control fuction, audio, and video is not working...

gr3k commented 5 years ago

I have tried to downgrade MJSXJ01CM firmware from C720p-recovery and this is my results:

c720p files: 'Release number 3.3.6_2017071114.zip' - can't connect to camera .only ping is working - hacks doesn't work 'Release number 3.3.6_2017080313.zip' - can't connect to camera .only ping is working - hacks doesn't work tf_recovery.img - this firmware is working. its 201709 ... I can connect using Xiaomi App. hacks doesn't works - v 0.95

Any idea how to resolve it? I only have few ideas. 1) I need to try with hack v 0.90 a 2) After firmware downgrade and restart camera to factory reset, its needed to setup camera first with Xiaomi App, or Hacks should working without them. ? I found somewhere that old firmware's need to have old Xiaomi App to set them without QR codes.

fliphess commented 5 years ago

Did you compile the binaries? After 0.90 the binaries were removed from the repository, so you have to build it yourself or use the tgz file in the release.

ighorn1 commented 5 years ago

Hello my MJSXJ01CM have the same issue like gr3k I tried different combinations, the hack is running but rtsp sshd and telnet are not working.

vladimirovsan commented 5 years ago

Hello, my MJSXJ02CM has the same problem. I tried different combinations, the hack works, but rtsp sshd and telnet do not work.

morlenxus commented 4 years ago

The hack still works! You need to go back to an older firmware (i was at most recent version). I did use the one from the torrent which is already extracted (tf_recovery.img).

ghoost82 / mijia-720p-hack