Not work with 2.1.1_0002.0515

[hzx1987227]

Hi

Thanks for your awesome mods.

I tried use the hostname trick but not worked. (2.1.1_0002.0515)

Any idea please?

[mcchas]

It's hard to say without seeing the firmware. Does telnet not respond?

I've only tested 2.0.9_0005 and 2.0.6_0003. I ordered another a couple of weeks ago and it arrived with 2.0.9_0005. If you are only interested in Homekit I don't see any need to update them.

If you connect the serial console and watch the boot logs, you should be able to see the sh: hostname: not found message.

If not, it depends how they changed the firmware but my guess is they added the hostname busybox command to fix the error message in the logs. Which means/mnt/sdcard may still be in the PATH environment variable. There is a good chance there will be another system command to a missing binary (like with hostname). Searching for strings in the firmware could be used to identify and list commands executed, then create a file/link using every one of these names. You might need to play around with different camera functions to get the command to fire but you might just get lucky.

[hzx1987227]

Thanks for your reply.

The telnet just not respond.

https://github.com/niceboygithub/AqaraCameraHubfw/raw/main/G2H/2.1.1_0002.0515_ota/ota.bin

Here is the 2.1.1 ota bin file but nothing found.

May be i shoud order a new one...

[mcchas]

The ota.bin looks like an incremental update and doesn't look like it changes hostname. The call in the camera binary is still there but the symlink may have been fixed.

_ota.bin.extracted$ strings camera  |grep hostname
...
set hostname: 
hostname "%s"

However, who ever created that repo (@niceboygithub) may have cracked the root password 09qjuS@3. so there is no need to find another way just yet..

You can connect to the serial console via the USB port as described in my README. Use an old micro USB cable and splice ground (black) and cut and connect the D+ (white) and D- (green) lines to TX and RX on a 3.3v UART (like a raspberry pi or FTDI adapter) and you can open the console using screen screen /dev/tty.<yourdevice> 115200 and log in as root and run the hostname script manually.

[hzx1987227]

Hi,

I tried use TTL2USB read the boot log.

USB CABLE <=====> TTL2USB

red => 3.3v output

white => TXD

green => RXD

black => GND

But no data showing up. (Currently i use the homekit mode , may be i need factory reset?)

May be the new firmware disabled the TTL output?

[mcchas]

You will need to supply 5V to the camera - this diagram will make more sense. I am not sure of the polarity for TX and RX but you can try both ways until you see data

[niceboygithub]

1. I tested mcchas’ method in 2.1.1_0002.0515 to run hostname in /mnt/card. It still works. (mcchas did the great job)
2. About TTL-Uart connection, I suggest that use the original USB power supply, and connect TX, RX, GND to USB2UART.
3. The password is from @zvldz.

[mcchas]

Thanks for testing @niceboygithub - if the method still works, @hzx1987227 can you confirm if your hostname file is in the root directory of your SD card and the card is formatted as FAT32?

[hzx1987227]

Hi,

I replace the tf card with new one and formatted as FAT32 and it worked perfect !!!

(The old tf card is 8GB, also formatted as FAT32 , can access from desktop PC, but not work.)

Thank you guys! @niceboygithub @mcchas

[rezmus]

3. The password is from @zvldz.

nope ;)

[Topereb]

You will need to supply 5V to the camera - this diagram will make more sense. I am not sure of the polarity for TX and RX but you can try both ways until you see data

@niceboygithub @mcchas Please help me restore the camera, it lights up red and does not load. there is a dump file

[Topereb]

@niceboygithub @mcchas Please help me restore the camera, it lights up red and does not load. there is a dump file