Open Regressor opened 9 months ago
any update ?
I desoldered flash, downloaded firmware, changed script, uploaded changed firmware and now it allow to run any script. Also I disabled OTA in firmware to prevent firmware update
@Regressor i saw you desoldered flash etc... Apparently you have more experience about flash chip. So i would like to know if my camera is KO or not because after i tested to hack the camera to add rtsp now it startn't. it is impossible to access at the uboot part i think i corrupted the boot part of flash because i have in uart this :
IPL g2cd6de2 D-01 64MB BIST0_0001-OK Load IPL_CUST from NOR offset:00010000 IPL_CUST header failed! Disable MMU and D-cache [HALT]
Hello @Regressor, could you share the files you used to flash it? Also if you could give us an help on how to do it, it would be really appreciated, i have same camera, and i would like to integrate it on HA. Thanks
@Regressor i saw you desoldered flash etc... Apparently you have more experience about flash chip. So i would like to know if my camera is KO or not because after i tested to hack the camera to add rtsp now it startn't. it is impossible to access at the uboot part i think i corrupted the boot part of flash because i have in uart this :
IPL g2cd6de2 D-01 64MB BIST0_0001-OK Load IPL_CUST from NOR offset:00010000 IPL_CUST header failed! Disable MMU and D-cache [HALT]
If you have same camera model just desolder chip and flash Xiaomi_c200_dump.log.
Hello @Regressor, could you share the files you used to flash it? Also if you could give us an help on how to do it, it would be really appreciated, i have same camera, and i would like to integrate it on HA. Thanks
Currently I stuck on compiling rtsp/drive applications. There was a lack of free time because of work so it stays without any movement for a month or so.
Hi @Regressor did you get the time to make a how to? I think everyone would appreciate it
I got a Xiaomi C200 camera (MJSXJ14CM) opened it and downloaded a dump from 25vq128 spi nand. It looks like they hardened factory mode. Now it looks like this:
So it checks rsa sig before running manu.sh :( I'll try to replace key inside squashfs and check if this helps... Attached dump .bin file (renamed to log)
Xiaomi_c200_dump.log