The Ex and Exx camera custom menu is a go!
Here is what I have accomplished at the time of writing this post:
- Persistence - the hack can be loaded automatically at boot time(not done yet), and it retains all the internal information at runtime, regardless how many times you close the window.
- UI elements - I have full control over the WinCE default UI, including messages and elements.
- Global keyboard/input hook - I can trigger app functionality from anywhere within the system, on any physical button or specific action(long press, quick tap, etc).
- A persistent configuration file - for storing custom settings and whatnot.
- Write access to FLIR's internal registry(which is not related to WinCE) - for enabling/disabling camera functionality, and basically anything you can do with "rset", and then some(sequencing).
- A persistent configuration file - for storing the menu's settings across reboots.
- The ability to record a short(5-10s, due to RAM limits), completely raw, radiometric image sequence to the SD card or internal flash.
What I don't have at the moment:
- Reading FLIR's internal registry - WinCE does not support pipes, and the only way to read the registry without reverse-engineering FLIR code is via "rls.exe", which outputs to either console or file(see next point).
- File read functionality - this may be a "bad code" issue, but CreateFileW simply does not want to open any files anywhere on the system except the flash root. This isn't an awful issue, but it's something to keep in mind.
- A way to convert the radiometric image sequence into an UltraMax-compatible image, either on-camera or off-camera. I don't think it makes sense to put all the code on-camera(though possible), but I will likely need help with actually creating UltraMax-compatible images. A temporary workaround is to manually do SuperResolution using something like ImageJ, ImageMagick, or Photoshop.
I have made a short video to demonstrate the hack functioning on the camera.
Please note that while I am launching this hack via telnet, the end result should be just a few file replacements(like with the regular E4 hack, but without CRCs), and a single telnet command to install the hack, making it persist across reboots without any user intervention.
In this particular case, the hack was configured to open the menu on a 2-second press of the joystick.
Let me know if there are any specific features you'd like to see implemented.