-
FLIR E4 Wifi Resolution and Menu Hack Thread
Posted by
DaveWB
on 04 Apr, 2017 06:23
-
Hi all,
I was told because of the hardware change to start a new thread here for the new FLIR Wifi units. I received my Wifi unit and successfully connected via RNDIS. I attempted the 2.3.0 regular E4 hack and received the error in the JPEG. I also had done a full backup before hand which I am attaching here. If anyone would be interested in using TeamViewer to take a peak into the unit or if there is any information anyone needs let me know.
Firmware 3.5.0
edit: files wouldn't attach, so I uploaded them here:
https://ufile.io/v878aDaveWB
UPDATE: @Bud has done it! See here:
Post 1336326UPDATE: I have created a new tutorial video here:
https://youtu.be/y3_wKq6V6i8
-
#1 Reply
Posted by
Chanc3
on 04 Apr, 2017 06:26
-
Did you try the 2.11 hack? Can you upload the backup anywhere?
Sent from my ONE A2003 using Tapatalk
-
#2 Reply
Posted by
DaveWB
on 04 Apr, 2017 06:28
-
Yes I just tried the 2.3.0(which came after 2.11.0) hack per the picture above, I just uploaded the backup.
-
#3 Reply
Posted by
Chanc3
on 04 Apr, 2017 09:34
-
The 2.11.0 hack came after 2.3.
-
#4 Reply
Posted by
DaveWB
on 04 Apr, 2017 15:05
-
You are right, that's my bad. However yes it was the 2.11.0 hack.
-
#5 Reply
Posted by
joe-c
on 04 Apr, 2017 19:06
-
Firmware 3.5.0
I guess no previous hack will work.
how the WIFI works? is the camera accessible over Telnet like USB?
can you stream the camera image (WIFI Camera)?
-
#6 Reply
Posted by
DaveWB
on 04 Apr, 2017 22:40
-
Firmware 3.5.0
I guess no previous hack will work.
how the WIFI works? is the camera accessible over Telnet like USB?
can you stream the camera image (WIFI Camera)?
The wifi isn't that great, the camera can create a wifi network or also join your local network. I can detect the camera created network on my computer but it will never seem to connect. The camera will connect to my home wifi and the FLIR will show up in FLIR Tools with an option to stream but I believe some type of firewall is blocking it from streaming or getting pictures off the camera. I was able to access the files via RNDIS on the camera with the Temporary RNDIS file in FlirInstallNet, however I am unsure of how to use telnet so I cannot answer that question.
-
#7 Reply
Posted by
Chanc3
on 05 Apr, 2017 10:53
-
Firmware 3.5.0
I guess no previous hack will work.
how the WIFI works? is the camera accessible over Telnet like USB?
can you stream the camera image (WIFI Camera)?
The wifi isn't that great, the camera can create a wifi network or also join your local network. I can detect the camera created network on my computer but it will never seem to connect. The camera will connect to my home wifi and the FLIR will show up in FLIR Tools with an option to stream but I believe some type of firewall is blocking it from streaming or getting pictures off the camera. I was able to access the files via RNDIS on the camera with the Temporary RNDIS file in FlirInstallNet, however I am unsure of how to use telnet so I cannot answer that question.
Looking through the files briefly, there is a file called "MaxResolution.txt". It's currently set to 80, however if you change that and then run the hack does it do anything?
-
#8 Reply
Posted by
joe-c
on 05 Apr, 2017 18:12
-
If the E4 is in RNDIS only, you don’t can stream. But if RNDIS over Wifi has the same functionality, you can use EX-Tools (link in my footer) and connect to it. Then you should be able to change settings and download images. I had a function called "RNDIS Grab Screen". Maybe you can use this to get a image, but that way is slow.
If the Camera is connected you can change the USB Mode to "RNDIS_UVC" maybe the camera can stream after a reconnect.
And the "Maxresolution" can be ignored, on a hacked and working camera it has 80 too. Maybe it's just some Debug output or something else. The Hack work with config.cfc and the common_dll.dll, so changes of these files has to be analyzed.
-
#9 Reply
Posted by
DaveWB
on 05 Apr, 2017 18:40
-
When I was testing it, it was in MSD mode. The stream button was highlighted in FLIR Tools, however it seemed to never do anything after clicking it. I will try EX-Tools later tonight and see if that gets it going.
If you look at my first post the screenshot says that the error occurs at line 80, does this give any relevant information as to what it is getting caught up on?
-
#10 Reply
Posted by
TheSteve
on 05 Apr, 2017 20:05
-
I don't own an E4 but have been reading up on the hack. I have read that the patch to common_dll.dll is to remove a signature check. Does anyone have a copy of the 2.11.0 dll before and after the patch has been applied. Then we can take a look at the common_dll.dll from version 3.5.0 and see if it just needs the offsets tweaked. I believe this was all that was needed to update the hack from 2.3.0 to 2.8.0.
I'm happy to have a peak at it if the files are easy to get.
-
#11 Reply
Posted by
DaveWB
on 05 Apr, 2017 20:56
-
I will get these files on here later tonight when I get home.
-
#12 Reply
Posted by
DaveWB
on 06 Apr, 2017 03:32
-
I don't own an E4 but have been reading up on the hack. I have read that the patch to common_dll.dll is to remove a signature check. Does anyone have a copy of the 2.11.0 dll before and after the patch has been applied. Then we can take a look at the common_dll.dll from version 3.5.0 and see if it just needs the offsets tweaked. I believe this was all that was needed to update the hack from 2.3.0 to 2.8.0.
I'm happy to have a peak at it if the files are easy to get.
Attached are the requested files, I sorted them in different folders to make it a little easier. This is from a 2.11 camera.
-
#13 Reply
Posted by
TheSteve
on 06 Apr, 2017 04:27
-
If I suggest a patch to common_dll.dll and it turns out to be incorrect what are the ramifications? Will it brick the camera? I had a look at the 2.11 regular and patched dll files. There are 2 byte changes. I found similar routines at slightly different offsets(this is to be expected) in the 3.5.0 file. I can attach a patched file but I don't want to brick someone's camera. The best way would be a full disassembly but comparing previously patched files like this often works when patching new versions of previously patched routines.
-
#14 Reply
Posted by
DaveWB
on 06 Apr, 2017 04:32
-
If I suggest a patch to common_dll.dll and it turns out to be incorrect what are the ramifications? Will it brick the camera? I had a look at the 2.11 regular and patched dll files. There are 2 byte changes. I found similar routines at slightly different offsets(this is to be expected) in the 3.5.0 file. I can attach a patched file but I don't want to brick someone's camera. The best way would be a full disassembly but comparing previously patched files like this often works when patching new versions of previously patched routines.
If the wrong common_dll.dll is on there it will just show a screen with no cursor or menu, however the original dll can easily be put back on so no worries about testing this out.
-
#15 Reply
Posted by
TheSteve
on 06 Apr, 2017 04:40
-
OK, here is a patched version of common_dll.dll for version 3.5.0
No warranty, use at your risk - hopefully it's easy to copy the file to the cam.
I assume the other file needs to be updated too but I doubt it has changed.
edit - patched dll removed for now. If there is someone who knows how to package this please let me know.
-
#16 Reply
Posted by
DaveWB
on 06 Apr, 2017 04:45
-
OK, here is a patched version of common_dll.dll for version 3.5.0
No warranty, use at your risk - hopefully it's easy to copy the file to the cam.
I assume the other file needs to be updated too but I doubt it has changed.
The other file that would need to be modified is the conf.cfc, I am not sure how to modify that without using the python script
-
#17 Reply
Posted by
TheSteve
on 06 Apr, 2017 04:56
-
That is beyond what I can do tonight. Hopefully someone else can package it up into the patch script to give it a try. Perhaps I will remove the attachment for now. If there is someone who want to give it a try though I can email it to them. I don't want a bunch of people downloading a useless or bad file.
-
#18 Reply
Posted by
DaveWB
on 06 Apr, 2017 05:11
-
That is beyond what I can do tonight. Hopefully someone else can package it up into the patch script to give it a try. Perhaps I will remove the attachment for now. If there is someone who want to give it a try though I can email it to them. I don't want a bunch of people downloading a useless or bad file.
Attached is the common_dll.dll.delta file that is in the 2.11 hack pack
-
#19 Reply
Posted by
TheSteve
on 06 Apr, 2017 05:43
-
delta file updated for the addresses changed in 3.5.0
-
#20 Reply
Posted by
DaveWB
on 06 Apr, 2017 06:00
-
delta file updated for the addresses changed in 3.5.0
Well the python script is still giving the same exact error as post #1, however I was able to upload the common_dll.dll you uploaded earlier into the camera and the camera seems to be fully functioning, I think the next step is I'm going to try to find out how the conf.cfc is working, edit my .cfc the same way, upload it to the camera and see how that works.
Thanks for your help so far!!
-
#21 Reply
Posted by
DaveWB
on 06 Apr, 2017 06:26
-
Does anyone know what this means? This is where the python script is getting caught up
assert found, "UNKNOWN %s: digest/len is %s" % (name, h)
-
#22 Reply
Posted by
TheSteve
on 06 Apr, 2017 07:30
-
Yep, it failed the SHA256 checksum. updated patch file sent, fingers crossed it all works!
-
#23 Reply
Posted by
brunner
on 06 Apr, 2017 08:00
-
Hi,
first for all, great work Guys, i´ve already Hacked a old Flir E4 Years ago.
Now i have a new Flir E4 2.0 L with Software 3.5.0. is it possibly to do the resolution hack and how does it Work?
Thx!
-
#24 Reply
Posted by
Chanc3
on 06 Apr, 2017 11:10
-
Hi,
first for all, great work Guys, i´ve already Hacked a old Flir E4 Years ago.
Now i have a new Flir E4 2.0 L with Software 3.5.0. is it possibly to do the resolution hack and how does it Work?
Thx!
Did you not read anything above?