Abdul Rahuman's blog

Sunday, December 7, 2014

Wink hub Shell access through UART

This post is a continuation of my Part 1. If you have bricked your device or want to access the shell follow the steps below,

1. Open the device and look for the UART pins and solder a 4 pin header as i have done. My idea was to leave it permanently so i can have access when needed. Red dotted box on the below picture shows that i have soldered the 4 pin header to the UART pins.

2. Use an FTDI board to connect the wink to your USB port of your computer. The pin on your FTDI board will vary depends on your board. But your should connect like shown below,

WINK GND <--> FTDI GND

WINK TX <--> FTDI RX

WINK RX <--> FTDI TX

WINK 3v3 <--> FTDI 3v3 (optional)

if you are using a board similar to mine make sure your jumper is set to 3v3 not on 5v.

3. Install the required FTDI driver from the FTDI website. Now connect your USB to your computer ( i am using a mac). If you have installed the right driver you will see the USB UART setup under System Preferences -> network (like shown below).

4. Click on the "Advanced" button and try to match the values like given in the screenshot below,

5. Now Click Ok.

6. Install a Program named Z-Term(which in my opinion is lot better than screen) and select our FTDI network.

7. You have completed all your work, now connect the power supply to the wink hub and you should see the wink hub's console booting messages on your screen.

8. If you want to change any setup the zigbee interrupts won't allow you to open any file using any editor(which will keep overlaying your screen). So i did a "ps -ef" and found the zigbee services and did a "kill -9 ". Now no more interrupts and you are free to make your changes.

9. For rebooting if you did a power recycle it was not saving my changes, so i used the "reboot" command to reboot the wink hub.

10. Good luck and i hope it will be helpful for someone who might have bricked their hub with a flashing pink.

Sunday, November 30, 2014

How to root your WINK hub - Step by Step tutorial

Recently bought a WINK hub on a sale from Homedepot almost for free on the Blackfriday sale. I liked the concept since it supports multiple radios like Zigbee, Z-Wave, Lutron 433, Kidde 433, Bluetooth & Wifi. I already own a Vera 3 and i wanted to use this as a secondary controller by rooting the hub. Vera3 is extremely good and reliable except the UI but it only supports Z-Wave which made me think why can't i hack this free device as my secondary controller and use some of the cheap Zigbee devices available in Lowes like their Door Sensor, Panic Button, etc.

I searched and found very few sites that talks about rooting this hub but the steps were not clear. So i thought of putting my own steps,

#1. Looks like the Wink team has left some of the development debugging pages on the production release, which we will be leveraging to take control on this hub.

#2. After purchasing the hub DO NOT CONNET to the internet which will make the hub download the latest firmware where they have fixed the issue.

#3. Plugin the hub ( Don't worry it won't connect to the Wink Servers yet). Wait for the flashing pink lights to come up.( green -> flashing pink).

#4. Now connect your laptop to the Wifi SSID name WINKHUB-*

#5. Trying hitting the following url from your browser and make sure sure it works.

http://192.168.0.1

and you should see this "home page". Perform the below steps while you are still connected to the hub.

#6. I am using Mac, so i opened a terminal and issued a curl command as given below to disable the root account's password.

curl "http://192.168.0.1/set_dev_value.php" -d "nodeId=a&attrId=;cp /etc/shadow /etc/shadow.bak;sed -i 's/root:.*:$.*:.*:.*:.*:::$/root::\1/' /etc/shadow;cat /etc/shadow;"

This will take a minute so please be patient.

#7. Generate a ssh key now by typing the following commands on a terminal window,

$ssh-keygen -t rsa

press the enter key to accept the default location
Type a passphare when it prompts and confirm it by entering the passphare second time. Now the system generates the ssh key as shown below.

Your identification has been saved in /Users/username/.ssh/id_rsa.
Your public key has been saved in /Users/username/.ssh/id_rsa.pub.
The key fingerprint is:
bf:49:7f:cb:85:da:5a:f4:7c:1f:cc:23:dd:cc:55:f8 username@mac.local
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . |
| A . |
| . . o |
| o . . G . |
| + + o . + |
|. o o = o + |
| o...o + o |
|. oo.o . |
+-----------------+

#8. Now copy all the contents of your id_rsa.pub file(/Users/username/.ssh/id_rsa.pub) and encode the content using any of the online encoder. I used http://meyerweb.com/eric/tools/dencoder/

#9. Copy the encoded content from the website and issue the following curl command from the terminal prompt as below(after replacing the your_encoded_key ) to add your ssh key to the hub.

curl "http://192.168.0.1/set_dev_value.php" -d "nodeId=a&attrId=;echo 'your_encoded_key' >> /root/.ssh/authorized_keys; cat /root/.ssh/authorized_keys;"

If the command is successful, it will list 2 rsa keys including the one that you just added.

#10. Try to ssh into the hub using

root@192.168.0.1.

#11. Now try editing the set_dev_value.php using,

$ vi /var/www/set_dev_value.php

comment the line that starts with $cmd and add a new line as given below

$cmd = 'aprontest -u -m ' . $nodeId . ' -t ' . $attrId . ' -v ' . $v;

if you have done it correctly the file should look like this,

$nodeId = $_POST['nodeId'];
$attrId = $_POST['attrId'];
$v = $_POST['value'];

//$who = exec('whoami');
//echo $who;
//passthru("sudo ls", $retval);

//echo "nodeId=" .$nodeId . " attrId=" . $attrId . " value=" . $v;
//$cmd = 'sudo ' . dirname(__FILE__) . '/php2apron set_value ' . $nodeId . " " .
$cmd = 'aprontest -u -m ' . $nodeId . ' -t ' . $attrId . ' -v ' . $v;
//echo $cmd . " ";

passthru($cmd, $retval);
echo "ret_code=" . $retval;

?>

#12. We want to block the device from getting the new firmware by editing the host file located in /etc/hosts

and add the following entries in bold.

127.0.0.1 localhost
127.0.0.1 hub-api.winkapp.com
127.0.0.1 hub-updates.winkapp.com
127.0.0.1 wink-hub-images.s3.amazonaws.com
127.0.1.1 flex-dvt

#13. One more last step before we disconnect, edit the following file,

$vi /etc/init.d/S31platform

and look for the following lines,

if [ ! -e /database/oauth ]; then
rm /database/wpa_supplicant.conf
fi

and edit the rm /database/wpa_supplicant.conf to rm /database/wpa_supplicant.conf1. I tried commenting the line but ran into issue. So i end up adding a 1 at the end, since the file anyway won't be there.

#13. Disconnect the ssh or open a new terminal and add your Wifi ssid/password using the following curl command by replacing the x's with your wifi's ssid and y's with your wifi's password.

curl "http://192.168.0.1/index.php" -d '{"ssid":"xxxxxxx","pass":"yyyyyyy"}'

#14. Now try rebooting the hub if everything goes well you should see a blue light which confirms that it works and try ssh into the hub and it should work like before.

Also try accessing the device page by visiting http://your-new-hub-ip/devices.php, which you will be using to add /remove devices.

this link was very useful when i was rooting my device.

If you brick your device you will see a flashing pink. Still you can access the hub through UART which is little hard and also you need some hardware. I will post the picture and pin configuration shortly. Here is my Part 2 where you will find information about getting the shell access to the wink hub through the UART using an FTDI board.

Sunday, March 11, 2012

Replicate Salesforce Data to local MySql DB (Part 1)

Sorry about the long delay. During this time, i have switched between multiple technologies and recently involved heavily on the cloud based system like Google App Engine & Salesforce. While working on Salesforce i was looking for an application to download all my saleforce objects along with the data. There were lot of commercial app that does more than what i need with a bigger price tag. I also found some PHP based solutions fulfilling half of what i wanted. So i ended up writing my own application using Java with the following features,

Should be an command line application so that i can schedule it.
Should go through corporate firewall
I should be able to stop and start
I need to exclude objects that i don't want
Multiple download of the same objects should be avoided during retries until a configured interval is passed.

I created my Java command line application with the following command line arguments,

usage: java -cp sfdata_duplicator.jar [-cdbs ] [-csql ] [-dbh ]
[-dbp ] [-dbs ] [-dbu ] [-dte ] [-p ] [-pa
] [-pdb ] [-ph ] [-po ] [-pp ] [-pu ] [-sfe
] [-sfp ] [-sft ] [-sfu ] [-sp ] [-spr ]
[-srel ] [-stbl ]
GNU HELP
-cdbs,--create-db-schema Enable creating local schema from
local sql files
-csql,--create-local-sqlfiles Enable creating local sql files from
salesforce
-dbh,--db-host Enter the mysql host name
-dbp,--db-password Enter the mysql password
-dbs,--db-schema Enter the mysql schema name
-dbu,--db-user Enter the mysql user name
-dte,--drop-table-if-exists Drop table if already exists
-p,--enable-proxy Enable proxy[true|false]
-pa,--proxy-auth-req Is Proxy authentication required
-pdb,--populate-db Enable populating data from
salesforce
-ph,--proxy-host Enter the proxy host name
-po,--proxy-port Enter the proxy host name
-pp,--proxy-password Enter the proxy password
-pu,--proxy-user Enter the proxy user name
-sfe,--sf-endpoint Enter the salesforce
endpoint(default: sandbox)
-sfp,--sf-password Enter the salesforce password
-sft,--sf-token Enter the salesforce token
-sfu,--sf-user Enter the salesforce user name
-sp,--sql-path Enter the path to store mysql queries
-spr,--sql-prefix Enter the prefix for creating tables
in mysql
-srel,--sql-relation-file Enter the file name for storing
relation queries
-stbl,--sql-table-file Enter the file name for storing table
queries
End of GNU Help

I will go over other details in my next Part.