Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Connecting to WiFi without a QR code #52
I'm keen & able to make a PR for this, but wanted to broach the topic first to get your thoughts, @TheCrypt0.
When setting up a Yi camera and plugging in (temporary) wifi details to the app, I noticed that the QR code requires Internet access to be generated. That's pretty concerning since your credentials are being sent into the ether, but also it's cumbersome as setup/changing details is a fiddly manual process (I like automation) but also dependent on their app.
I've got no interest in using their app so as an alternative, one can bypass the
ifconfig wlan0 up sleep 1 /home/base/tools/wpa_supplicant -c/tmp/sd/yi-hack-v4/wpa_supplicant.conf -g/var/run/wpa_supplicant-global -iwlan0 -B & /home/app/script/wifidhcp.sh &
and tada, wifi with no QR code needed. Obviously, things could be a lot better via init.d scripts or the like (and
(Thanks for all the work you're doing on this btw!)
Funnily enough i have been working on something similar this afternoon.
I have been reading the wiki on https://github.com/TheCrypt0/yi-hack-v4/wiki/Reverse-Engineering-the-QR-Code as I was not wanting to install the YI app and bugger about with region locking.
I also stumbled upon some open vulnerabilities in the camera's QR reading software. https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0572
You will notice that it states the application does not send the SSID or the password to the YI server or over the network, the image and encryption is created locally on your phone.
I currently have a hacky c# application that builds the encoded string that allows the camera to connect to WIFI, however as it cant verify me as I do not have a YI account or valid Bind ID (I'm using 0000001), on next power up it wont connect to wifi until I show it the QR, but your idea does mean i could bypass that and never need to use the YI app from initial purchase to using the device.
Interesting reading, thanks for the link on the vuln report. Good to know the SSID/key aren't being shared but that's proof that the QR scanning is best avoided (and disabled). In any case, the idea of having the camera 'just work' after flashing an SD card is what I'm hoping to achieve