Difference between revisions of "OYO Hacking"
(→The easy way) |
(→The easy way) |
||
Line 80: | Line 80: | ||
Otherwise, anyone on the network will be able to SSH into your reader. | Otherwise, anyone on the network will be able to SSH into your reader. | ||
+ | |||
+ | === Further steps === | ||
+ | |||
+ | You will probably want to enable Dropbear always, not just when the MicroSD card is inserted at boot. To change this, copy the keys to a location directly on the device (use <code>/mnt/etc</code> instead of <code>/etc</code>!) and edit <code>/mnt/etc/inittab</code> to reflect the new location. | ||
== Getting root == | == Getting root == |
Revision as of 17:36, 10 February 2013
Projects | |
---|---|
Participants | Arda Xi, The JinX |
Skills | |
Status | Active |
Niche | Software |
Purpose | Fun |
All information on modding/hacking the OYO E-reader
Contents
Hardware
CPU Info
Processor : ARM926EJ-S rev 5 (v5l) BogoMIPS : 199.47 Features : swp half fastmult edsp java CPU implementer : 0x41 CPU architecture: 5TEJ CPU variant : 0x0 CPU part : 0x926 CPU revision : 5 Cache type : write-back Cache clean : cp15 c7 ops Cache lockdown : format C Cache format : Harvard I size : 16384 I assoc : 4 I line length : 32 I sets : 128 D size : 16384 D assoc : 4 D line length : 32 D sets : 128 Hardware : SMDK2416 Revision : 0000 Serial : 0000000000000000
Files
To download
- Firmware: File:Oyofw.tar.bz2
- Thalia Sources SG060B00_V009.tgz
On the system
- QBookApp settings: /rwdata/settings/QBookApp.ini
- Browser startup page: /usr/local/qisda/etc/index.html
Installed Apps
To run Qengineer (diagnostics): Kill linuxrc, then qbookapp, then run /qdutil/em/start /qdutil/em/QEngineer
The easy way
While messing around with serial and getting stuff working is a lot of fun, it's also quite cumbersome. So I have modified the firmware to make this process easier.
First, download the firmware from this wiki: File:Oyofw.tar.bz2
Unpack the archive to the root of your microSD card.
Install dropbear on your local machine. (Consult your distribution's documentation if you need help.)
Run the following command:
dropbearkey -t dss -f dropbear_dss_host_key && dropbearkey -t rsa -f dropbear_rsa_host_key
Copy the generated files (dropbear_dss_host_key
and dropbear_rsa_host_key
) to the root of your microSD card.
Turn off your OYO and insert the microSD card.
While holding the previous page and next page buttons, turn on your OYO. Keep holding these buttons until Update OS
appears on your screen.
Wait until the OYO asks you to reboot the device.
After the reboot, enable WLAN and note the IP.
You should now be able to SSH into your device, using the username root
and the password SReader
.
Warning: You should now set your root password to something secure using the following commands.
passwd
cp /etc/passwd /mnt/etc/passwd
Otherwise, anyone on the network will be able to SSH into your reader.
Further steps
You will probably want to enable Dropbear always, not just when the MicroSD card is inserted at boot. To change this, copy the keys to a location directly on the device (use /mnt/etc
instead of /etc
!) and edit /mnt/etc/inittab
to reflect the new location.
Getting root
The Frank's wiki page above is quite useful, but a lot of data is outdated and/or unnecessary. The following is a simple guide to do whatever you like to your OYO.
First, you will want to run the following command to get your kernel to accept the OYO as a serial device.
sudo modprobe usbserial vendor=0x0525 product=0xa4a6
or
sudo modprobe usbserial vendor=0x0525 product=0xa4a5
(Check with lsusb)
To get your OYO to behave like a serial device, grab a MicroSD card, create a file called usbdebug
on it, put it into your OYO and reboot it while having it attached to your computer.
touch usbdebug
After the OYO has booted, you will want to open a serial connection to it.
sudo picocom --b 115200 --f n --p on --d 8 /dev/ttyUSB0
If you get the following error: FATAL: failed to config device /dev/ttyUSB0: Cannot set the device attributes: Invalid argument
Make sure you have the correct usb device id 0xa4a6 or 0xa4a6. And try reloading the usbserial module:
-
rmmod usbserial
-
sudo modprobe usbserial vendor=0x0525 product=0xa4a5
(or 0xa4a6)
If you get garbage, you can try the following:
- Keep pressing enter until you get a prompt like this.
- do a
sudo killall -9 picocom
, and asudo cat /dev/ttyUSB0
and press cltr-c. And start over with picocom. You might need to reload the usbserial module here. - If this doesn't help, try rebooting your machine or a different machine, this 'feature' is flaky, it's why you want an sshd.
Samsung login:
You can then login, using the login root
and the password SReader
.
At this point, I suggest changing the root password.
passwd
Because the device copies the content of /mnt/etc
to /etc
an extra step is required.
cp /etc/passwd /mnt/etc/passwd
Installing dropbear (SSH)
More information
- Links: Revspace wiki
- Shell access and more: Franks Wiki
- Info/sources: OpenInkpot
- oyohack wiki: Gitorious