Hacking Build your own dongle (Research and development thread)

[Wierd_w]

Why do we need battery powered?

and if we go with the Piezo method, you would want it in a dongle ofc, and then have shitton of stuff making sure voltage is alright, and then putting it in the switch. I honestly think just a small ass battery, like ones inside Ipod nano would be fine, and then just have a micro usb to charge it when need be.


Which discord chat might I ask?

Attaching directly to the voltage rail of the NX mainboard might not be ideal; any number of problems could arise from such parasitism. Depends on how tighly speccd ninty made their console.
Drawing only from the USB port, and buffering with a little love from a capacitor is less likely to cause voltage drop on the mainboard.

For the piezo clicker-- yeah. Dongle--- LOTS of regulation goodies. Like I said, afraid it would nuke the NX. It would however, be smaller and lighter than a battery+charge circuit.

I mentioned it in the Hacking Meta. Seemed the most appropriate place.

 

[DeoNaught]

Attaching directly to the voltage rail of the NX mainboard might not be ideal; any number of problems could arise from such parasitism. Depends on how tighly speccd ninty made their console.
Drawing only from the USB port, and buffering with a little love from a capacitor is less likely to cause voltage drop on the mainboard.

For the piezo clicker-- yeah. Dongle--- LOTS of regulation goodies. Like I said, afraid it would nuke the NX. It would however, be smaller and lighter than a battery+charge circuit.

I mentioned it in the Hacking Meta. Seemed the most appropriate place.

Huh, it would cause problems even at a low voltage and wattage?

How much regulation would we need? would like Battery protection Chip with like all the stuff, Over/under current protection, Over/under Voltage protection, I think, be enough? what else am I missing?

Hrmmmm, We can discuss on my server if ya want, I got a switch channel in it ^^
discord.gg/gb7wnzJ

 

[jrobertdobson]

Anyone looked at the onion board? Seems to be an esp8266 sized linux board. I am using Rpi0Ws and ESPs for a lot of different things and was looking for cheaper smaller aio and found them.
Seeing that RPI work, onion should too...
Some small 100mah lipo, boost charge circuit, and onion, pretty small dongle.

 

[Wierd_w]

Anyone looked at the onion board? Seems to be an esp8266 sized linux board. I am using Rpi0Ws and ESPs for a lot of different things and was looking for cheaper smaller aio and found them.
Seeing that RPI work, onion should too...
Some small 100mah lipo, boost charge circuit, and onion, pretty small dongle.

Again, things like the vocore2 are full blown linux SoMs, and are about the actual size of a quarter. Neatly broken out IO around the perimeter. There is even a convenient USB breakout stub for doing gadget mode things, that could be used for a host-mode dongle just as well. (gadget mode is software controlled.)

There are any number of potentially viable solutions, and if somebody has the inclination and passion to pursue one, I am all for them doing it.
However, these all have similar drawbacks, in that these solutions do not come with a convenient shell enclosure, and require some level of soldering or programming on the user's part.

These A5-V11 devices come with a shell, require no soldering, and are easily end-user flashed (from a prebuilt image) without special hardware or software.

They are also super cheap. As a go-to, they make a great target. So do any number of other travel routers out there that can run linux, many of which contain useful batteries already.

 

[jj56185]

I buy this form China GuangDong. It cost me about 10 USD(70RMB) without ship.
RT5350 , 4Mbyte SPI Flash ,32M RAM,
It also has two 18650 battery.
I have already Flash a Openwrt, I will try to add the fusee-lede code later

 

[Wierd_w]

I buy this form China GuangDong. It cost me about 10 USD(70RMB) without ship.
RT5350 , 4Mbyte SPI Flash ,32M RAM,
It also has two 18650 battery.
I have already Flash a Openwrt, I will try to add the fusee-lede code later

View attachment 124856 View attachment 124857 View attachment 124858 View attachment 124859

FANTASTIC! On my end of the giant salty pond, it will take a lot longer than same day delivery though.

Let me know how it works out! If you built Retr0id's base, you should have an image that does the autoinjection already.

 

[wiiando]

Would a PS3 FSM dongle not work? from what I remember they used atmel chips diy ones at least

Same concept from when payloads were about in the early ps3 days, early jailbreak etc

 

[Wierd_w]

Huh, it would cause problems even at a low voltage and wattage?

How much regulation would we need? would like Battery protection Chip with like all the stuff, Over/under current protection, Over/under Voltage protection, I think, be enough? what else am I missing?

Hrmmmm, We can discuss on my server if ya want, I got a switch channel in it ^^
discord.gg/gb7wnzJ

Silliness inside.

Spoiler

Piezo clicker is only a hypothetical solution, I consider a battery backed dongle far more sane. I mentioned it only because it is theoretically possible, not because I think it is amazing.

As for how to protect the circuitry from the clicker, I would (try to) use a small ferrite ring that has been converted into a small wire-wound transformer. The piezo crystal has two spikes generated, a positive voltage, and a negative voltage-- because it works by pushing electrons out of their orbitals in the crystal lattice mechanically. So, when you push down on it, electrons are pushed out, and when you let go, they rush back in. This effectively makes it an AC power source, if a very inefficient one, so a transformer would work to convert its high voltage--low amperage into a higher amperage--lower voltage wave. Then you could use a rectifier of appropriate amperage, and all that fun stuff. Naturally, you would have to measure the wave properties of the clicker and do some math to determine how many winds on each part of the bead you need to get the voltage/amperage ranges you want. You would need to click it fairly quickly to get good results, but it should work.That would let you jab electricity into the capacitor reasonably safely. After that, it is just discharge control hardware, similar to the previously linked UPS. It should all easily fit on something the size of a USB stick. I am thinking-- Ferrite ring transformer lays flat, and surrounds the piezo clicker on one side of the PCB, along with a rectifier and the cap. A load resistor on a flipflop prevents the micro (and low-power status LED, indicating the micro is turned on) from turning on until enough charge has been injected into the cap to overcome it, which then triggers the flipflop, bypasses the resistor and turns on the discharge control hardware and the micro, which would be on the other side.

Or something kinda like that.

I really do not want to design such a circuit.
Please dont make me. Electrical engineering is not my thing.

Again, from a sanity perspective, battery is just way smarter. This would just not require a battery at all, might be smaller/lighter, and depending on quality of parts, might last longer.

 

[Red1Reaper]

If we talk about small battery, i think this is very small:

Spoiler

After all there is no need of a bigass battery, just a small one that can power while in rcm, right?

 

[Wierd_w]

If we talk about small battery, i think this is very small:

Spoiler

After all there is no need of a bigass battery, just a small one that can power while in rcm, right?

Exactly. That and her micro USB charger/ups circuit, and a micro controller. Or at least, something similar. For something inside the switch, a capacitor is more sane as it is less likely to get overcharged and explode/leak/catch fire.

For a dongle that you use and then remove? Battery.

 

[jj56185]

FANTASTIC! On my end of the giant salty pond, it will take a lot longer than same day delivery though.

Let me know how it works out! If you built Retr0id's base, you should have an image that does the autoinjection already.

I make the Firmware and flash it into my router. it don't work. maybe the hardware is different. I need to change the lede configuration and make it again. It toke me about 60 minutes.
I need to solder down the SPI flash and program the backup factory Firmware now.

 

[Wierd_w]

I make the Firmware and flash it into my router. it don't work. maybe the hardware is different. I need to change the lede configuration and make it again. It toke me about 60 minutes.
I need to solder down the SPI flash and program the backup factory Firmware now.

Can you not push it over uboot on the serial interface?

 

[Retr0id]

I make the Firmware and flash it into my router. it don't work. maybe the hardware is different. I need to change the lede configuration and make it again. It toke me about 60 minutes.
I need to solder down the SPI flash and program the backup factory Firmware now.

You said you had Openwrt running on it before, what version etc. did you use?

 

[jj56185]

You said you had Openwrt running on it before, what version etc. did you use?

I upload this Firmware when I received the router. upload to upgrade

 

[Wierd_w]

I upload this Firmware when I received the router. upload to upgrade
View attachment 124925

That means it is the same hardware, and you should have flashed the sysupgrade.trx that got built. (shrug)

Should still be able to push a uImage and uRamdisk over serial. The images should fit in RAM fine. That would get the dongle booting, and then you could do a sysupgrade with the trx.

 

[Kyubnyan]

He bro, what do you think about calling this thing a "TianDong 1", a whimsical take on Tiangong 1, the chinese space station? IIRC, it is still proper chinese, and translates out to "Heavenly Movement".

I think 天洞（tiandong）would be more appropriate. it is kinda like 山洞 (cave) but is a hole in the sky or heavens instead to emphasize that it's a vuln. 天动 (tiandong) would be a sentence, you could make it 天动了 (tian dongle) which means "the heavens moved".

 

[Wierd_w]

I think 天洞（tiandong）would be more appropriate. it is kinda like 山洞 (cave) but is a hole in the sky or heavens instead to emphasize that it's a vuln. 天动 (tiandong) would be a sentence, you could make it 天动了 (tian dongle) which means "the heavens moved".

I love the last one!

 

[OllieD]

If you can get a root shell on it, in theory you can still run fusee-nano - no real need to actually replace the entire firmware. You'd have to do the EHCI patch in-memory, but that can be done. If the rootfs is not writable, that would be a bit annoying since you wouldn't be able to install permanently.

Any example of how i would go about doing the EHCI Patch In-Memory?

I have a RavPower Filehub:

https://www.ravpower.com/rp-wd03-filehub-6000mah-power-bank-portable-wireless-router.html

That i feel would be an ideal device for me to use but although i could flash LEDE/OpenWrt i would loose the ability to manage the device with its app.
With the SD Card slot for payload storage and the ability to run scripts from SD at boot, if i can figure out the EHCI Patching and build Fusee-Nano i could put a package together for others who own the device.

 

[subcon959]

Some of these solutions don't appear to have any advantage over just using your phone (to me at least). Are there any that are more dongle like that don't require a cable?

 

[wicksand420]

Some of these solutions don't appear to have any advantage over just using your phone (to me at least). Are there any that are more dongle like that don't require a cable?

The one I'm trying to figure out is small enough to fit inside the switch, too bad nobody has a tutorial on how to install sam-fusee-launcher on adafruit Trinket m0