News:

Registered a URL and setup a forum as the IPCam stuff really needed its own site vs my irregular blog posts about IPCam hacking at http://www.computersolutions.cn/blog

Author Topic: Region lock fix  (Read 312 times)

  • No avatar
  • *****
July 14, 2017, 03:08:48 am
From my page here - http://www.computersolutions.cn/blog/2016/09/xiaomi-camera-bs-region-locking-fix/

Essentially -

Enable telnet.
Login.
Kill the watchdog, and kill the camera app.
rename the api call to check the country.

-----
Create a folder named test on an SD card.
Create a plain text file called equip_test.sh in that folder, and add the following bash script:

Code: [Select]
#!/bin/sh
# Telnet
if [ ! -f "/etc/init.d/S88telnet" ]; then
echo "#!/bin/sh" > /etc/init.d/S88telnet
echo "telnetd &" >> /etc/init.d/S88telnet
chmod 755 /etc/init.d/S88telnet
fi
dr=`dirname $0`
# fix bootcycle
mv $dr/equip_test.sh $dr/equip_test.sh.moved
reboot

The script will enable telnet on the camera, and then rename the script so it doesn’t run again on the next boot.

Stick the prepared card into the camera, power on, and it should reboot (twice).
If you check the open ports on the camera ip you should now see port 23 (telnet) is open.

Login with the default user/pass (as below) via telnet

User: root
Password: 1234qwer

Once telnet’d in, enter the following, line by line –

Find and kill the watchdog process

killall watch_process

Find and kill /home/cloud process so we can edit it without the watchdog watch_process restarting it

killall cloud

Change the check within /home/cloud executable to query a fake domain so it never returns a failure, then reboot.


Code: [Select]
sed -i 's|api.xiaoyi.com/v4/ipc/check_did|api.xiaoyi.foo/v4/ipc/check_did|g' /home/cloud
reboot