Thanks to Banggood I own two Sonoff basic devices. While the original and intended use is waiting for the local Hackspace to reopen, I thought I would take a look at hacking options. The Sonoff community is strong, and there seems to be plenty of support for Sonoff devices. Is it worth hacking Sonoff? The short answer is Yes, the long answer is below.
Hacking Sonoff basic
The reason for straight up YES is the ability to reflash the original software back on the ESP8266. This means should anything happen, you can always go back to the intended use. Here is the breakdown of Pros and Cons:
|Enable HTTP, MQTT, and other protocols||Require programming knowledge|
|Utilise additional exposed pins||Android/iOS app support is not there|
|Reduce “talk home”||Poor coding practices can increase security risks|
|Can function better offline||Warranty|
|Better cooperation with other devices||Off the shelf support with Home Assistants|
For me, the pros outweigh the cons. And for a lot of you as well as the hacking community is strong and there are plenty of examples of Sonoff devices being used in an awesome way.
Hacking Sonoff – hardware
Before you open a device like this, remember to only program it using power from the FTDI programmer. DO NOT USE MAINS to power up the chip for programming.
Guys at Sonoff has been nice enough to expose all the pins needed to flash the software. To make the job easier, I have added 5 header pins to the board so I could use jumper wires when hacking Sonoff devices.
The pinout of the Sonoff basic is as follows:
Pay attention to the board orientation to connect the correct wires between your device and FTDI converter.
Once you have the hardware ready, we have to set up the hacking environment. I will cover the setup of Windows 10 as it’s the most troublesome.
Hacking Sonoff – software
To be able to hack the relay, you will need several downloads:
Start with the installation of the Python 2.7. Once it’s installed, open Windows 10 system settings (Win key then search for Advanced System Settings) then navigate to Environmental Variables, find Path and edit. Add a new line:
This will save you a lot of trouble.
Download the pip installer and place it in a folder (not desktop). Hold right Shift and right-click within that folder to bring up the cmd/PowerShell window in the current directory. Then run:
Now that we have the latest pip, it’s time for the pyserial. Download the tar.gz file and unpack it to a folder. Open the folder and a new cmd/PowerShell window inside it then run:
python setup.py --install
Now you are ready to play with esptool software. Download the tool and unpack it to a folder. Bring up the cmd/PowerShell in that location.
Hacking Sonoff – backup
Connect the Sonoff device and power it up while holding the built-in button for 2-3 sec. You will be able to make changes to the bootloader now. Your first action should be a backup. Check the COM port connected via device manager.
python esptool.py --port COM5 read_flash 0x00000 0x100000 image1M.bin
Once the backup is done, you will notice a new file present in the folder. It’s the image1M.bin (or whatever you named it). This is your recovery file. Keep it safe. If you delete the file, you won’t be able to restore the original firmware.
python esptool.py --port COM5 erase_flash
If you want to delete the firmware completely and prepare it for the custom software.
python esptool.py --port COM5 write_flash -fs 1MB -fm dout 0x0 image1M.bin
You can restore or flash a custom software. Just place the file in the same folder as the esptool.py file.
Custom Software – Arduino IDE
Now that we have the image backed up, we can use the Arduino to push the custom code to the ESP8266. Make sure to add the boards to the manager by opening Arduino IDE preferences and setting the path for the manager:
Select the ESP8266 and the following Arduino IDE options:
Board: "Generic ESP8266 Module" Flash Mode: "DOUT" Flash Size: "1M (no SPIFFS) IwIP Variant: "v1.4 Higher Bandwith" Erase Flash: "Only Sketch"
Now you can put your board again into a flash mode (hold the button for 2-3sec when powering up) and flash a custom code. I will be writing a better code especially made for the Sonoff basic, but for now feel free to interact with a web-based interface. For now I used the code I made for DIY Smart Socket as it suits my needs for testing. You can download the modified version at the bottom of the article.
It’s very rewarding to hack your own Sonoff device. You learned new skills, you can integrate it with your automation systems. The biggest advantage for me is the ability to link it to any device you wish almost directly. The consumer-based systems have a very limited scope and aim to work with the most popular solutions. On top of that, 5 years down the line there is no warranty that home automation systems owned by you will still be in use and supported. Having total control over a device you own is the best!