[File] new Magdir/espressif for configuration dump of Tasmota firmware (chip ESP8266 *.dmp)

Jörg Jenderek joerg.jen.der.ek at gmx.net
Tue Nov 20 17:14:55 UTC 2018 

Hello,

some days ago i flashed my switchable power outlets, because i do not
like to send my data via eWeLink app in the cloud to servers belonging
perhaps to chinese if i just want to toggle an electric device some
meters away.

Another fine feature of this installed alternative firmware named
Tasmota is the ability to write/read the configuration data (with values
for NTP-server, latitude, Timezone, etc.). These files are described by
file command as "data". Also annoying is that for that configuration
file name extension dmp is used. That extension is already used for
memory dumps on Windows.

So i start to create a definition file for file command. The chip
ESP8266 is used on many IOT devices and is produced by Espressif
Systems. So magic lines goto new file Magdir/espressif.

Luckily the source of the alternative Tasmota firmware is available. So
first i add website url by line:
 # URL: https://github.com/arendst/Sonoff-Tasmota/

According to source (see sonoff/settings.h ) data structure starts with
variable cfg_holder with a value of 4617=0x1209. This is done by first
magic line:
 0		uleshort	4617

Because only 2 bytes are now used for detection, i look for more unique
patterns.
The remaining settings are normally XORed with value of sum of 0x5A and
offset. So value like "0.de.pool.ntp.org" for NTP server do not occur as
readable string. Luckily since version 5.12.0e 20 bytes named free_1D5
at position 469 inside structure are empty. This is expressed by
construct like:
 >0x1D5 ubequad 0x2f30313233343536 configuration of Tasmota firmware
Afterward display user defined mime type and file name extension by lines:
 !:mime	application/x-tasmota-dmp
 !:ext	dmp

These 2 pattern are unique enough to recognize reliable configuration
dump of newer Tasmota firmware with standard compilations since version
5.y.
I started my tests with firmware version 6.2.1.0 (that is 0x06020100 for
*6.2.1*.dmp examples). The 4 bytes at offset 8 for that version in
little endian becomes XORed to 0x63666262. To display version in human
readable form decode and show that value by 4 lines:
 >>11		ubyte^0x65	x			\b, version %u
 >>10		ubyte^0x64	x			\b.%u
 >>9		ubyte^0x63	x			\b.%u
 >>8		ubyte^0x62	x			\b.%u

Because i wanted to distinguish the configuration dumps of my different
plugs, i try to display more information. So i used host name stored
with maximal 33 bytes at offset 0x165. Do the same XOR expression for
every character of hostname and display it, if result is a printable
character by lines like:
 >>0x165	ubyte^0x1BF	x			\b, hostname %c
 >>0x166	ubyte^0x1C0	>037			\b%c
 ...
 >>0x185	ubyte^0x1DF	>037			\b%c

With this new magic definition all my configuration dumps of Tasmota
firmware including newer version examples *6.3.0*.dmp are now recognized
by file command and now i get an output like:

Config_Obi_Dose_3_6.2.1.dmp:
	configuration of Tasmota firmware (ESP8266)
	, version 6.2.1.0
	, hostname steckdose3
Config_OBI_Steckdose_6_6.2.1.dmp:
	configuration of Tasmota firmware (ESP8266)
	, version 6.2.1.0
	, hostname steckdose6
Config_S20_8_6.2.1-A.dmp:
	configuration of Tasmota firmware (ESP8266)
	, version 6.2.1.0
	, hostname steckdose8
Config_S20_8_6.2.1.dmp:
	configuration of Tasmota firmware (ESP8266)
	, version 6.2.1.0
	, hostname steckdose8
Config_Sonoff_S20-steckdose_6.2.1.dmp:
	configuration of Tasmota firmware (ESP8266)
	, version 6.2.1.0
	, hostname steckdose

I hope my new magic file can be applied in future version of
file utility.

With best wishes
Jörg Jenderek
-- 
Jörg Jenderek


-------------- next part --------------
# configuration dump of Tasmota firmware for ESP8266 based devices by Espressif
# URL: https://github.com/arendst/Sonoff-Tasmota/
# Reference: https://codeload.github.com/arendst/Sonoff-Tasmota/zip/release-6.2/
# Sonoff-Tasmota-release-6.2.zip/Sonoff-Tasmota-release-6.2/sonoff/settings.h 
# From: Joerg Jenderek
#
# cfg_holder=4617=0x1209
0		uleshort	4617
# remainig settings normally 0x5A+offset XORed; free_1D5[20] empty since 5.12.0e
>0x1D5		ubequad		0x2f30313233343536	configuration of Tasmota firmware (ESP8266)
!:mime	application/x-tasmota-dmp
!:ext	dmp
# version like 6.2.1.0 ~ 0x06020100 XORed to 0x63666262
>>11		ubyte^0x65	x			\b, version %u
>>10		ubyte^0x64	x			\b.%u
>>9		ubyte^0x63	x			\b.%u
>>8		ubyte^0x62	x			\b.%u
#>8		ubelong		x			(0x%x)
# hostname[33] XORed
>>0x165		ubyte^0x1BF	x			\b, hostname %c
>>0x166		ubyte^0x1C0	>037			\b%c
>>0x167		ubyte^0x1C1	>037			\b%c
>>0x168		ubyte^0x1C2	>037			\b%c
>>0x169		ubyte^0x1C3	>037			\b%c
>>0x16A		ubyte^0x1C4	>037			\b%c
>>0x16B		ubyte^0x1C5	>037			\b%c
>>0x16C		ubyte^0x1C6	>037			\b%c
>>0x16D		ubyte^0x1C7	>037			\b%c
>>0x16E		ubyte^0x1C8	>037			\b%c
>>0x16F		ubyte^0x1C9	>037			\b%c
>>0x170		ubyte^0x1CA	>037			\b%c
>>0x171		ubyte^0x1CB	>037			\b%c
>>0x172		ubyte^0x1CC 	>037			\b%c
>>0x173		ubyte^0x1CD	>037			\b%c
>>0x174		ubyte^0x1CE	>037			\b%c
>>0x175		ubyte^0x1CF	>037			\b%c
>>0x176		ubyte^0x1D0	>037			\b%c
>>0x177		ubyte^0x1D1	>037			\b%c
>>0x178		ubyte^0x1D2	>037			\b%c
>>0x179		ubyte^0x1D3	>037			\b%c
>>0x17A		ubyte^0x1D4	>037			\b%c
>>0x17B		ubyte^0x1D5	>037			\b%c
>>0x17C		ubyte^0x1D6	>037			\b%c
>>0x17D		ubyte^0x1D7	>037			\b%c
>>0x17E		ubyte^0x1D8	>037			\b%c
>>0x17F		ubyte^0x1D9	>037			\b%c
>>0x180		ubyte^0x1DA	>037			\b%c
>>0x181		ubyte^0x1DB	>037			\b%c
>>0x182		ubyte^0x1DC	>037			\b%c
>>0x183		ubyte^0x1DD	>037			\b%c
>>0x184		ubyte^0x1DE	>037			\b%c
>>0x185		ubyte^0x1DF	>037			\b%c
#>>0x165		string		x			(%.33s)

More information about the File mailing list