Posts

Netool Reverse Engineering

Image
The netool is a network diagnostics device sold by Netool LLC . The hardware itself is a chinese openwrt router + power bank. If you dig through the FCC documents for it you can find references to a 'CLOUD WIFI' / 'TOBY' company that is selling these with OpenWRT on them. The netool company took this hardware and did a lot of software work on it in order to create the Phone Apps and API server that runs on the device itself. The hardware is a Ralink RT5350 SoC with 32M of DRAM and a 128M SPI flash for storage. More info can be found on the DevWiki page. As for getting into the netool its fairly simple. I started out trying to probe the 4 pins on the side of the device hoping they were attached to the serial interface of the SoC. Turns out the 4 pins actually go to the Battery Management Controller. I don't see any other test / probe pads so I went ahead and just dumped the SPI Flash with a buspirate. Digging through the flash dump with binwalk shows a uBo

Heroes of Hammerwatch asset.bin Structure

Image
I month or so ago I started looking into the Heroes of Hammerwatch file structures trying to see how easy it would be to create custom campaigns or mods. When I first got the game and started playing with it there were very little in-memory protections, but now the game seems to have quite a few protections in place. Both while running and in the assets themselves. Do note though this post is being written because I'm putting this project on hiatus for some other projects and just wanted to dump what little bits and pieces I remember for future me if I pick this up again. Right now all I've succeeded in doing is a basic understanding of the assets.bin, there was plans to figure out the town.bsa and character .savs but didn't have the time. The tools I ended up using to aid in reversing are: Radare2 , Okteta , and Kaitai Struct . So using radare to debug the game and kaitai to template out the assets.bin with ksv I was able to brute force figure out some of the struc

Arch Linux Chroot on Steam Link (Easy Setup)

Alright, this should be a much more user-friendly method of getting an Arch Linux chroot going on your steam link. But by doing it this way you're going to have to have some trust in me as we're going to be downloading and running a shell script that could potentially screw up your Steam Link. Its very un-likely though, more likely is losing important data on any storage devices you may have plugged into the Link. So first things first you're going to need a USB HDD or pendrive that you don't care about as all of the data on it needs to be wiped. After you're certain that this storage device has nothing important on it plug it into the steam link. Then you're going to need SSH access to your steam link, after you've SSH'd into your steam link do `busybox sh` to switch to a better shell with tab auto-completion. Now do `cd` to enter /home/steam/ then do `wget http://fgthou.se/steamlink/create-chroot-device.sh` to download my script that will automate t

Arch Linux Chroot on Steam Link (Manual Setup)

Note: If you don't have access to a Linux desktop you can use this method instead. I'm going to try and help you guys setup an Arch Linux chroot environment on your steam link. If you don't know what SSH or Linux is then this post isn't for you. First things first you'll need to have ssh access to your steam link. Below I'm going to detail setting this up with my pre-created tar file on a Linux desktop, if you don't want to use my premade one I'll detail how I made it at the end. If you're on Windows just wait it out, I'll do a post for it later. Download steamlink-chroot.tar.gz First you'll need a separate pendrive or usb hdd to run the chroot environment on. You need to format this harddrive/pendrive to have an ext4 partition on it that the chroot will be on. You'll need to make this partition at least 1GB, the extracted tar file is roughly 700Mb but you'll want some spare room for pacman updates ect. After you've cr

Disabling Steam Link Auto-Standby

There was a reddit post a week or two ago that was having trouble keeping their Link on while watching youtube. I posted a fix in there but forgot to make it more public for others with the same issue to find. So if your Steam Link is automatically turning off / hibernating / standby / shutdown / suspending whatever you want to call it there is a temporary fix until Valve adds a setting for it. The steam link is set to enter a suspended state after 15 minutes of inactivity by default, the defaults can be changed with two files though. Create two files, name one `suspend_timeout_idle.txt` and the other `suspend_timeout_interactive.txt`. These two files will contain the number of seconds before the Link will ask if you're still using the device, and the other file is the time before the Link will auto-standby without asking. I still haven't entirely figured out why there's two files yet but by default both of them are set to 900 seconds so I just keep them the same value w

Removing Steam Link Bandwidth Limit

A reddit thread brought to my attention that there is a bandwidth limit on the steam link. I've finally figured out where the stream settings are saved and how to read / write them.You will also have to make one file called streaming_args.txt, I'll explain below. streaming_settings.bin  This config file has its maximum_bitrate_kbps set to 0. Which signifies no limit. streaming_settings_100000.bin  This config file has its maximum_bitrate_kbps set to 100,000 for 100mbps. To use these you can either scp them into your /mnt/config/system/ folder as streaming_settings.bin or you can put the file on a USB pendrive as /steamlink/config/system/streaming_settings.bin and reboot with the pendrive inserted. (Note: You need to hard 'reboot' un-plug and re-plug the power, you should see the steamlink on a blue background icon thing.) To see if it worked goto your Streaming settings and press Y to go into Advanced Settings. If it worked your Bandwidth Limit row will b

Steam Link Developer Builds

Notice for anyone that hasn't found the dev_build.txt and the two indev builds 'available' to the public right now. I've been neglecting to post the dev_builds.txt just to avoid anyone from grabbing the 337 and 341 and flashing them to their links. The 337 build works fine but I see no notable changes, the 341 build actually fails to run on the steam link. On startup the 341 build gives you an error telling you to contact a internal valve employee. The message is a little more specific but I'm trying to avoid names.  But if you're feeling technical and comfortable in your ability to fix your steam link should something mess up then you can flash the 337 and 341 builds manually with a USB drive, see the S01config script in /etc/init.d/startup in there you can see how to change your update branch to dev and flash the dev images. Once again I'm being ambiguous just to avoid hand-holding anyone into messing something up. All in all though the two dev builds d