Registration Code (Part 1): w%kQ6
Registration Code (Part 2): b<#$1[*(cw~
In order to register on this forum, you must use the codes above. Combine them into one code (copy paste).

"Hacking" The Motorola FOCUS66 Camera

Personal posts regarding my releases and research on various topics.
Post Reply
User avatar
atom0s
Site Admin
Posts: 414
Joined: Sun Jan 04, 2015 11:23 pm
Location: 127.0.0.1
Contact:

Re: "Hacking" The Motorola FOCUS66 Camera

Post by atom0s » Tue Jul 16, 2019 1:15 pm

Here's some more updated info, the video streaming seems to no longer work over RTSP for all my cameras as well. It looks like they possibly moved to a p2p handshake setup. I didn't dig into that much though.
  1. General commands look to be on port 80 now, such as:
  2. http://192.168.1.147/?action=command&command=get_running_os
  3.  
  4. Some working commands:
  5.  - get_model
  6.  - get_version
  7.  - get_mac_address
  8.  - get_session_key (Requires some addition arguments to get info.)
  9.  - get_codecs_support
  10.  - get_motion_area
  11.  - get_udid
  12.  - get_running_os (Only on some models.)
  13.  - restart_system (Not recommended to run this.)
  14.  - request_fw_upgrade (Not recommended to run this.)
  15.  
  16. There are a lot of other commands and params, but I left them out because I don't want people to brick their cameras by doing things they shouldn't or don't understand. You should avoid doing commands like this if possible unless you are experienced and understand the risks.
  17.  
  18.  
  19. The local app attemtps to connect to RTSP on:
  20. rtsp://user:pass@192.168.1.147:80/blinkhd
  21. rtsp://user:pass@192.168.1.147:8080/blinkhd
  22. rtsp://user:pass@192.168.1.147:6667/blinkhd
  23.  
  24. The username and pass appears to be:
  25. Username: user
  26. Password: pass
  27.  
  28. The debug tool sites:
  29. http://192.168.1.147:8080/test.html
  30. http://192.168.1.147:8080/blinkhome.html
  31. http://192.168.1.147:8080/javascript.html
  32. http://192.168.1.147:8080/java.html
  33.  
  34. Ports that the app suggests are used:
  35.  - 80
  36.  - 8080
  37.  - 6667
  38.  - 9001
  39.  - 9090
  40.  - 51108
Derp~
Need a great web host? Check out: AnHonestHost.com


Donations can be made via Paypal:
https://www.paypal.me/atom0s
AshMate
Posts: 1
Joined: Thu Jul 18, 2019 10:54 pm

Re: "Hacking" The Motorola FOCUS66 Camera

Post by AshMate » Fri Jul 19, 2019 5:45 pm

I read this Forum years ago, thankyou to all who provided clear info and got my FOCUS66 working with RTSP on port :6667/blinkhd and iSpy/VLC etc. I too share the frustration of having my cameras firmware updated recently without consent. I was quite happy with my camera 'asis' having never subscribed to Hubble. Who knew Motorola could legally change the way our camera once worked, I mean the way we knew it operated at the time of purchase. I was under the impression that I owed my camera, not leased it from the Motorola / Hubble / Vultr conglomerate. Now is seems we have no privacy are truly forced to use that app to view and pay money to record!

I noticed when looking at the current Hubble Android App traffic, my cameras video image now goes through 108.61.251.193 (Sydney Australia for me) and "vultr.com" and port 443 "Cloud Storage" with "Choopa, LLC" or maybe it always did? The current Hubble App also made an attempt at port :6667 on my camera, the way we used too! (perhaps legacy code!)

Perhaps someone out there knows how to tear apart the Hubble App and work out how to establish a stream before it detours via the web?
Perhaps the original/old firmware update (hacked) will trick the camera into accepting it as a "new" or "current" update. I can't find firmware files anywhere on web, not even at https://ota.hubble.in/ota1/0066_patch/???.zip because I don't know exact firmware filenames.

Keen to get my camera back online, but not that online!
User avatar
atom0s
Site Admin
Posts: 414
Joined: Sun Jan 04, 2015 11:23 pm
Location: 127.0.0.1
Contact:

Re: "Hacking" The Motorola FOCUS66 Camera

Post by atom0s » Fri Jul 19, 2019 9:30 pm

I made a post here explaining how the firmware downloads work:
viewtopic.php?p=408#p408

For the FOCUS0066, you can find the version id of the current firmware here:
https://ota.hubble.in/ota1/0066_patch/version.txt

Then the download is:
https://ota.hubble.in/ota1/0066_patch/0 ... .18.tar.gz
Derp~
Need a great web host? Check out: AnHonestHost.com


Donations can be made via Paypal:
https://www.paypal.me/atom0s
csorensen
Posts: 1
Joined: Thu Aug 08, 2019 6:34 am

Re: "Hacking" The Motorola FOCUS66 Camera

Post by csorensen » Thu Aug 08, 2019 6:37 am

Hi atom0s,

Do you know where we can get the 03.10.18 firmware? My two cameras updated and I can no longer access the RTSP.

I plan to block the internet traffic on the cameras and just access them locally to my network to prevent future OTA pushes.

Thank you.
CharlieX
Posts: 2
Joined: Sun Aug 25, 2019 1:28 pm

Re: "Hacking" The Motorola FOCUS66 Camera

Post by CharlieX » Sun Aug 25, 2019 1:31 pm

I don't think the firmware downgrade works. Just tried it on one of mine to get RTSP back, it hangs at best(true hang, left it for 20mins!), complains you haven't uploaded a file yet if you try again without rebooting the camera.

Any ideas or has Wyze just earned my money?
CharlieX
Posts: 2
Joined: Sun Aug 25, 2019 1:28 pm

Re: "Hacking" The Motorola FOCUS66 Camera

Post by CharlieX » Tue Sep 03, 2019 2:36 pm

bru.xo
Posts: 1
Joined: Wed Sep 18, 2019 4:34 pm

Re: "Hacking" The Motorola FOCUS66 Camera

Post by bru.xo » Fri Sep 20, 2019 2:33 pm

Hello.

Found another interesting URL (at least it works for MBP85 model)
http://192.168.X.X:8080/cgi-bin/logdownload.cgi
You can download encrypted archive and decrypt it with ./mnt/bin/crypto utility (that resides inside firmware)
Archive stores various logs, configuration files, info about running processes.

Does anyone tried to modify something on filesystem and update firmware? Is that safe?
matusov
Posts: 1
Joined: Wed Oct 09, 2019 8:57 am

Re: "Hacking" The Motorola FOCUS66 Camera

Post by matusov » Wed Oct 09, 2019 8:58 am

Any updates on this? Would love to get this working again with iSpy.

Thanks in advance!
Post Reply

Who is online

Users browsing this forum: No registered users and 12 guests