Author Topic: dmp-tasmota-v5.trid.xml for configuration dump of Tasmota firmware (*.dmp)  (Read 4644 times)

jenderek

  • Sr. Member
  • ****
  • Posts: 361
Hello trid users,

some days ago i flashed my switchable power outlets, because i do not like
to send my data via eWeLink app in the cloud to servers belonging perhaps to
chinese if i just want to toggle an electric device some meters away.

Another fine feature of this installed alternative firmware named Tasmota is
the ability to write/read the configuration data (with values for NTP-server,
latitude, Timezone, etc.). These files are described by trid as "Unknown!" (
see appended output/trid-old.txt). Also annoying is that for that configuration
file name extension dmp is used. That extension is already used for memory
dumps on Windows.

So i start to create an definition file for TrID. First i run tridscan. My
used plugs and their configuration have similar variable values like
NTP-server and so on. So i got many pattern in definition file. But luckily
the source of the Tasmota firmware is available. So first i add website url
as reference by line:

   <RefURL>https://github.com/arendst/Sonoff-Tasmota</RefURL>

According to source data structure starts with variable cfg_holder with a
value of 0x1209. This gives with configuration size first pattern by
construct:

   <Bytes>09125C53</Bytes>
   <Pos>0</Pos>

The remaining settings are normally XORed with value of sum of 0x5A and
offset. So value like "0.de.pool.ntp.org" for NTP server do not occur as
readable string. Luckily since version 5.12.0e 20 bytes named free_1D5 at
position 469 inside structure are empty. This is expressed by construct:

   <Bytes>2F303132333435363738393A3B3C3D3E3F4041</Bytes>
   <Pos>469</Pos>

These 2 pattern are unique enough to recognise reliable configuration dump of
newer Tasmota firmware since version 5.y. So i named definition file
dmp-tasmota-v5.trid.xml.

I started my test with firmware version 6.2.1.0 (that is 0x06020100 for
*6.2.1*.dmp examples). So created definition file dmp-tasmota-v6.trid.xml for
that examples contains additional 4 bytes at offset 8 for that version. That
gives an additional construct like:

   <Bytes>62626663</Bytes>
   <ASCII> b b f c</ASCII>
   <Pos>8</Pos>


With these 2 trid definition all my configuration dumps of Tasmota firmware
including newer version examples *6.3.0*.dmp are now recognized by trid (
see appended output/trid-new.txt). TrID definition and output are stored in
archive dmp_trid.zip. I hope that the XML files can be used in future
version of triddefs.

With best wishes
J?rg Jenderek

Mark0

  • Administrator
  • Hero Member
  • *****
  • Posts: 2667
    • Mark0's Home Page
Re: dmp-tasmota-v5.trid.xml for configuration dump of Tasmota firmware (*.dmp)
« Reply #1 on: November 20, 2018, 11:41:44 AM »
Hi J?rg! Many thanks for the new defs, as usual!