How to hack your vacuum


Richie

8/19/2021 - 4 min read

What and why

I bought a Roborock's robotic vacuum cleaner. I wanted to integrate it into Home Assistant and let anyone control it from the touch screen at my home. I thought this would be simple but it turned out it is not. But since Roborock's vacuums are really good bang for the buck, many people are buying them and a group of people decided to create open-source software Valetudo as a replacement for official cloud-connected software.

The main goal of Valetudo is to disable all cloud connectivity and instead provide controls via a mobile-friendly web interface as well as MQTT connectivity which also supports Home Assistant Autodiscovery.

GitHub - Hypfer/Valetudo: Cloud-free control webinterface for vacuum robots
Cloud-free control webinterface for vacuum robots. Contribute to Hypfer/Valetudo development by creating an account on GitHub.

Before 2020, you could just use OTA update to push any firmware to your Roborock vacuum cleaner and because the firmware was not signed the vacuum would happily accept it. Since Roborock S5 Max (which I own), firmware is signed,  you cannot use this method anymore. So we have to use another method to force our firmware into the vacuum.

Step 1 - Init override

You "simply" use an interactive shell via UART to drop into the u-boot shell and edit the kernel command line so that init becomes /bin/sh which also gives you a root shell, but requires you to quickly do some initializing because otherwise, the hardware watchdog will reboot the robot. It basically runs Ubuntu 14.04, so we can do anything we want, like install packages, run servers, hack into them and run DDoS attacks, etc.

CPU RAM OS
Allwinner R16 (4x) 512MByte NAND (2019) or 256MByte NAND (2020) Ubuntu 14.04

Unfortunately, the test pins for the UART connection are on the bottom side of the logicboard and we have to disassemble the robot to get access to it. I soldered 2 wires to these test pins, so I can connect to them anytime.

Step 2 - Shell speedrun

Can you type shell commands fast enough before the robot watchdog finds out that you want to do something unintended and just reverts your changes and reboots the robot? Luckily there are cheatsheets with commands that you can copy-paste to be faster.

Basically, you build the firmware online, make a backup of the old stuff, replace one of two firmware (there is one backup build it in case something goes wrong with updates) and if everything is OK, you just activate it. The vacuum will serve web UI on port 80 that you can use to do everything you could have done before thru the official app, just without the Chinese cloud.

Step 3 - Home Assistant

So this is the main reason why I did this mod, so I could just integrate it into my smart home using Home Assistant and MQTT. It integrates easily and you can control it from Home Assistant, and make new automations.

Step 4 - Go above and beyond

Valeronoi

Ever wondered how good is the WiFi signal in your house/flat? Well now you have a robot, that can measure WiFi strength in literally every place at your house.

Minecraft

You can export the map of your flat into Minecraft.

Like talking?

Make your robot play any audio when it bumps into stuff.

Zaujalo tě, co se u nás děje ?


Vždy máme zájem o nadané vývojáře s neotřelými nápady. Jestli se chcete stát součástí našeho přátelského týmu, kde můžete rozvíjet své znalosti a naplnit svůj potenciál, kontaktujte nás nebo se zastavte přímo do naší kanceláře.

YOUR IT ON ROCKET FUEL

Bohumínská 410/135
712 00 Slezská Ostrava-Muglinov
Česká Republika

IČ: 

07279531

Zkopírovat do schránky

DIČ: 

CZ07279531

Zkopírovat do schránky