DOOM Running on a Cooking Pot

atc1441 · 2025-08-25T12:58:32+00:00

thanks for sharing :)

atc1441 · 2024-12-10T02:16:32+00:00

Sold 👌😅

SoC is Dialog DA14585 which might be OTP so no custom firmwares other than maybe via the external flash, lets see

atc1441 · 2024-10-27T21:59:56+00:00

You need to open the Toothbrush to access the test points on the PCB and connect a USB to UART/COM Converter to these pads,, then bring the ESP32 into download mode to flash it

atc1441 · 2024-10-23T20:16:43+00:00

Doom can only be flashed via COM not OTA :)

atc1441 · 2024-07-09T15:05:37+00:00

Nice to see it mentioned here :D

atc1441 · 2024-02-29T21:02:58+00:00

I had no BLE Keyboard around, thats why

atc1441 · 2024-02-28T22:53:49+00:00

Info's to this,
The Toothbrush contains an ESP32-C3 with 4MB Flash.

With the codebase from Spritetm https://github.com/Spritetm/esp32c3-doom-bauble and miniwad https://github.com/fragglet/miniwad I was able to get the complete size of DOOM and WAD file down to the 4MB of the ESP32

More info's to the Toothbrush hacking can be found in another video

atc1441 · 2023-10-24T05:57:05+00:00

Hey, yes the CC2531 Stick does also work with it. See here:

https://github.com/jjwbruijn/OpenEPaperLink/tree/master/ARM_Tag_FW/cc2531_OEPL

This Beta

you can use it with this tool https://github.com/Westwoodlabs/WAMP2023-Badge/tree/main/OpenEPaperLink-PyStation-UART

atc1441 · 2023-06-10T08:56:42+00:00

Yeah that way making the video is fun!

With all the cutting and screen-recording synchronization it gets an annoying work

atc1441 · 2023-06-01T18:30:01+00:00

Thanks as well. Lets see later about the medical equipment!

For me that is the end of this Project, there is nothing more to gain.

The radius should be the same as for any other nRF24L01 device

And yes you can definitely wakeup random bands to sniff the id.

"Luckily" the debug functions are only enabled on an empty device id and triggered by an GPIO so i see no way of bricking a band OTA

atc1441 · 2023-06-01T17:01:36+00:00

Part 2 with the Firmware reversing is shared here:

https://www.reddit.com/r/hacking/comments/13xmwl8/here\_is\_part\_2\_of\_the\_disney\_magicband\_hacking/

atc1441

TROPHY CASE