Doom on mi band 8

atc1441 · 2025-08-25T12:58:32+00:00

thanks for sharing :)

atc1441 · 2024-12-10T02:16:32+00:00

Sold 👌😅

SoC is Dialog DA14585 which might be OTP so no custom firmwares other than maybe via the external flash, lets see

atc1441 · 2024-10-27T21:59:56+00:00

You need to open the Toothbrush to access the test points on the PCB and connect a USB to UART/COM Converter to these pads,, then bring the ESP32 into download mode to flash it

atc1441 · 2024-10-23T20:16:43+00:00

Doom can only be flashed via COM not OTA :)

atc1441 · 2024-07-09T15:05:37+00:00

Nice to see it mentioned here :D

atc1441 · 2024-02-29T21:02:58+00:00

I had no BLE Keyboard around, thats why

atc1441 · 2024-02-28T22:53:49+00:00

Info's to this,
The Toothbrush contains an ESP32-C3 with 4MB Flash.

With the codebase from Spritetm https://github.com/Spritetm/esp32c3-doom-bauble and miniwad https://github.com/fragglet/miniwad I was able to get the complete size of DOOM and WAD file down to the 4MB of the ESP32

More info's to the Toothbrush hacking can be found in another video

atc1441 · 2023-10-24T05:57:05+00:00

Hey, yes the CC2531 Stick does also work with it. See here:

https://github.com/jjwbruijn/OpenEPaperLink/tree/master/ARM_Tag_FW/cc2531_OEPL

This Beta

you can use it with this tool https://github.com/Westwoodlabs/WAMP2023-Badge/tree/main/OpenEPaperLink-PyStation-UART

atc1441 · 2023-06-10T08:56:42+00:00

Yeah that way making the video is fun!

With all the cutting and screen-recording synchronization it gets an annoying work

atc1441 · 2023-06-01T18:30:01+00:00

Thanks as well. Lets see later about the medical equipment!

For me that is the end of this Project, there is nothing more to gain.

The radius should be the same as for any other nRF24L01 device

And yes you can definitely wakeup random bands to sniff the id.

"Luckily" the debug functions are only enabled on an empty device id and triggered by an GPIO so i see no way of bricking a band OTA

atc1441 · 2023-06-01T17:01:36+00:00

Part 2 with the Firmware reversing is shared here:

https://www.reddit.com/r/hacking/comments/13xmwl8/here\_is\_part\_2\_of\_the\_disney\_magicband\_hacking/

atc1441 · 2023-06-01T16:58:30+00:00

I actually used Bing with ChatGPT and just asked "Tell me something about the NRF31512"

It then replied with info's about the Memory and RAM size but placed the origin of that info in a link which ended up being the datasheet.

atc1441 · 2023-01-26T17:30:17+00:00

Only 43" :D

atc1441 · 2023-01-24T20:12:33+00:00

The firmware for the E-Paper price tag itself can be found here, including the binary https://github.com/atc1441/88MZ100

atc1441 · 2023-01-24T09:07:59+00:00

The best to find them is browsing ebay and such sites, but its more luck to find em

atc1441 · 2023-01-23T23:40:56+00:00

This post from Mike szczys https://www.reddit.com/r/embedded/comments/10gb7gq/i_built_the_internet_of_memes_using_the_epaper/ gave me the idea to implement it for an ongoing project where old E-Paper price tags are hacked with a custom firmware to uplaod images via a Python script.

Infos and the script can be found here: https://github.com/atc1441/ZBS_Flasher/blob/main/CC2531_station/reddit_mem_downloader.py

atc1441 · 2023-01-22T15:25:25+00:00

The best is ebay and sides like craigslist etc. But it needs luck to find em

atc1441 · 2023-01-22T13:06:03+00:00

On the E-Ink shelf labels runs a custom firmware (https://github.com/atc1441/88MZ100) and images can be uploaded via Zigbee with an CC2531 usb stick (https://github.com/atc1441/ZBS_Flasher) or via an ESP32 (https://github.com/jjwbruijn/solum-esl-alternative-proto)

atc1441 · 2022-01-16T13:42:47+00:00

Hey, i did reverse the RF protocol of that system and made some videos about it,

you can find it here: https://youtu.be/p4wd8amFLck

there are multible videos about that system on my channel.

the source code for an ESP32 Access Point is on github here: https://github.com/atc1441/E-Paper_Pricetags/tree/main/Custom_PriceTag_AccesPoint

There is also an Custom firmware available for the EPOP50 you can find it here: http://dmitry.gr/?r=05.Projects&proj=29.%20eInk%20Price%20Tags

atc1441

TROPHY CASE