How to dump the scooter's stock firmware?

ScootR
Posts: 1
Joined: Mon Aug 05, 2019 8:17 pm

How to dump the scooter's stock firmware?

Postby ScootR Tue Aug 06, 2019 6:52 am

I noticed my ES2 came with a slightly different DRV minor version than the base firmwares available on https://ninebot.scooterhacking.org/. So I was wondering how the available bin dumps one may find online (i.e. on github) were created. A lot of research was done by CamiAlfa (ES DownG and the protocol specification available on his github) but despite the fact the available tools allow us to reflash the firmware they don't seem to allow dumping the firmware.

Image
User avatar
Lothean
Site Admin
Posts: 137
Joined: Fri Mar 15, 2019 2:40 am
Location: France
Contact:

Re: How to dump the scooter's stock firmware?

Postby Lothean Sun Sep 01, 2019 11:20 pm

Unfortunately, you can't dump it from the chip, since it ROP'ed.
You can only MITM during an update.

Return to “Ninebot ES and E-series”

Who is online

Users browsing this forum: No registered users and 43 guests