There are quite a few devices on the market that have a Raspberry Pi as their core, and having become the proud owner of a solar roof, [Paolo Bonzini] found him self with the Intrade ENR-DTLA04DN datalogger who — let’s just say, had some signs, and at FOSDEM 2023, told us all about it. Installed under the promise of local logging only, the datalogger gave its nature with a power brick emblazoned with the Raspberry Pi logo, a spec sheet identical to that of the Pi 3, and the Raspberry Pi Foundation’s MAC address. This spec sheet also mentioned a MicroSD card – which eventually died, prompting [Paolo] to remove the cover. He threw away the faulty SD card, then replaced it – and put his SSH keys on the machine while he was at it.
At this point, Entrade no longer offers devices with local recording, only a cloud recording option – free, but only for five years, clearly not an option if you like your home cloud-free; The local recording was also not without its drawbacks and thus, the device was worth exploring. A quick peek at the filesystem and I found two large statically bundled binaries, and strace It gave him a way to spy on the RS485 communications between the datalogger and the solar roof reflector. Next, dig into the diodes, and collect information on how that device does its job. Previously, he found that the device presented an undocumented API over HTTP while connected to its network, and comparing the API’s work with the data inside the binary got him some good results – but not enough.
The main binary is determined to be Go code and [Paolo] He shows us a step-by-step explanation of how to reverse engineer such diodes in radare2with a small set of tricks to boot – for example, capturing an output strings to GitHub URLs to see what libraries are used. In the end, after reverse engineering the protocol, it is completely rewrote the program, Without the previous annoying bugs, integrating it into the MQTT home network that HomeAssistant works with. As a bonus, he also showed us the datalogger’s main PCB, which turned out to be a curious innovation – doesn’t spoil the surprise!
We imagine this search is not only useful when you’re faced with the death of someone similar to a datalogger, but also useful for those who find themselves at the mercy of a sham-free cloud logging plan and want to opt out. Solar tech seems to be an area where Raspberry Pi boards and proprietary interfaces aren’t uncommon, which is why we’re seeing hackers reverse engineer solar-related devices – for example, check out this exploration of the proprietary protocol for solar inverters to get the data out of it, Or reverse engineer an out-of-life, decommissioned but perfectly healthy solar inverter software to get the service menu password.