Category Archives: How To

Hacking the Kingston Mobile Elite Wireless (MLW221)

The Back Story

One day while browsing my local BestBuy store, I came across a Kingston Mobile Elite Wireless unit. It was on clearance for around $10, which was a steal compared to its original price tag of $49.99. I just happened to be in need of an SD Card Reader, and seeing as how it had one and was only $10, I bought it. It wasn’t until nearly 2 years later that I would realize the true value of my purchase that day.

I had just picked up a couple of the New Nintendo 3DS handhelds (non-xl) on Black Friday and was looking to keep one for myself. Naturally, the first thing that came to mind was to mod it so I could use it for emulation. One of the steps required was to block communication between the N3DS and  the update server (69.25.139.140).

Since my router was provided by my ISP it’s rather limited in its features. It was suggested to use the OpenWRT project on other hardware and to my surprise, the Kingston Mobile Elite Wireless was on the list!  I couldn’t believe it, this glorified SD Card Reader was capable of running OpenWRT. I was starting to wish I tracked down more of the things.

The Specs

Featuring the Ralink MT7620N ver:2 eco:3 @ 580MHz, along with 16 MB Spansion S25FL129P1 Flash Memory, and 64 MB SK Hynix H5PS5162GFR of DDR2 RAM, this was no normal SD Card Reader. It even features an 1810mAh (6.878Wh) Li-ion rechargeable battery which is capable of either powering the unit or an attached USB device.

The system has no visible Ethernet connection but does feature a connection directly on the logic board (T- T+ R- R+) as well as a Serial connection (GRD TX RX VCC).

The Requirements

– Kingston Mobile Elite Wireless unit model# MLW221 (*Firmware 1.1.5.2)
– SD Card or USB Storage Device (Formatted to Fat32)
– Internet Access (DUH!)
– Soldering Iron (Optional)
– Ethernet Cable (Optional)
– Serial Cable (Optional)

The Disclaimer

WARNING; PROCEED AT YOUR OWN RISK!
Tampering with your device will void any warranty and could potentially brick your device. I assume no responsibility for any loss or hardship (be it loss of property, equipment, bodily injury, life, money, time or other) incurred directly or indirectly by using this site, guide or any of its contents (such as images/links/data etc).

The Hack

Step 1
Verify the currently installed Firmware is version 1.1.5.2.

Press and hold the Power Button on the MLW221 for about 4 seconds.
Using a laptop, tablet or other device connect to the Mobile Elite Wi-Fi Hotspot.

You can use the App or simply follow the directions below.
The default IP address of the MLW221 is 192.168.200.254 Type the IP address into your web browser and press Enter. You should now see a login page.

By default, there is no password set on the device. If needed, you can use a pin in the hole next to the power button to press the reset button on the MLW221 if a password was set and forgotten.

The firmware version should now be displayed on your screen.
If your firmware is below 1.1.5.2 you’ll need to update before continuing.
If it’s on a higher firmware, I really can’t comment as I haven’t tested this on beyond 1.1.5.2.

Step 2
Updating the Firmware to 1.1.5.2

If you’re on firmware 1.1.5.2 already follow the steps below but make sure to download the OpenWRT firmware and not the update. Else do the update to 1.1.5.2 then install the OpenWRT firmware.

Update Procedure: http://www.kingston.com/us/support/technical/downloads?product=mlw221&filename=mlwfw_v1

– Please make sure the MobileLite Wireless reader is fully charged before proceeding. If the device’s battery LED is a solid green, it’s fully charged. If the LED is amber (orange/red), please charge the MobileLite Wireless reader until the LED is solid green.

– The device (SD/USB) being used to update the MobileLite Wireless reader must be formatted with the file system FAT32.

How to Format and other how to videos, please visit the link below: http://www.kingston.com/us/support/technical/howtodt

Warning: Remove any device (USB/SD) not being used to update the firmware on the MobileLite Wireless reader. Kingston is not responsible for any data loss that may occur if a device is left in the reader during the update process. DO NOT power off the reader during the update process. DO NOT remove the SD/USB from the MLW during the update process. Doing so will damage the reader.

If you have any other questions or concerns, please feel free to contact our free technical support for assistance. Technical Support: (877) 546-4786.

1. Insert your card or USB to the computer.

2. Click on the Download Firmware Update link below to begin the download.

3. If prompted for a ‘Save’ location, navigate to the device chosen in step 1.

4. This is an important step; please make sure the BIN file is saved/extracted to the root of the device (USB/SD) and NOT to a folder. If you don’t see it right away when you go into the USB drive or card, it’s not on the root. Simply find it in the USB drive or card and cut and paste it to the root.

5. Once the file is saved to the USB or card, please “Safely Remove’ the USB or card from the computer. In a Mac, drag the mounted device to the Trash. In Windows, use the Safe to Remove Hardware” option in the taskbar (bottom right corner in most cases).

6. With the MobileLite turned off, insert the USB/Card into it.

7. Power on the MobileLite device by holding the ‘Power On’ button for more than 3 seconds.

8. The MobileLite Wireless will initially turn on and broadcast a wireless signal. After a few seconds, it will reboot and the blue ‘bridged’ LED will begin to flash.

9. The update process will start automatically and should take approximately 2 minutes to complete.

10. Once the process is completed the blue ‘bridged’ LED will stop flashing and the blue wireless LED will come back on.

11. Once the blue wireless LED is on and the blue ‘bridged’ LED has stopped flashing, please reset your MobileLite wireless reader. To reset, use a paper clip to hold down the reset button for 12 seconds. The reset button is to the right of the power button.

To make sure the firmware update was successful please connect your device to the MobileLite Wireless reader and open the MobileLite’s app settings to see the updated firmware version or login at 192.168.200.254 default firmware or OpenWRT192.168.1.1

Download 1.1.5.2 Firmware Update

Download OpenWRT Firmware

Step 3
Login and setup OpenWRT.

You’ll want to change your SSID and setup security right away. I won’t go into details because there’s already a lot of this online and it’s not that hard to figure out.

Step 4
Optional

You can cut an ethernet cable and wire it directly to the logic board using the pinout below. Again, self-explanatory.

Pin 1 = Tx+
Pin 2 = Tx-
Pin 3 = Rx+
Pin 6 = Rx-

Next to the Ethernet connections you’ll also find connections for Serial. Do not connect to Vcc.
mlw221-serial

You can use a Serial to USB adapter, and most Arduino’s should also work. Again, I’m not going to get deeper into this as it’s optional.

That’s all folks!
Be sure to check out the resources below for more information.

The Resources

Manual
http://media.kingston.com/support/downloads/Kingston_MLW_Beta_Guide.pdf

Manufacturer Website
http://www.kingston.com/us/support/technical/downloads?product=mlw221&filename=mlwfw_v1

Wiki Containing useful images and information
http://wiki.openwrt.org/toh/kingston/mlw221

OpenWRT Forum Post on Kingston Mobilelite MLW221
https://forum.openwrt.org/viewtopic.php?id=48401

How to change a forgotten password on a MAC

My memory isn’t as glorious as it once was, so this is more of a mental note for my future self. That is if I can remember that I wrote it here…

This will NOT tell you the current password or allow access to the keychain (without decryption). This creates a NEW password.

Let’s begin..

Power on the MAC and immediately press and hold both the CMD and the S Key. This will boot us into a terminal window.

Now type the following commands listed in BOLD:

mount -uw /

cd users

ls

passwd accountname

Now type in your new password, and then again to confirm.

reboot

Now login to the account you changed the password for with the new password.
You’ll get a warning about the keychain, if you need to recover any data from the keychain you should ignore it and DO NOT create a new one. You can decrypt the keychain if needed using keychain dumper and view it using DB Browser for SQlite.

Done! – Easy huh?

 

Guide to “auth.json” for Necrobot 0.7.x

This is just a quick guide on how to change the default device info listed in the “auth.json” file in Necrobot 0.7.x.

First let’s take a look at the default file to get a clear comparison.
Below we can see the default contents of this file..

{
“AuthType”: “ptc”,
“GoogleUsername”: null,
“GooglePassword”: null,
“PtcUsername”: “Username”,
“PtcPassword”: “Password”,
“UseProxy”: false,
“UseProxyHost”: null,
“UseProxyPort”: null,
“UseProxyAuthentication”: false,
“UseProxyUsername”: null,
“UseProxyPassword”: null,
“DeviceId”: “8525f5d8201f78b5”,
“AndroidBoardName”: “msm8994”,
“AndroidBootloader”: “unknown”,
“DeviceBrand”: “OnePlus”,
“DeviceModel”: “OnePlus2”,
“DeviceModelIdentifier”: “ONE A2003_24_160604”,
“DeviceModelBoot”: “qcom”,
“HardwareManufacturer”: “OnePlus”,
“HardwareModel”: “ONE A2003”,
“FirmwareBrand”: “OnePlus2”,
“FirmwareTags”: “dev-keys”,
“FirmwareType”: “user”,
“FirmwareFingerprint”: “OnePlus/OnePlus2/OnePlus2:6.0.1/MMB29M/1447840820:user/release-keys”
}

I’m going to break some of this down line by line.

“AuthType”: “ptc”,

AuthType
This is asking which method of Authorization you want to use, in other words, how you want to login. It can be set to either “ptc” or “google” depending on how you setup your account. PTC stands for Pokemon Trainer Account. You can create a PTC account if you don’t already have one here

.”GoogleUsername”: null,
“GooglePassword”: null,

Here the form is asking for your Pokemon Go accounts Google Login information.
Both the Username and Password should be wrapped in “Quotes” as shown directly below.

.”GoogleUsername”: “Username”,
“GooglePassword”: “Password”,

Tip: Do NOT enter your PTC & Google Account, only enter the login credentials for one of these.

The same rules apply to entering the PTC login info as in the above example for Google.

“PtcUsername”: “Username”,
“PtcPassword”: “Password”,

Proxies
These are all related to Proxy Settings. If you don’t know what these are you can leave them as is. They’re helpful for people running several bots at once from the same IP address in avoiding a ban. You can google or search YouTube for more information about Proxies.

“UseProxy”: false,
“UseProxyHost”: null,
“UseProxyPort”: null,
“UseProxyAuthentication”: false,
“UseProxyUsername”: null,
“UseProxyPassword”: null,

Now for the part I’m sure most you were waiting for…

Device Info
Let’s start with the Device ID, because I’m going to break this down into two simple steps.

“DeviceId”: “8525f5d8201f78b5”,

Above we can see the default “DeviceId”, this is probably going to get you banned 100% if you use it, and the fact that changing it wasn’t an option in the initial setup has me very worried for many users. And is why I’m working on automating this process. But for now let’s change this using either of the steps below.

I don’t have an Android Device
If you don’t have an android device don’t worry, just fake the info using the guide below.
You will of course sill need a Device ID, so let’s grab that before you continue.

[Missing information to be updated soon! – Sorry]

I have an Android and would like to get the devices “Android ID”
Getting the Android ID is simple!
In the Google Play Store search for and download “Device ID” by “Redphx”, it’s FREE!
Once you have it installed simply launch the app, and your “Device ID” will be listed right at the top in plain sight.

Now that you have a Device ID let’s move on..
Again below we have the default settings, and again we should really change these to something more unique to help avoid increasing our chances of a ban.

“AndroidBoardName”: “msm8994”,
“AndroidBootloader”: “unknown”,
“DeviceBrand”: “OnePlus”,
“DeviceModel”: “OnePlus2”,
“DeviceModelIdentifier”: “ONE A2003_24_160604”,
“DeviceModelBoot”: “qcom”,
“HardwareManufacturer”: “OnePlus”,
“HardwareModel”: “ONE A2003”,
“FirmwareBrand”: “OnePlus2”,
“FirmwareTags”: “dev-keys”,
“FirmwareType”: “user”,
“FirmwareFingerprint”: “OnePlus/OnePlus2/OnePlus2:6.0.1/MMB29M/1447840820:user/release-keys”

Using the site https://www.androiddevice.info/devices we can get all the data we need for editing our auth.json file. Simply visit the site and search for your device. Keep the search as simple as possible or your device may not show up. Instead of searching for “Samsung Edge 7” try searching for “G935” which the part of the model number. You can find your devices model number (Device Codename) in the app “Device ID” I listed and linked to above, or under the battery or in Settings > About Phone > Model Number.

Tip: If you can’t find your device listed just use the info from a similar device.

Now let’s finish this thing and get botting!
As you can see below I’ve filled in on each line the name of the field you should look for to find this information. Some devices have the bootloader listed, most I came across don’t. You can leave this set to unknown or search for it using your Google Skills.

“AndroidBoardName”:”ro.product.board”‘
“AndroidBootloader”: “unknown”,
“DeviceBrand”: “ro_product_brand”,
“DeviceModel”: “ro.product.device”,
“DeviceModelIdentifier”: “ro_build_display_id”,
“DeviceModelBoot”: “ro_boot_hardware”,
“HardwareManufacturer”: “ro.product.manufacturer”,
“HardwareModel”: “ro.product.model”,
“FirmwareBrand”: “ro.product.name”,
“FirmwareTags”: “ro_build_tags”,
“FirmwareType”: “ro_build_type”,
“FirmwareFingerprint”: “ro_build_fingerprint”

Happy Botting!
– DNA64
twitter.com/DNA64

HOW TO: Format a troublesome USB stick in Windows with DISKPART

If there’s anything I love about windows, it’s the command line!

If you find yourself dealing with a USB stick that just wont mount, has multiple partitions, or among other things won’t format this might just save your sanity.

HOW TO: Format a troublesome USB stick in Windows with DISKPART

(FOLLOW THIS GUIDE AT YOUR OWN RISK! I’M NOT RESPONSIBLE FOR ANY OF YOUR ACTIONS OR THE ACTIONS OF OTHERS FOLLOWING THIS GUIDE)

Step 1) Open a CMD window.

Click on the Windows “START” button, and in the search box type “cmd“. You should see “cmd.exe” appear at the top of the list under programs. Right Click it and select “Run as administrator”.  Click “Yes” if/when promoted. You should now see a terminal window pop up on your desktop.

Step 2) Using DISKPART

What is it? diskpart is a command-line disk partitioning utility and is the successor to fdisk.

Type “DISKPART” (Not case sensitive) and press “ENTER” on your keyboard. With DISKPART now running type “list disk“. Locate the USB drive you want to format. I’m using an 8GB USB by Kingston for this example and it shows up as “Disk 3” “7500 MB” (Remember 1,024MB = 1GB, and formatting requires some use of the available space).

Now type “select disk x” (x being the number that is your USB stick, mine is 3 yours may be different). It will then tell you “Disk x is now the selected disk.” at which point you can type “clean“. You should see a message stating that “DiskPart succeeded in cleaning the disk.” At this point windows doesn’t know the capacity of the drive because we haven’t created a partition, so we need to fix that. Type in “create partition primary” and press “ENTER”. At this point you can now close the command window and format the USB stick as you normally would in Windows by right clicking on the drives icon and selecting “FORMAT” from the drop down menu.

Questions? Comments? Your feedback is welcome! Let me know if I helped, it motivates me to post more guides like this =)

 

 

Unlocking Hidden Games in the C64.app

JAILBREAK OPTIONAL 🙂
If your device is Jailbroken you’ll find it much easier to use my FreePlay64 Program available in Cydia from my Repo. You can also unlock and install individual games from my repo as well once I finish uploading the packages.

The following Guide will help you to install hidden games already included in the C64.app.
These games are in double zipped packages and multiple folders. We will need to extract the contents of the zips and move some files into the main folder and optionally enable the keyboard by editing the gameInfo.plist included in the package. You can enable/disable the keyboard in the settings.

This guide has been tested on a Non-Jailbroken iPhone 4 and iPhone 4s with the latest C64.app (v2.2.10) and iOS 5.0. Please report any issues if any with other iDevices, Thank you.

Unlocking Hidden Games in the C64.app
Guide by: DNA (AKA DNA64) 01/02/2012

First off, let’s make sure you have all the tools necessary to perform the preceding tasks.

iExplorer (MAC & PC) – FREE (Needed to Read/Write files to your iDevice)
iExplorer, formerly called iPhone Explorer, lets you use an iPhone or iPad in disk mode, like a flash drive. iExplorer is an iPhone browser or iPad file explorer that runs on Mac & PC that lets you browse the files and folders on your iPhone as if it were a normal USB flash drive or pen drive. You can use the easy drag-and-drop methods to add or remove files and folders from the iPhone.
http://www.macroplant.com/iexplorer/

7-Zip (Mac, PC & More!) – FREE (Needed to Extract .zip files)
7-Zip is a open source file archiver with a high compression ratio.
http://www.7-zip.org/download.html

 (In simple terms for those of you that think like myself, simply extract the packages and move the images into the main folder containing the rom image, then drag and drop it into: “C64C64.appgames” using iExplorer. You may need to restart before the games show up.)

To Begin:
Connect your iDevice to your system and open iExplorer.

Click on the iDevice listed that you want to connect to in order to expand the menu and then click on “Apps” and find “C64” then “C64.app”. Now scroll down the list until you find the zipped game packs. (Example: com.manomio.C64.airwolf.zip) Create a new folder on your Desktop called “games” Select all the games packs you want to install and drag them to the games folder you just created on your Desktop. Now extract these zip packages, for example extracting the Airwolf file listed just above would give you a new folder named “com.manomio.C64.airwolf“. Looking in this folder we can see two files, “airwolf.sign” and “airwolf.zip“. The *.sign file isn’t needed so you can go ahead and delete this for all the games. Now extract the “airwolf.zip” and you’ll have a new folder called “airwolf”, inside that folder are two more folders, “Airwolf” and “images”. Copy everything from within the “images” folder to the main game folder, in this case “Airwolf”. Now Drag & Drop this folder back into iExplorer in the following directory: “C64C64.appgames”. Just repeat these steps for all the games you want to install and then launch the C64.app & Enjoy! (Make sure the app isn’t running in the background, if it is, kill it, and re-open it to see the newly added games, or just reboot your iDevice.)

Fin.

For those of you that prefer a step by step guide you can use the following.

Step 1:
Connect your iDevice and launch iExplorer (Link Above)

Step 2:
Click on the iDevice listed that you want to connect to in order to expand the menu and then click on “Apps” and find “C64” then “C64.app”. Now scroll down the list until you find the zipped game packs. (Example: com.manomio.C64.airwolf.zip)

Step 3:
Create a new folder on your Desktop called “games”.

Step 4:
Select all the games packs you want to install and drag them to the games folder you just created on your Desktop.

Step 5:
Now extract these zip packages, for example extracting the Airwolf file listed above in step 2 would give you a new folder named “com.manomio.C64.airwolf“.

Step 6:
Looking in this folder we can see two files, “airwolf.sign” and “airwolf.zip“. The *.sign file isn’t needed so you can go ahead and delete this for all the games.

Step 7:
Now extract the “airwolf.zip” and you’ll have a new folder called “airwolf”, inside that folder are two more folders, “Airwolf” and “images”.

Step 8:
Copy everything from within the “images” folder to the main game folder, in this case “Airwolf”.

Step 9:
Now Drag & Drop this folder back into iExplorer in the following directory: “C64C64.appgames”.

Step 10:
Just repeat these steps for all the games you want to install and then launch the C64.app & Enjoy! (Make sure the app isn’t running in the background, if it is, kill it, and re-open it to see the newly added games, or just reboot your iDevice.)

How To: Toggle the screen glare on/off

This is guide is going to be short and sweet for now.

This guide will show you how to remove the frame and disable or change the glares effect.

In the C64.app folder on your iPhone or iPod Touch you will find the following images.

Rename the above images to anything you like to disable them.

– The overlay2.png file is what I assume to be the old overlay image. You can enable it by renaming it to “newoverlay_interlaced.png”. This will give you a darker overlay on the upper part of the screen where the glare was. To be honest I think both overlays are an eye sore and have removed the overlay altogether.

The custom “newoverlay_interlaced.png” image above was provided by Mackie and he was kind enough to share it here with us all. If you would like to download the custom image please save the image from the link below.