There are quite a few devices on the market that have a Raspberry Pi as their core, and having become the proud owner of a solar roof, [Paolo Bonzini] found him self with the Intrade ENR-DTLA04DN datalogger who — let’s just say, had some signs, and at FOSDEM 2023, told us all about it. Installed under the promise of local logging only, the datalogger gave its nature with a power brick emblazoned with the Raspberry Pi logo, a spec sheet identical to that of the Pi 3, and the MAC address of the Raspberry Pi Foundation. This spec sheet also mentioned a MicroSD card – which eventually died, prompting [Paolo] to remove the cover. He threw away the faulty SD card, then replaced it – and put his SSH keys on the machine while he was at it.
At this point, Entrade no longer offers devices with local recording, only a cloud recording option – free, but only for five years, clearly not an option if you like your home cloud-free; Local recording was not without flaws either, and thus, the device was worth exploring. A quick peek at the file system and I found two large, statically bundled binaries, and
strace It gave him a way to spy on the RS485 communications between the datalogger and the roof-coupled solar inverter. Next, dig into the diodes, and collect information on how that device does its job. Previously, he found that the device presented an undocumented API over HTTP while connected to his network, and comparing the API’s work with the data inside the binary got him some good results – but not enough.
The main binary is determined to be Go code and [Paolo] He shows us a step-by-step explanation of how to reverse engineer such diodes in
radare2with a small set of tricks to boot – for example, capturing an output
strings to GitHub URLs to see which libraries are used. In the end, after reverse engineering the protocol, it is completely rewrote the program, Without the previous annoying bugs, and integrated into the home MQTT network that HomeAssistant works with. As a bonus, he also showed us the datalogger’s main PCB, which turned out to be a curious innovation – doesn’t spoil the surprise!
We imagine this search is not only useful when you’re faced with the death of someone similar to a datalogger, but also useful for those who find themselves at the mercy of a sham-free cloud logging plan and want to opt out. Solar technology seems to be an area where Raspberry Pi boards and proprietary interfaces are not uncommon, which is why we’re seeing hackers reverse engineer solar-related devices – for example, check out this exploration of a solar inverter proprietary protocol for data To get out of it, or reverse engineer a decommissioned but perfectly healthy solar inverter software to get the service menu password.
“Writer. Friendly troublemaker. Lifelong food junkie. Professional beer evangelist.”