Wednesday, May 18, 2022

RGB Light Bulbs - Finally

 I've gone the rounds with Chinese hardware that is based way too much in the cloud, or with stupid configurations that are supposed to be "easy" but open your phone up to an application that presents your local Wi-Fi configuration to an untrusted application.  (It all started with a Feit Electric RGB light bulb from Costco, and just seemed to get worse from there.)

Then I found an Athom LB01 7 Watt light bulb on Amazon.  It's an E27 format, meaning it plugs into a standard light socket, and is based on the ESP8266 hardware.  That likely meant it was hackable.  So, I ordered two of them.

They shipped from China.  Not a good initial sign, but let's see what this thing has going on.

Starting out, the instructions had this set up list of six steps.  The first step was plug it in and power it up, and then find a new Wi-Fi called "Homekit_XXXX".  This was the first sign of life for these bulbs. That meant that these things were configurable using a web browser on a computer.... so no unsecured, trashy, untrusted phone application requiring access to all my phones data was required.  Woohoo!  Plug that thing in and turn it on.  Yes, indeed.  A new wireless network showed up :

I connected, and ran "ipconfig" to see what the gateway was.

    
    Ethernet adapter Bluetooth Network Connection:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
    
    Wireless LAN adapter Wi-Fi:
    
       Connection-specific DNS Suffix  . :
       Link-local IPv6 Address . . . . . : fe80::f5d9:f994:7e91:6c88%13
       IPv4 Address. . . . . . . . . . . : 192.168.4.2
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 192.168.4.1
    
    C:\Users\Username>
    

So, I see it created a 192.168.4.X network.  I opened the browser and connected.

Then, I found this nifty little tab in the web interface on which a firmware could be uploaded.  On that about page is the MAC address, if you are going to add static DHCP addresses or allow a MAC onto your network.  Make a note of that.

Wait a minute..... that means that I don't even need to break it open to find soldering tabs to re-flash firmware?  Seriously?  This light bulb just got even better.  I have to just try a random firmware.

I grabbed the WLED firmware from some random page (I trust that more than I trust Chinesium, right?), and uploaded it.  It gave me a nice progress bar, and then the bulb turned off and then the browser went into a "can't be reached".  Of course, that thing had to reboot, so I expect that behavior.  I had to reconnect to the new network.

BTW, the default AP mode firmware password is "wled1234".  I'd change that quickly.  In my neighborhood, I may have trained a few neighbor kids to run amok with stuff like this.  Open a web browser tab, and point it to 4.3.2.1 after you've connected to WLED-AP.  The initial page is a classic 80's style look to it.

The first thing to do is click on the WIFI SETTINGS button.

The fields that are critical are the Network name and password, the mDNS address, and the AP SSID and associated password.  Set them properly, and hit save (at the top).

Once you have it configured for your wireless network, get the new IP address for the device, and re-connect once more to the light bulb.  At this point, you will get a green light on the bulb when it is turned on (it might not be on initially - you can flip the power switch on the web interface a few times just to see).

Click on the config button, because we have to make a few changes.  Then, click on "LED Preferences", and (under the Hardware setup), alter the LED outputs.  Change the 1: from WS281x" to "PWM RGB+CCT" (it's an RGB bulb with CCT, controlled via Pulsed Width Modulation), set the color order to RGB, and the GPIO's as 4, 12, 14, 13, and 5.

4 is the red GPIO pin, 12 is the green GPIO pin, and 14 is the blue GPIO pin.  GPIO 13 is the warm white, and GPIO 5 is the cold white pin.  One more thing before you save - toward the bottom is the Relay GPIO - it's set to 12 by default.  Set this to 0 (or clear it) to avoid a conflict.  NOW you can save it (save button at the top, yet again).

You can now use this as needed.  It will remember those settings.  Congrats!  You now have a light bulb that can be put on a network that doesn't have Internet access, further securing your system!


No comments:

Post a Comment