Obtain Mi Home device token


  • administrators

    转自: https://github.com/jghaanstra/com.xiaomi-miio/blob/master/docs/obtain_token.md

    Use these methods to obtain the device token for the supported miio devices.

    Method 1 - Nodejs Command Line Tool from the miIO Device library
    The author of the miIO Device Library which is used by this Homey app has also created a nodejs command line tool for retrieving device tokens. Please follow the steps in these instructions to retrieve the token for the supported miio devices. Be aware that some devices hide their token after the device has been setup in the Mi Home app. Retrieving tokens for these devices will not work with this method but require method 3.

    Method 2 - Packet Sender Tool
    During setup of Mi Home devices the device tokens an be retrieved by sending a ping command to the device. This method uses a tool called Packet Sender which you will need to download. Choose the portable version which does not require installation.

    Download the portable version of Packet Sender.
    Reset the device following the instructions from the device manual, this usually means holding one or two buttons for 10 seconds. This will reset all device settings including the Wi-Fi settings.
    After reset the device will create a it's own Wi-Fi network. This network will have a name related to the device and is used for configuring the device but will also allow us to retrieve the token. Connect to this Wi-Fi network with your computer which has Packet Sender running.
    Open Packet Sender and enter the following details.
    HEX: 21310020ffffffffffffffffffffffffffffffffffffffffffffffffffffffff
    IP: 192.168.8.1
    Port: 54321
    Protocol dropdown: UDP
    Click send and the device will respond with an answer which contains the unique device token. In the last 16 bytes (32 characters) of the devices response is the device token. Copy and save it somewhere.
    Disconnect your computer from the devices network, you can now use the Mi Home app to setup the device and connect it to your Wi-Fi network.
    Method 2b - netcat and Wireshark / tcpdump
    Like above you can also use this shell command to send the magic package:

    echo -ne '\x21\x31\x00\x20\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff' | nc -u 192.168.8.1 54321
    While running this you have to listen with Wireshark or tcpdump for UDP packages sent as anser by the robot. Extract the last 16 bytes of the answer and convert them to a (32 characters) hexadecimal string using xxd -p.

    Method 3 - Obtain Mi Home device token for devices that hide their tokens after setup
    Use these methods to obtain the device token for devices that hide their tokens after setup in the Mi Home App (like the Mi Robot Vacuum Cleaner with firmware 3.3.9_003077 or higher).

    Android users
    Rooted Android Phones
    Setup your Android device with the Mi Home app
    Install aSQLiteManager on your phone
    Use a file browser with granted root privilege and browse to /data/data/com.xiaomi.smarthome/databases/
    Copy miio2.db to an accessable location
    Open your copy of miio2.db with aSQLiteManager and execute the query "select token from devicerecord where localIP is '192.168.0.1'" where you replace the IP address with the IP address of the device you want to get the token from. It will show you the 32 character device token for your Mi Home device.
    Non-Rooted Android Phones
    Setup your Android device with the Mi Home app
    Enable developer mode and USB debugging on your phone and connect it to your computer
    Get the ADB tool for Windows: https://developer.android.com/studio/releases/platform-tools.html
    Create a backup of the Mi Home app: .\adb backup -noapk com.xiaomi.smarthome -f backup.ab
    On your phone you must confirm the backup. Do not enter any password and press button to make the backup
    Get ADB Backup Extractor and install it: https://sourceforge.net/projects/adbextractor/
    Extract all files from the backup on your computer: java.exe -jar ../android-backup-extractor/abe.jar unpack backup.ab backup.tar
    Unzip the ".tar" file
    Open /com.xiaomi.smarthome/database/miio2.db with a SQLite browser (for instance http://sqlitebrowser.org/)
    Execute the query "select token from devicerecord where localIP is '192.168.0.1'" where you replace the IP address with the IP address of the Mi Home device you want to get the token from. It will show you the 32 character device token for your Mi Home device.
    iOS users
    Non-Jailbroken iOS users
    Setup your iOS device with the Mi Home app
    Create an unencrypted backup of your iOS device on your computer using iTunes. In case you are unable to disable encryption you probably have a profile preventing this that enforces certain security policies (like work related accounts). Delete these profiles or use another iOS device to continu.
    Install iBackup Viewer from here.
    Navigate to your BACKUPS and find the name of your iOS device in the list. Open this backup by clicking the triangle in front of it and then click on raw data.
    Sort the view by name and find the folder com.xiaomi.mihome and highlight it (it's somewhere at the end). After highlighting it click on the cockwheel above the results and select "Save selected files" from here and choose a location to save the files.
    Navigate to the com.xiaomi.mihome folder which you just saved somewhere and inside this folder navigate to the /Documents/ subfolder. In this folder there is a file named _mihome.sqlite where your userid is specific for your account.
    Open this file with a SQLite browser (for instance http://sqlitebrowser.org/)
    Execute the query "select ZTOKEN from ZDEVICE where ZLOCALIP is '192.168.0.1'" where you replace the IP address with the IP address of the Mi Home device you want to get the token from. It will show you the 32 character device token for your Mi Home device.
    The latest Mi Home app store the tokens encrypted into a 96 character key and require an extra step to decode this into the actual token. Visit this website and enter the details as shown below: ** Input type: text
    Input text (hex): your 96 character key
    Selectbox Plaintext / Hex: Hex
    Function: AES
    Mode: ECB
    Key (hex): 00000000000000000000000000000000
    Selectbox Plaintext / Hex: Hex
    Hit the decrypt button. Your token are the first two lines of the right block of code. These two lines should contain a token of 32 characters and should be the correct token for your device.
    Jailbroken iOS users
    Setup your iOS device with the Mi Home app
    Use something like Forklift sFTP to connect to your iOS device and copy this file to your computer: /var/mobile/Containers/Data/Application/<>/Documents/USERID_mihome.sqlite (where UUID is a specific number for your device)
    username: root
    IP address: your phones IP address
    password: alpine (unless you changed it something else)
    Open this file with a SQLite browser (for instance http://sqlitebrowser.org/)
    Execute the query "select ZTOKEN from ZDEVICE where ZLOCALIP is '192.168.0.1'" where you replace the IP address with the IP address of the Mi Home device you want to get the token from. It will show you the 32 character device token for your Mi Home device.
    The latest Mi Home app store the tokens encrypted into a 96 character key and require an extra step to decode this into the actual token. Visit this website and enter the details as shown below:
    Input type: text
    Input text (hex): your 96 character key
    Selectbox Plaintext / Hex: Hex
    Function: AES
    Mode: ECB
    Key (hex): 00000000000000000000000000000000
    Selectbox Plaintext / Hex: Hex
    Hit the decrypt button. Your token are the first two lines of the right block of code. These two lines should contain a token of 32 characters and should be the correct token for your device.


  • administrators


  • administrators

    必须切换到旧版本米家,最新版本数据为空

    https://github.com/rytilahti/python-miio/issues/185