Data from this issue indicates that the wifi dongle uses a MXCHIP EMW3080-E SOC.
Searches for that model number found a bunch of useful issues, including the MX Guide which contains a list of AT commands that might be supported by the module.
Further digging indicated that Solis has an App that they use to configure the logger, called Solis Cloud
- Decompile the APK using jadx-gui. Look for any hints of bluetooth or wifi connectivity configuration and AT commands
com.ginlongcloud.activity.YJPWYZDeployActivity:
// These are not original names due to decompilation.
public String dongleIP = "10.10.100.254";
public String configPort = "48899";
public String magicString = "WIFIKIT-214028-READ";
public String okRes = "+ok";
public String verRes = "AT+VER\r\n";
public String ssidCmd = "AT+WSSSID=ck01\r\n";
public String sKeyCmd = "AT+WSKEY=WPA2PSK,AES,18881888\r\n";
public String wifiModeStationCmd = "AT+WMODE=STA\r\n";
public String zCmd = "AT+Z\r\n";
public String softApNet = "10.10.100.";This file looks promising.
- Work out how AT commands are sent to the chip to start configuration
com.ginlongcloud.activity.YJPWYZDeployActivity:
public final void DoSend(String str) {
// sendInfo is not important - looks like it might be used for logging
String str2 = "sendInfo: " + str;
new TrySend(str).start();
}<unknown>.<unknown>.<unknown>.SocketHandlerThread:
public void ReceivePacket() {
DatagramPacket datagramPacket = new DatagramPacket(new byte[63], 63);
while (true) {
DatagramSocket datagramSocket = this.socket;
if (datagramSocket == null) {
return;
}
try {
datagramSocket.receive(datagramPacket);
String str = new String(datagramPacket.getData(), datagramPacket.getOffset(), datagramPacket.getLength());
this.recvd = str;
if (!CommandValidator.validate(str)) {
C12627c.m1167c().m1160j(new WIFIEvent(this.recvd)); // Send as WIFI EVENT
}
this.handler.sendEmptyMessage(0);
} catch (IOException e) {
e.printStackTrace();
}
}
}
public void sendPacket(InetAddress inetAddress, int i, String str) {
try {
this.socket.send(new DatagramPacket(str.getBytes(), str.length(), inetAddress, i));
} catch (IOException e) {
e.printStackTrace();
}
}
@Override // java.lang.Thread, java.lang.Runnable
public void run() {
ReceivePacket();
super.run();
}Easy. Plaintext sent over UDP. Unsurprisingly to <dongleIP>:<configPort> or 10.10.100.254:48899.
- Find out if there's any preconfiguration done before sending AT commands
com.ginlongcloud.activity.YJPWYZDeployActivity:
public void InitView() {
super.InitView();
...
SocketHandlerThread socket = new SocketHandlerThread(this.View);
this.socket = socket;
socket.start();
GetCurrentWifiNetworkDetails();
ScanWifiNetworks();
this.command = 1;
DoSend("WIFIKIT-214028-READ");
}That WIFIKIT-214028-READ string looks interesting. It looks like it's sent to the wifi dongle on configPort, and is labelled as command 1.
It also looks like it's sent after the wifi network is reconfigured. So maybe it's a trigger string that needs to be sent before AT commands can be used.
There's also reference to a HF-A11ASSISTHREAD string which upon searching the internet, finds a ton of info including this which goes very in depth on how the discovery / AT protocol system works.
Hello,
I have a Solis HI-6K-48ES-5G-DC and a S3-WIFI-ST.
I would be very interested in making them work with solarman.
So if I can help you in any way, just ask me.