Jibo-Revival-Group/JiboAutoMod
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
3db6de2d2c1a4d5377fd577dc81793c4dfce6df4
JiboAutoMod/README.md
Kevin 3db6de2d2c GUI installer v2
2026-03-21 22:10:13 +02:00

415 lines
11 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Jibo Auto-Mod Tool
**Automatically enable developer mode on Jibo robots**
This tool automates the process of modding a Jibo robot to enable SSH access and developer mode. It works on both **Linux** and **Windows**.
## ⚠️ Warning
**USE AT YOUR OWN RISK!** This tool modifies your Jibo's internal storage. While the process is generally safe:
- **Always keep backups** - the tool creates them automatically
- **Don't disconnect during write operations** - this could brick your Jibo
- **Calibration data is unique** - your backup contains data specific to YOUR Jibo
## Quick Start
### Linux
```bash
# Make the script executable
chmod +x jibo_automod.sh
# Run the tool
./jibo_automod.sh
```
### Windows
1. Install [Python 3.8+](https://www.python.org/downloads/) (check "Add to PATH")
2. Install [MSYS2](https://www.msys2.org/) for build tools
3. Double-click `jibo_automod.bat`
Or use WSL (Windows Subsystem for Linux) and follow Linux instructions.
## Requirements
### Linux
- Python 3.8+
- build-essential (gcc, make)
- libusb-1.0-dev
- arm-none-eabi-gcc (ARM toolchain)
- ~20GB free disk space
**Ubuntu/Debian:**
```bash
sudo apt update
sudo apt install build-essential libusb-1.0-0-dev git python3 \
gcc-arm-none-eabi libnewlib-arm-none-eabi
```
**Arch/CachyOS:**
```bash
sudo pacman -S --needed base-devel libusb git python \
arm-none-eabi-gcc arm-none-eabi-newlib
```
### Windows
- Python 3.8+
- MSYS2 with MinGW-w64 toolchain
- Zadig (for USB driver installation)
- e2fsprogs (provides `debugfs`, used to edit `mode.json` inside the ext filesystem image without mounting)
- ~20GB free disk space
## What Does It Do?
1. **Builds Shofel** - Compiles the exploit tool from source
2. **Dumps eMMC** - Reads the entire 15GB storage (~2-4 hours)
3. **Modifies Partition** - Changes `/var/jibo/mode.json` from "normal" to "int-developer"
4. **Writes Back** - Updates only the modified partition
5. **Verifies** - Reads back to confirm the write was successful
## Usage
### Full Automatic Mod
```bash
./jibo_automod.sh
```
## Optional GUI
The GUI is separate from the CLI tools. You can still run `jibo_automod.sh` / `jibo_updater.sh` directly.
Install GUI deps:
```bash
python3 -m pip install -r requirements-gui.txt
```
Launch main panel (Linux):
```bash
./jibo_gui.sh
```
Launch main panel (Windows):
```bat
jibo_gui.bat
```
### Just Dump (no modification)
```bash
./jibo_automod.sh --dump-only -o my_jibo_backup.bin
```
### Use Existing Dump
```bash
./jibo_automod.sh --dump-path /path/to/existing_dump.bin
```
### Write Pre-Modified Partition
```bash
./jibo_automod.sh --write-partition var_modified.bin --start-sector 0x7E9022
```
### Fast Mode (GPT + /var only)
This avoids the 15GB full dump by reading just the partition table + the ~500MB `/var` partition,
editing `/var/jibo/mode.json`, and writing back only the changed sectors.
```bash
./jibo_automod.sh --mode-json-only
```
If patch-writing is not desired (or your filesystem changes a lot of blocks), force a full `/var` write:
```bash
./jibo_automod.sh --mode-json-only --full-var-write
```
## Command Line Options
| Option | Description |
|--------|-------------|
| `--dump-only` | Only dump eMMC, don't modify |
| `--dump-path FILE` | Use existing dump instead of dumping |
| `--output, -o FILE` | Output file for dump |
| `--start-sector HEX` | Sector for write operation (default: 0x7E9022) |
| `--force-dump` | Re-dump even if file exists |
| `--rebuild-shofel` | Force rebuild of exploit tool |
| `--skip-detection` | Skip USB device detection |
| `--no-verify` | Skip write verification |
| `--mode-json-only` | Fast mode: dump GPT + /var only, patch `mode.json`, write back minimal changes |
| `--full-var-write` | With `--mode-json-only`: write entire /var partition instead of patch-writing |
## Entering RCM Mode
To mod your Jibo, you need to put it in RCM (Recovery Mode):
1. **Locate the buttons:**
- RCM button: Small button under the base
- Reset/Power button: Standard power button
2. **Enter RCM:**
- Hold the RCM button
- Press the reset/power button
- Release both when you see a red LED (no boot animation)
3. **Verify:**
- On Linux: `lsusb` should show `NVIDIA Corp. APX`
- On Windows: Device Manager shows "APX" device
## After Modding
Once the tool completes successfully:
1. Unplug Jibo from USB
2. Hold power button until red LED goes off
3. Power on Jibo normally
4. Wait for boot - you should see a **checkmark** instead of the eye animation
5. SSH into Jibo:
```bash
ssh root@<jibo-ip-address>
# Password: jibo
```
## Updating Jibo (JiboOs releases)
This repo also includes an updater that can pull the latest release from the JiboOs Gitea repo,
then upload the release `build/` overlay into Jibos `/` over SFTP.
### Install updater dependency
```bash
python3 -m pip install -r requirements.txt
```
### Run updater
```bash
./jibo_updater.sh --ip <jibo-ip-address>
```
Windows:
```bat
jibo_updater.bat --ip <jibo-ip-address>
```
Stable-only (ignore prereleases):
```bash
python3 jibo_updater.py --ip <jibo-ip-address> --stable
```
If the release archive layout changes and the tool cant find the `build/` folder automatically,
pass it explicitly (path is relative to the extracted archive root):
```bash
python3 jibo_updater.py --ip <jibo-ip-address> --build-path V3.1/build
```
## Troubleshooting
### "Jibo not found in RCM mode"
- Make sure you're holding RCM button while pressing reset
- Try a different USB cable (data cables, not charge-only)
- On Windows, install WinUSB driver using Zadig
### "Permission denied" on Linux
- Run with sudo: `sudo ./jibo_automod.sh`
- Or add udev rules for the Nvidia APX device
### Windows: mode.json edit fails / raw patch warning
If you see messages about raw edits needing padding, install `debugfs` via MSYS2 so the tool can edit the ext filesystem image safely:
1. Install MSYS2: https://www.msys2.org/
2. In an MSYS2 terminal:
- `pacman -S --needed e2fsprogs`
Then re-run with `--mode-json-only`.
### Build fails
- Make sure ARM toolchain is installed
- On Arch: `pacman -S arm-none-eabi-gcc arm-none-eabi-newlib`
- On Ubuntu: `apt install gcc-arm-none-eabi libnewlib-arm-none-eabi`
### Dump crashes near 99%
- This is often OK - the last partition may be empty space
- Check if your dump file is ~14-15GB, that's probably complete
### SSH connection refused
- Make sure Jibo shows checkmark on boot
- Verify you're using the correct IP address
- Try `ssh -v` for debug output
## File Structure
```
JiboAutoMod/
├── jibo_automod.py # Main tool (Python)
├── jibo_automod.sh # Linux launcher
├── jibo_automod.bat # Windows launcher
├── README.md # This file
├── guide.md # Original manual guide
├── Shofel/ # Shofel exploit source
│ ├── Makefile
│ ├── shofel2_t124 # Built executable
│ └── ...
└── jibo_work/ # Working directory (created)
├── jibo_full_dump.bin
├── var_partition.bin
└── var_partition_backup.bin
```
## Technical Details
### Partition Layout
| # | Size | Purpose |
|---|------|---------|
| 1 | 1GB | System A |
| 2 | 1GB | System B |
| 3 | 50MB | Boot config |
| 4 | 2GB | Root filesystem |
| 5 | 500MB | /var (we modify this) |
| 6 | ~10GB | Data |
### Mode Values
- `"normal"` - Standard Jibo operation
- `"int-developer"` - Developer mode (SSH enabled, services disabled)
## Credits
- Shofel exploit based on fail0verflow's Fusee Gelée
- Katherine Temkin's research on Tegra vulnerabilities
- devsparx for the T124 port
- The Jibo preservation community
CLI Arguments
This page documents the CLI flags for the two main tools:
../jibo_automod.py (installer/mod tool)
../jibo_updater.py (OS updater)
If youre using launchers (.sh/.bat), they forward all arguments through.
jibo_automod.py
Modes (mutually exclusive)
(no mode flag)
Full mod workflow (full eMMC dump, extract/modify/write /var).
--dump-only
Only dump eMMC; dont modify anything.
--write-partition FILE
Write an already-prepared partition image to eMMC.
You must tell it where to write using --start-sector.
--mode-json-only
Fast path:
read GPT (small)
read /var only (~500MB)
modify /var/jibo/mode.json
write back either a patch (default) or full /var
Common options
--dump-path FILE
Use an existing dump file instead of reading from the device.
--output FILE / -o FILE
Output file for dumps.
--start-sector HEX
Start sector for --write-partition.
Parsed with base autodetect (0x... works).
Default is 0x7E9022 (but the full/fast workflows usually compute the start sector from GPT).
--force-dump
Re-dump even if a dump exists.
--rebuild-shofel
Force rebuilding ShofEL (make clean then make).
--skip-detection
Skip USB “is Jibo connected” checks.
--no-verify
Skip verification read-back.
Fast mode options
--full-var-write
Only meaningful with --mode-json-only.
If set: write the full /var partition back (slower).
If not set: compute sector diffs and only write changed ranges (faster).
Examples
Full mod:
python3 jibo_automod.py
Dump only:
python3 jibo_automod.py --dump-only -o my_dump.bin
Use existing dump:
python3 jibo_automod.py --dump-path jibo_work/jibo_full_dump.bin
Fast mode:
python3 jibo_automod.py --mode-json-only
Write a prepared partition:
python3 jibo_automod.py --write-partition var_partition.bin --start-sector 0x7E9022
jibo_updater.py
The updater assumes you already have SSH access to the robot.
Required
--ip <host> (alias: --host)
IP or hostname of your Jibo.
Connection
--user <name> (default root)
--password <pass> (default jibo)
--ssh-timeout <seconds> (default 15)
Release selection
--releases-api <url>
API endpoint for Gitea releases.
--stable
Ignore prereleases.
--tag <tag>
Install a specific tag instead of “latest”.
Archive layout
--build-path <relative/path>
If the updater cant find the build/ folder automatically, specify where it is inside the extracted archive.
Safety / UX
--state-file <path>
Where it remembers the last applied version per host.
--force
Re-download and re-install even if the local state says youre already on that version.
--yes
Dont prompt for confirmation.
--dry-run
Download/extract + connect, but dont upload files and dont touch mode.json.
Returning to normal mode
--return-normal
After update, set /var/jibo/mode.json back to normal (no prompt).
--no-return-normal
Never prompt and never change mode back.
Examples
Update to latest:
python3 jibo_updater.py --ip 192.168.1.50
Stable only:
python3 jibo_updater.py --ip 192.168.1.50 --stable
Specific tag:
python3 jibo_updater.py --ip 192.168.1.50 --tag v3.3.0
Dry run:
python3 jibo_updater.py --ip 192.168.1.50 --dry-run
Reference in New Issue View Git Blame Copy Permalink