I plugged the above assembly in
and the USB serial device instantiated as COM3. I then opened a
session of Putty, but the result was an hour of unsuccessful attempts
to communicate with the ESP-01S. I tried changing the baud rate,
but that lead to confusing cases of seeing garbled characters being
echoed. Finally, out of desperation, I started sending all the
control characters from Ctrl-A onwards and as soon as I hit Ctrl-J, the
ESP-01S replied with an "OK"! It turns out that I need to send
CR-LF to terminate every line. Surprisingly, there is
no way
to tell Putty to do this. One needs to manually send a Ctrl-J
after every line. As a result, I would later switch from Putty to
Tera Term, a much more capable serial comm app.
Use as Access Point (AP Mode)
In this scenario, the ESP-01S
acts as an Access Point, and a client/user can connect to it directly
by selecting it as a Wi-Fi server. The user can then use
something like 'telnet' to exchange data/commands with the embedded
processor.
I started by entering
these commands (leading dash not sent):
- AT+CWMODE_DEF=2
- AT+CWSAP_DEF="ESP","12345678",5,3
Which sets up an Access Point in the ESP-01S named "ESP".
Checking for access points with my phone, I could see this was
successful, as I now saw "ESP" among the available ones. The
strength was surprisingly high considering such a tiny antenna, and I
could see it with strong signal from two floors away in my home.
I then sent the following commands:
- AT+CIPMUX=1
- AT+CIPSERVER=1,333
Which sets up a server in the ESP-01S at port 333. I then
connected to the ESP access point with my computer, and ran a telnet
client using "Tera Term" to connect to 192.168.4.1 (the IP address of
the AP), and at port 333. The connection was accepted and I see
"0, CONNECT" on the USB interface. This means that a client of ID
0 has connected. When I
type "HELLO PIC" on the telnet client, I see from the USB serial port:
+IPD,0,11:HELLO PIC
The 0 is the link ID (multiple connections possible), and the 11 means 11 characters (including trailing CR-LF) received.
This demonstrates a successful transfer of data from the telnet client
to the USB interface!
Next, I typed on the USB interface:
- AT+CIPSEND=0,10
And received the "OK" reply. This shows the ESP-01S is ready to
accept 10 characters. I then typed some random keys, prompting a
short message to pop up and then "SEND OK" from the USB
interface. I then saw the characters appear on the telnet client
Tera Term. This confirms two way messages!
This experiment also works on my iOS phone using the app called "Telnet Lite".
One thing to note is that after a few minutes of no activity, the ESP-01S closes the connection, and the client window closes.
Use as Station (Station Mode)
My second effort was to use the
ESP-01S in Station mode. This is
for example where the embedded processor acts as a client by connecting
to an Internet connected access point and then to a remote mail server
to send email. In this instance the embedded processor can be
some dedicated device that sends out data regularly.
To start, I connected to my home WiFi access point:
- AT+CWMODE=1
- AT+CWJAP_DEF="ARUBA","PASS"
Where, "ARUBA" is the name of the Access Point with password
"PASS". This produced the reply "WIFI CONNECTED, WIFI GOT IP,
OK", showing that the connection was successful.
I could then do things like query the obtained IP address for this Station:
- AT_CIFSR
Reply was
+CISFR:STAIP,"192.168.1.42"
+CISFR:STAMAC,"d8:bf:c0:fd:9c:56"
OK
And do a PING:
- AT+PING="www.baidu.com"
Reply was:
+73
OK
The next thing to do is to open a TCP connection to the mail server and
send an email. Due to the complex exchange this section is
arranged as a table and I used a Tera Term macro to send these
exchanges. The macro file contents is in the left column and the
response is on the right.
Macro File Line (.ttl)
|
Response (ESP-01/Mail Server)
|
;Connect to server | send
'AT+CIPSTART="TCP","MAIL.SERVER.COM",25' | send 13 | pause 2 |
|
| CONNECT | OK | +IPD,25:220
server.com ESMTP |
|
;HELO exchange | send 'AT+CIPSEND=6' | send 13 | pause 1 | send 'HELO' | send 13 | send 10 | pause 1 |
|
| AT+CIPSEND=6 | OK | > | Recv 6 bytes | busy s... | SEND OK | +IPD,19:250
server.com |
|
;Sender | send 'AT+CIPSEND=30' | send 13 | pause 1 | send 'MAIL FROM:<EDS@EDCHEUNG.COM>' | send 13 | send 10 | pause 1 |
|
| AT+CIPSEND=30 | OK | > | busy s... | Recv 30 bytes | SEND OK | +IPD,8:250 ok |
|
;Receiver | send 'AT+CIPSEND=27' | send 13 | pause 1 | send 'RCPT TO:<ED@EDCHEUNG.COM>' | send 13 | send 10 | pause 1 |
|
| AT+CIPSEND=27 | OK | > | busy s... | Recv 27 bytes | SEND OK | +IPD,8:250 ok |
|
;Start payload | send 'AT+CIPSEND=6' | send 13 | pause 1 | send 'DATA' | send 13 | send 10 | pause 1 |
|
| AT+CIPSEND=6 | OK | > | busy s... | Recv 6 bytes | SEND OK | +IPD,14:354 go ahead |
|
;Message body | send 'AT+CIPSEND=16' | send 13 | pause 1 | send 'From: "PIC" <>' | send 13 10 | pause 1 |
|
| AT+CIPSEND=16 | OK | > | Recv 16 bytes | SEND OK |
|
|
send
'AT+CIPSEND=24' | send 13 | pause 1 | send 'Subject: PIC message' | send 13 10 13 10 | pause 1 |
|
AT+CIPSEND=24 | OK | > | Recv 24 bytes | SEND OK |
|
|
send
'AT+CIPSEND=18' | send 13 | pause 1 | send 'Hello iPhone!' | send 13 10 | send '.' | send 13 10 | pause 1 |
|
AT+CIPSEND=18 | OK | > | Recv 18 bytes | SEND OK | +IPD,28:250 ok
1678571532 qp 44918 |
|
|
|
;Disconnect | send 'AT+CIPSEND=6' | send 13 | pause 1 | send 'QUIT' | send 13 10 |
|
|
|
| AT+CIPSEND=6 | OK | > | Recv 6 bytes | SEND OK | +IPD,19:221
server.com | CLOSED |
|
The resulting email from the above exchange looks like this in Outlook:
The email sent via the ESP-01S
The reference that was very useful is
here. It was indespensible to learn the step by step exchange needed to talk to an SMTP server.
Finally to conclude the email request, disconnect from the Access Point:
- AT+CWQAP
Reply was "WIFI DISCONNECT OK"
The second part of Station Mode is to pull data, such as from a web
server. For my exercise, I chose to pull from a non-SSL server
such as shortcutmania.com.
This website was useful for me to figure out the message exchanges. The commands sent are as follows:
Macro file line (.ttl)
|
Response (ESP-01/Mail Server) |
;Macro file to fetch from web server
;Connect to server
send 'AT+CIPSTART="TCP","SHORTCUTMANIA.COM",80'
send 13
pause 1
;GET exchange
send 'AT+CIPSEND=16'
send 13
pause 1
send 'GET / HTTP/1.1'
send 13
send 10
pause 1
;HOST exchange
send 'AT+CIPSEND=30'
send 13
pause 1
send 'Host: www.shortcutmania.com'
send 13
send 10
pause 1
;FILE exchange
send 'AT+CIPSEND=42'
send 13
pause 1
send 'http://www.shortcutmania.com/default.htm'
send 13
send 10
pause 1
|
AT+CIPSTART="TCP","SHORTCUTMANIA.COM",80
CONNECT
OK
AT+CIPSEND=16
OK
>
busy s...
Recv 16 bytes
SEND OK
AT+CIPSEND=30
OK
>
Recv 30 bytes
SEND OK
+IPD,1460:HTTP/1.1 200 OK
(large amount of http data follows)
|
Use as Telnet Server connected to the Internet
In this scenario, the ESP-01S connects to an Internet connected access
point and with an entry in the latter's forwarding table, is available
to be connected via a remote Telnet session.
The list of commands to do this is as follows:
AT+CWQAP
-- disconnect (in case connected)
AT+CWMODE_DEF=1
AT+CWJAP_DEF="AP5","PASS" -- connect
AT+CIFSR
-- checks IP address
AT+CIPMUX=1 -- enable connections
AT+CIPSERVER=1,333 -- telnet server on port 333
-- typical data rx
+IPD,0,1:t
-- from connection 0, number of chars
+IPD,0,1:e
+IPD,0,1:s
+IPD,0,1:t
+IPD,0,2:
-- typical send
AT+CIPSEND=0,7
-- send 7 chars to connection 0
hello<cr><lf>
AT+CWQAP
-- disconnect FROM AP
Since this processor is Internet connected, it is of course advisable
to implement a password scheme in the commands so that someone doing a
port scan of the IP address from the Internet cannot simply connect and
activate something.
In conclusion, I found the exercise of using the ESP-01S quite
rewarding once I figured out the new-line and carriage return
issues. It was helpful to use Tera Term in telnet mode to emulate
the serial terminal method of poking at the servers.
First use of WiFi Interface: Internet connected relay
I had a need to reset a PC remotely and I figured this was a good
candidate. The board is shown below with the ESP-01S
circled. The main processor is a FLASH microcontroller running at
20Mhz. Serial traffic between the WiFI module and the micro is
monitored by a serial connection to a local PC (black DB9 on bottom
left). The PC connection is able to see the characters that are
sent back and forth and is able to send characters to the
ESP-01S. I found this to be extremely useful during
debugging. That serial merging network is shown on the DIP
header, and was still in some state of flux when this image was shot.
The relay that is controlled is on the right, near the grey pair of
wires. These wires are simply connected to the Power button of
the PC. By setting up a port forward in my home router, I can
reach this from the Internet, and after entering a password, I can send
a command to cycle the relay. The micro set the ESP-01S up as a telnet
server after connecting to my home router.
I could have of course used a commercial Internet connected relay, but
resetting and powering up a PC requires a particular series of timed
ON/OFF cycles, and I felt it was more secure for me to build my own
instead of worrying about back doors of a commercial unit.
Internet connected relay device.
Flipper Zero interface for the ESP-01S
Another way to connect to the ESP-01S is via a
Flipper Zero multitool. The idea came from
Speexvocon,
and although two years old already and much of the features of this
configuration have been taken over by other projects, I thought it was
still worthwhile to build the interface so I could tinker with it.
The Gerbers for the interface board are available, and I used an
online viewer to take this snapshot:
I initially made a wrong guess about the "Prg EN" button
but viewing the layout helped me figure it out.
ESP-01S interface board (white - hand wired) plugged into my Flipper Zero.
The two buttons are Reset (left) and Program Enable (right).
Once the interface board and ESP-01S are plugged into the Flipper
Zero, you can make use of some custom firmware and flipper apps combos. Make sure you follow
the instructions
to press the Program Enable and Reset buttons and also power down the
Flipper as the 3.3V is not switched on the interface.
There is a convenient
web flasher that
has three firmware versions equipped that allows you to flash the
ESP-01S via the flipper plugged into a USB port on the host PC.
With Sequoaia San's Wifi Scanner loaded on the ESP-01S, you run the
Flipper app "[WiFi] Scanner" (in the GPIO section of Unleashed).
It will scan for nearby access points and show their signal
strength. You can then walk around and locate them. I had
no
luck with Spacehuhn's Deauther for ESP-01. Running "[ESP8266]
Deauther"on the Flipper caused it to hang in the Initialize
section. The third option in the web flasher is for the
ESP-12.
I think I can also use
serial Flipper scripts to send commands to the standard firmware (AT
commands). More to follow on that method.
Project Log