Sony Personal Web Server

💰 Intro - Inexpensive device

The Sony personal web server is an interesting device. It is a self contained web server that is battery powered. You plug a USB storage device or a SD card into it, and you can then connect to it wirelessly and access / store files on it.

Originally it cost upwards of $80. Currently it can be purchased for $10. At such a price, it is a tempting target for repurposing. It runs Linux internally. With some effort it should be possible to hack the device and make it do more than its original purpose.


A teardown of the device reveals that it contains a Ralink RT5350 chip. It contains a 360 MHz MIPS24KEc CPU core. The flash memory/firmware of the device is a ESMT F25L64QDA chip. It is 8MB. The SDRAM memory chip in it is a M12L2561616A-6T, which is 32MB and runs at 166MHz. As far as raw specs go, it is not very powerful.

⛏ Hacking

Through a combination of running NMAP, decompiling the Android app that works with the device, and reading comments of people online, the following can be discovered:

Reading up online, there are many wireless devices running this same CPU. Supposedly terminal access is enabled on the CPU by default, and you can gain shell access to the device by soldering to the correct points.

Teardown of the device shows many test points. They are helpful labelled 'TP' on the board. There are 6 primary ones that are likely the serial console. It is not clear which pins are which. It would be necessary to desolder the BGA CPU and do connectivity measurements to determine easily exactly which test point is which.

The flash chip is pretty standard. In theory it could be desoldered and dumped to see exactly what code is running on the thing. That could then be studied to gain a higher level of access to the device.