Difference between revisions of "OpenHAB - Man in the middle attack"
Jump to navigation
Jump to search
Line 26: | Line 26: | ||
As one can see, we can see in plain text the numbers for color, saturation and brightness. And we see every PUT message send whenever we change something. | As one can see, we can see in plain text the numbers for color, saturation and brightness. And we see every PUT message send whenever we change something. | ||
[[File: | [[File:Traffic_before_attack.png]] | ||
=== Step 2 === | === Step 2 === |
Revision as of 17:56, 16 July 2019
Summary
The results of our Man in the middle attack on OpenHAB.
Goal
To perform a Man in the Middle attack via arp spoofing between a Hue bridge and a computer and capture the traffic send between OpenHab and the bridge to control a wireless light.
Used Software
- Cain & Able https://www.chip.de/downloads/Cain-Abel_17043501.html
- OpenHAB https://www.openhab.org/
You can find our documentation about installing OpenHAB here Install OpenHAB.
- Wireshark https://www.wireshark.org/
Used Hardware
Philips Hue White and Color Ambiance Single LED-Bulb E27 10W
Philips Hue Bridge 2.0, Frequencies 2400-2483.5 MHz
Capturing traffic before the Attack
Before we performed the Man in the Middle attack, we performed a wireshark capturing directly on the host camputer which was using OpenHab.
As one can see, we can see in plain text the numbers for color, saturation and brightness. And we see every PUT message send whenever we change something.
Step 2
Make sure to read
- War and Peace
- Lord of the Rings
- The Baroque Cycle