Difference between revisions of "OpenHAB - Man in the middle attack"

From Embedded Lab Vienna for IoT & Security
Jump to navigation Jump to search
Line 26: Line 26:
As one can see, we can see in plain text the numbers for color, saturation and brightness. And we see every PUT message send whenever we change something.
As one can see, we can see in plain text the numbers for color, saturation and brightness. And we see every PUT message send whenever we change something.


[[File:Example.jpg]]


=== Step 2 ===
=== Step 2 ===

Revision as of 17:55, 16 July 2019

Summary

The results of our Man in the middle attack on OpenHAB.

Goal

To perform a Man in the Middle attack via arp spoofing between a Hue bridge and a computer and capture the traffic send between OpenHab and the bridge to control a wireless light.

Used Software

You can find our documentation about installing OpenHAB here Install OpenHAB.

Used Hardware

Philips Hue White and Color Ambiance Single LED-Bulb E27 10W

Philips Hue Bridge 2.0, Frequencies 2400-2483.5 MHz

Capturing traffic before the Attack

Before we performed the Man in the Middle attack, we performed a wireshark capturing directly on the host camputer which was using OpenHab.

As one can see, we can see in plain text the numbers for color, saturation and brightness. And we see every PUT message send whenever we change something.

Example.jpg

Step 2

Make sure to read

  • War and Peace
  • Lord of the Rings
  • The Baroque Cycle


References