Hi
I have a device which is controlled from a smart phone application via a password-free WPA connection.
I'd like to intercept the traffic between my smart phone and the device and see if I can write an API to control the device without the developers application
The device sets up a WPA wireless network without a password and hands out a single IP - any additional connections do not receive an IP.
I was able to connect a laptop to the device and nmap it. it only has tcp/50007 open
I was considering setting up a MITM device which uses one NIC to connect to the device and another to mock the WPA connection. I should then be able to Wireshark or tcpdump the traffic to/from the device
Before I embark on building a raspberry pi with the wifi devices - is there a better way? Is there a reliable way to intercept the password-less WPA traffic directly between the application and device?
Maybe a cheap rooted android device running the app would be easiest?
[link] [comments]
from hacking: security in practice https://ift.tt/kfXnDvb
Comments
Post a Comment