removing TLS encryption on an IoT device

Hi,

​

So I have a couple of these ‘smart’ outlets which are basically just a controllable on/off socket connected to the internet, I wanted to now what they’re doing on my network so I ARPspoofed one of them and quickly found out that it was talking to a c&c server on port 8886 whose IP i will not be leaking. The communication between the socket and server is TLS encrypted unfortunately so I can’t see what’s going on there. Something interesting is that using telnet to connect to one of these c&c servers works and after sending some random text they reply with an ‘F’ and drop the connection. I’ve already tried sslstripping with no success (maybe i’m doing it wrong im a noob..). What other ways can I try to see the raw communication? My best guess is prying open one of them and try dumping the firmware through UART and have a look around.

​

Thanks!

submitted by /u/umbrelladog415
[link] [comments]

May 2, 2023
Read More >>