Comments (12)
i'll get my crash sorted, and come back to you with a proposal in a week or so :)
from atc1441.github.io.
Hey.
The key is generated actively while connected to the thermometer, it is a random key but with handshake, so its not possible to just calculate a new one with the mac. Also it is timingly important that it will be directly activated otherwise the thermometer goes into timeout.
from atc1441.github.io.
yep, proposing to send the mac so the page know to filter to that specific one :). Relying on the PC doing the activation being in range of the same sensor.... so exactly what you do - just delivering the key to where it is needed directly. The only use interaction needed should be to give permission in the browser?
love the code - must have taken some determination to work out what to do!
just ordered two on Amazon; I have earlier non-encrypted models, but need to diagnose a BLE crash in tasmota on this sensor anyway.
from atc1441.github.io.
Ok got what you meant.
Filtering should be easy with a simple http argument. Extracting the key could be done via an iframe
And yes that was the hardest AES encryption I ever "hacked"
from atc1441.github.io.
hi atc1441,
odd question:
Is there any indication that these MI devices could forward advertisments received? It seems strange that the ads would contain the MAC in the service data, and there is reportedly a 'mesh' flag in the header bytes?
from atc1441.github.io.
Hey. In general this is possible and the TLSR8251 also has it advertised as a feature so i am not shure
Only thing that speaks against it is the battery, i am not shure if a mesh is a good idea on battery powered devices as the would need to listen all the time for the data.
Maybe there are different devices that can do it and they use the protocoll.
Also when including the mac in the advertising it is simpler to parse that data, no need to handle where it is from.
from atc1441.github.io.
hi atc1441,
ok, I now have a Tasmota which puts up a link when the sensor is encrypted, and we don't have a key.
the link is currently:
https://atc1441.github.io/TelinkFlasher.html?mac=A4C1387FC1E1&cb=http%3A%2F%2F192.168.1.212%2Fmikey
and it can take a callback by navigating to (the address in 'cb' plus query string with key and mac):
http://192.168.1.212/mikey?key=c18844d4b0c71fde41166465127c4728&mac=A4C1386A1E24
so, before I embark on a modified version of the flasher html, I note the comment
#enable-experimental-web-platform-features may be needed to read MAC
Do you think it is possible to almost completely automate the procedure?
br,
Simon
p.s. hoverboards? - haha! I was going to say 'look up bipropellant' - but I see you already use it - the project I started :).
from atc1441.github.io.
Hey, that looks like a good way to get into TelinkFlasher and back out of it, what still is needed for the user is to click on the correct BLE device in the Search selector as for security reasons that can not be automated.
And yes the MAC problem may still be there :-/ i tried to get the mac somehow but it was not possible to pull it into javascript without experimental features enabled.
it looks like WebBluetooth does not really plan to activate the Mac feature as most devices these days use fake MACs to prevent tracking.
So it would be possible to click on the Telink flasher link, it will open the BLE device searching on its own and the user has to click on the correct one, then it will activate it on its own and goes back to Tasmota with the new key
To the Hoverboard, yes the bipropellant firmware was just the most advanced of them all :) i think we even wrote already on that because i made an Arduino version of the Protocol side to use it there, but dont know for shure anymore its a bit longer ago :D to many project in between.
... found it bipropellant/bipropellant-hoverboard-firmware#57 (comment) and here bipropellant/bipropellant-hoverboard-firmware#36
:)
Have a great day.
from atc1441.github.io.
I was looking for an aduino compat lib for phail's esp32 code.. so will look at yours (& add as a private driver in tasmota...!!!).
We MAY be able to have the user connect, and then wait for an advert - because they contain the MAC!
Will have a think & a play with your HTML, and let you know how it goes.
br, s
from atc1441.github.io.
The problem on the Advertising will be that its not really possible to listen for them in WebBluetooth as well :-/
from atc1441.github.io.
my first attempt:
https://github.com/btsimonh/atc1441.github.io
you can see it in operation here with a query string:
https://btsimonh.github.io/atc1441.github.io/TelinkFlasherTasmota.html?mac=A4C1387FC1E1&cb=http%3A%2F%2F192.168.1.212%2Fmikey
I have not tested the flashing yet. May be good to have some links to 'known' firmwares, and even a link to 'restore original'.
from atc1441.github.io.
Q: the name is not writable. Would the hardware be capable of storing a name change?
from atc1441.github.io.
Related Issues (3)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from atc1441.github.io.