|
|
|
|
|
|
by pentamassiv
319 days ago
|
|
|
Unless you are using a rooted Android, putting your own certificates on your phone is annoying. They need to be in the system certificate store which is, as far as I know, only possible with a Magisk module. An easier way is to run an Android virtual device with an older Android version on your computer. You can then use some scripts to add the certificates and proxy the traffic to Burpsuite or mitmproxy. That way you also don't have to switch devices. It would also be interesting to use APKLab or Jadx to look at the code of the app. Maybe you can find the key derivation algorithm. The app and the washing machine must somehow generate keys or have pre-shared secrets. If I understand correctly, the app only works if both devices are in the same network? I like that |
|
|