Laste Update: Fri 05 Jun 2020 02:22:05 PM UTC
With hardware, you could intercept traffic.
- Download APK
- Extract
config.arm64_v8a.apkfrom the downloaded APK using a basic unzip app - Extract
lib/arm64-v8a/libappcore.sofromconfig.arm64_v8a.apk(again, using an unzip app) strings -a lib/arm64-v8a/libappcore.so | grep -E "http?"- Notice that there is a URL for https://firmware.meethue.com/v1/checkupdate.
curl -s https://firmware.meethue.com/v1/checkupdate | json_pp -f json -t json -json_opt pretty,canonical,ascii
{
"errorMessage" : "Invalid request",
"errors" : [
{
"location" : "query",
"msg" : "Invalid value",
"param" : "version"
},
{
"location" : "query",
"msg" : "Invalid value",
"param" : "deviceTypeId"
},
{
"location" : "query",
"msg" : "Invalid value",
"param" : "deviceTypeId"
}
]
}- We need to include a
deviceTypeIdand aversionin our request. - Did not find
deviceTypeIdvalues, so OSINT for some information. Archived image - Try: "BSB002" for
deviceTypeIdand "1935144040" forversion...curl -s "https://firmware.meethue.com/v1/checkupdate?deviceTypeId=BSB002&version=1935144040" | json_pp -f json -t json -json_opt pretty,canonical,ascii
{
"updates" : [
{
"binaryUrl" : "https://storage.googleapis.com/firmware-hue/bsb002/1938112040/cd5f00c3-8a9f-40fc-9ee9-2396be3e333a/BSB002_1938112040.product.RSA_prod_01.fw2",
"createdAt" : "2020-05-21T09:16:17.300Z",
"fileSize" : 9462761,
"md5" : "bc17db155965f2aa61d2945f81e45160",
"releaseNotes" : "Hue Bridge software update 1938112040 (1.38 SR4.2) for the square-shaped Hue Bridge v2.\\n\\nThis update provides the following:\\n\\n- Improved performance and reliability of the system\\n- Improved mDNS ompatibility\\n\\nWant to keep your Philips Hue smart lighting system up to date? Enable automatic updates in the Hue app in Settings > Software update > Automatic update. Learn more at www.meethue.com\\n",
"updatedAt" : "2020-05-21T09:16:17.376Z",
"version" : 1938112040,
"versionName" : "1.38.0 SR 4.2"
}
]
}