Continue to Site

Welcome to our site!

Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

  • Welcome to our site! Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

decode some TCP packets

Status
Not open for further replies.

Dr_Doggy

Well-Known Member
so im trying to find the command string to flip a switch via wifi on an existing device that uses cell phone app, I have also found a guy who did exe code for win7 using mswinsck.ocx ... both stay inside lan when switching. and there is not much security since in the software all i had to enter is the ip

wemo123 are packets sniffed via the cellphone app.

https://download.cnet.com/Wemo-Control-Center/3000-2084_4-76170560.html
is where i got the pc software which works and has a bit of a readme file that describes what he did

shark1 is the wireshark export i captured on the PC where threads 0-2000 occurred to turn the switch off and packets 2000 - 4000 were to turn the switch back on.

I know there is a simple string command for doing this, just not sure where its hiding in the bytes and how exactly to send it. I figure it will be TCP since again in the software he uses mswinsck.ocx

I think this may be the command line:
SOAPACTION: "urn:Belkin:service:basicevent:1#SetBinaryState"\r\n
but still cant plug it in
 

Attachments

  • shark1.zip
    1.8 KB · Views: 322
  • wemo123.txt
    1,011 bytes · Views: 320
If you google, there's WEMOS/ESP8266 code to emulate the Belkin Wemo, probably easier to get what you want from that source code?.

I did a couple to play with a few weeks ago (just out of interest) - they worked fine (just switching the on-board LED) from Alexa.
 
oops well actually i have the real wemo and tryin to emulate the software

Although I followed some of your links and found the command string i was looking for to send down the pipe.
this is the one that turns things on!:



private void button2_Click(object sender, EventArgs e)
{
int port = 49153;
String ip = "192.168.100.204";
int switchState = 1; // 1 turns switch on, 0 turns switch off
AsynchronousSocketTCPClient.AsynchronousSocketTCPClient2 httpss = new AsynchronousSocketTCPClient.AsynchronousSocketTCPClient2();
httpss.StartClient(setupHTTPpackage(switchState), ip, port);
}

private string setupHTTPpackage(int switchState)
{
String data = "";
String data1 = "";
data1 += "<?xml version=\"1.0\" encoding=\"utf-8\"?><s:Envelope xmlns:s=\"https://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"https://schemas.xmlsoap.org/soap/encoding/\"><s:Body><u:SetBinaryState xmlns:u=\"urn:Belkin:service:basicevent:1\"><BinaryState>"
data1 += "" + switchState;
data1 += "</BinaryState></u:SetBinaryState></s:Body></s:Envelope>" + "\r\n"; // Use HTML encoding for comma's

data += "POST /upnp/control/basicevent1 HTTP/1.1" + "\r\n";
data += "Content-Type: text/xml; charset=utf-8" + "\r\n";
data += "SOAPACTION: \"urn:Belkin:service:basicevent:1#SetBinaryState\"" + "\r\n";
data += "Connection: keep-alive" + "\r\n";
data += "Content-Length: ";
data += data1.Length + "\r\n";
data += "\r\n";
data += data1 + "\r\n";
data += "\r\n";
return data;
}


so thanks!!
 
Last edited:
Out of curiosity, where does the post get sent? If it's just on a local network then it goes to the local ip address (192.168.n.n etc.). However, can't these be accessed from anywhere? If so, is the socket visible on the web? Does the post go via a server somewhere? Just trying to figure it out as I'm currently playing with IOT and haven't got past the local only stage.

Mike.
 
i cleaned above post for winC#
this command goes direct via lan, there is no real security aside from my router, yes for now, for my use, it is local IP connection.

but if i understand the WEMO android app it detects if im on my lan or not then links me to a cloud which holds my device public ip so i can connect to the wemo from other lans .. . i did not check up on the security behind things but there were a few posts on the web about it being not so good, not sure if they improved it since a few years ago... also i see talk about UpNp but idk exactly wat that is.

I have found little difference when programming LAN & WAN, there is not much difference but when i did switch my server to work on WAN, I did have to leave a port open on the router's firewall ... in fact if i recall there was no change in code at all except ip in client.

mind you I also got code on server to log ip's if some one does try attack i will see it fast as it is custom software for only a few client devices ... not sure exactly how hackers can see data packages and why encryptions are requ'd .. . and other security things i should prolly know about
 
Last edited:
Status
Not open for further replies.

Latest threads

New Articles From Microcontroller Tips

Back
Top