1. Welcome to our site! Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.
    Dismiss Notice

decode some TCP packets

Discussion in 'IoT - Internet of Things' started by Dr_Doggy, Jan 30, 2018.

  1. Dr_Doggy

    Dr_Doggy Well-Known Member

    Joined:
    Aug 11, 2007
    Messages:
    1,730
    Likes:
    37
    so im trying to find the command string to flip a switch via wifi on an existing device that uses cell phone app, I have also found a guy who did exe code for win7 using mswinsck.ocx ... both stay inside lan when switching. and there is not much security since in the software all i had to enter is the ip

    wemo123 are packets sniffed via the cellphone app.

    http://download.cnet.com/Wemo-Control-Center/3000-2084_4-76170560.html
    is where i got the pc software which works and has a bit of a readme file that describes what he did

    shark1 is the wireshark export i captured on the PC where threads 0-2000 occurred to turn the switch off and packets 2000 - 4000 were to turn the switch back on.

    I know there is a simple string command for doing this, just not sure where its hiding in the bytes and how exactly to send it. I figure it will be TCP since again in the software he uses mswinsck.ocx

    I think this may be the command line:
    SOAPACTION: "urn:Belkin:service:basicevent:1#SetBinaryState"\r\n
    but still cant plug it in
     

    Attached Files:

  2. Nigel Goodwin

    Nigel Goodwin Super Moderator Most Helpful Member

    Joined:
    Nov 17, 2003
    Messages:
    39,556
    Likes:
    690
    Location:
    Derbyshire, UK
    ONLINE
    If you google, there's WEMOS/ESP8266 code to emulate the Belkin Wemo, probably easier to get what you want from that source code?.

    I did a couple to play with a few weeks ago (just out of interest) - they worked fine (just switching the on-board LED) from Alexa.
     
  3. Dr_Doggy

    Dr_Doggy Well-Known Member

    Joined:
    Aug 11, 2007
    Messages:
    1,730
    Likes:
    37
    oops well actually i have the real wemo and tryin to emulate the software

    Although I followed some of your links and found the command string i was looking for to send down the pipe.
    this is the one that turns things on!:



    private void button2_Click(object sender, EventArgs e)
    {
    int port = 49153;
    String ip = "192.168.100.204";
    int switchState = 1; // 1 turns switch on, 0 turns switch off
    AsynchronousSocketTCPClient.AsynchronousSocketTCPClient2 httpss = new AsynchronousSocketTCPClient.AsynchronousSocketTCPClient2();
    httpss.StartClient(setupHTTPpackage(switchState), ip, port);
    }

    private string setupHTTPpackage(int switchState)
    {
    String data = "";
    String data1 = "";
    data1 += "<?xml version=\"1.0\" encoding=\"utf-8\"?><s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><s:Body><u:SetBinaryState xmlns:u=\"urn:Belkin:service:basicevent:1\"><BinaryState>"
    data1 += "" + switchState;
    data1 += "</BinaryState></u:SetBinaryState></s:Body></s:Envelope>" + "\r\n"; // Use HTML encoding for comma's

    data += "POST /upnp/control/basicevent1 HTTP/1.1" + "\r\n";
    data += "Content-Type: text/xml; charset=utf-8" + "\r\n";
    data += "SOAPACTION: \"urn:Belkin:service:basicevent:1#SetBinaryState\"" + "\r\n";
    data += "Connection: keep-alive" + "\r\n";
    data += "Content-Length: ";
    data += data1.Length + "\r\n";
    data += "\r\n";
    data += data1 + "\r\n";
    data += "\r\n";
    return data;
    }


    so thanks!!
     
    Last edited: Feb 1, 2018
  4. dave miyares

    Dave New Member

    Joined:
    Jan 12, 1997
    Messages:
    2
    Likes:
    -10


     
  5. Pommie

    Pommie Well-Known Member Most Helpful Member

    Joined:
    Mar 18, 2005
    Messages:
    10,660
    Likes:
    409
    Location:
    Brisbane Australia
    Out of curiosity, where does the post get sent? If it's just on a local network then it goes to the local ip address (192.168.n.n etc.). However, can't these be accessed from anywhere? If so, is the socket visible on the web? Does the post go via a server somewhere? Just trying to figure it out as I'm currently playing with IOT and haven't got past the local only stage.

    Mike.
     
  6. Dr_Doggy

    Dr_Doggy Well-Known Member

    Joined:
    Aug 11, 2007
    Messages:
    1,730
    Likes:
    37
    i cleaned above post for winC#
    this command goes direct via lan, there is no real security aside from my router, yes for now, for my use, it is local IP connection.

    but if i understand the WEMO android app it detects if im on my lan or not then links me to a cloud which holds my device public ip so i can connect to the wemo from other lans .. . i did not check up on the security behind things but there were a few posts on the web about it being not so good, not sure if they improved it since a few years ago... also i see talk about UpNp but idk exactly wat that is.

    I have found little difference when programming LAN & WAN, there is not much difference but when i did switch my server to work on WAN, I did have to leave a port open on the router's firewall ... in fact if i recall there was no change in code at all except ip in client.

    mind you I also got code on server to log ip's if some one does try attack i will see it fast as it is custom software for only a few client devices ... not sure exactly how hackers can see data packages and why encryptions are requ'd .. . and other security things i should prolly know about
     
    Last edited: Feb 1, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice