From Light to Router: Reversing an IoT Smart Switch

[Music] welcome to my talk um it's about so smart home devices are very interesting uh often times they'll have like a server they're communicating with um and some fun stuff happens if you can impersonate that server uh very stuff in this case this is a story of how I basically in order to learn Hardware hacking I took apart a device gradually reverse engineered it and found an issue that allowed me to flash new firmware on it and in the end of the day uh as long as I have access to the device this works without any user interaction whatsoever pretty cool I think talk is from like to router reverse in in iot Smart Switch I'm Cameron hell and like I

mentioned I'm new to Hardware hacking this was basically the first project I did kind of learn things figure it out uh turned out to work out really well and I think it's very approachable for people um doesn't necessarily cost too much so I encourage you to start trying it yourself I'm going to mention some of the info gather ing techniques that I use to basically learn more about the device uh some of the information that I found during that um various lessons and failures that I went through and some useful tools cuz let's just say when soldering on a small device uh there's a lot of room to go wrong also this is uh this gave me new

found trust isssues um developers lie the PCB lies uh not nice to figure out so starting out what is the target um my target was this orvibo A10 uh Smart Switch it's has Wi-Fi capability can integrate with Alexa it has an app has a wireless switch it was super cheap so I thought hey I'm starting out I want to get something cheap so I don't feel bad when I inevitably break like four or five of them so yeah um before I get into that I'd like to mention a shortcut that's very helpful what my friends ended up telling me about this it's um this FCC uh ID database and any device that's basically sold with uh wiress

capabilities as long as it transmits something um it's required to be registered and on the product you can usually see this FCC ID that I outlined in red here uh look that up it'll give you a bunch of like various external photos internal photos like tear Downs that way when you're trying to tear it apart yourself you kind of know what you should be looking out for before you uh ruin things so in order to tear down this device as you can see it's a um it's a small box uh this is a light switch so it just connects to your wall runs on 110 volts um I didn't want to use the uh that 110

volts to power it um I my first time was very afraid that I might burn something down uh so I just tore it apart immediately um all it took was some guitar picks some screwdrivers just had to jam it in there and gradually yank things apart there were a couple of radio wires there which um the first time I ended up ripping off but uh after doing it once it was easy enough to yank it out without having to worry about that so what chips is this device running well um you wouldn't expect much it's just a simple light switch it has some automation um why is it Runing so much who knows so it has a a

7129 this is a receiver chip for radio just a radio signal um and it's running at 92.8 MHz the issue you'll find if you just look up the chip is that it says it's running at 915 but through fcc.io you can look it up see that they're actually running it at this frequency which helps when you're trying to use an SDR to read the the signal so there's also a C90 uh 7 B2 uh this is the chip that just turns the device on and off um wasn't able to find much information about it but a cool thing was the device still worked even after I had ripped off the next chip I'm going list uh which is an esp32

C3 fn4 um this chip would was it was shielded and on the shield it said like o32 C3 um yeah so looking that up obviously no results but um the first thing I decided to do I decided to take a look at the wireless remote it's uh running the A7 329 this is the transmit chip that pairs with the other one I mentioned earlier the signal didn't mean much to me I used my hacker F and a universal radio hacker to try and decipher it uh it should be just a simple command being sent the remote bottom left is very simple you can see the board and then the thing in the middle that's just uh give it power

it's one of these things that every time you turn it on and off it self Powers it but this was my one of my first failures um the data didn't mean anything to me I couldn't decipher it I looked a bunch of things up didn't really go anywhere so since I can't do much with that chip I decided I should look at the ports on the board what do I have access to um if I power this thing uh you can find out that if you connect like you test V and the specific pins on the bottom that's it's getting power from from the uh little Transformer board that's underneath this thing you can figure out that uh what the

ground pins are and then you can figure out VCC which is 3.3 volts uh because it's an esp32 didn't want to use too much otherwise you know I'd burn the thing out which would not be good um so the B the left ports the gtrv right over here you can see um those are actually connected to the c97 B2 the chip that turns the thing on and off I tried measuring them with an oscilloscope um that didn't really give me much of a result I didn't really see a signal at all um I was kind of at a loss there but the right ports are also labeled um mentions WL boot s swd clock s swd iio um and s swd is single wire

debug so it's like um JTAG but you just you only need two connections instead of like four plus um and when I'm not sure quite how to connect connect everything um yeah this kind of makes things easier I want to take the easiest route I can um I connected s swd clock and S swd iio up to oscilloscope I noticed some signal there and yeah I decided to look closer into that so now that I know it's a single wire debug um what do I do I buy a just there cheap jlink mini clone um the real jlink mini very expensive um if you try to get it and it's not like the edu version um I didn't feel like that was

necessarily worth it for me so I just went with a knockoff that worked kind of with open OCD uh it didn't have any documentation but when I tested it with the with the device um didn't really get any information out um checked multiple configs uh I tried to get configured to work with J tag but all of the pins I tried no luck um I assumed I had a bad connection kept trying to fix that spoiler it didn't work so since I knew that the device might not be um that o32 C3 that they mentioned I wanted to figure out what it actually was running um turns out one of the Amazon responses on their product

page actually mentioned that it was an ESP 32 um I originally doubted that cuz it said s swd iio and the esp32 doesn't support that um that seemed kind of weird to me so I tore it off um just used some wire cutters there was a small like Circle there just kind of chipped at that and gradually yanked it off uh I'm surprised this wor worked without breaking everything um you can actually see on the image right here that there 's a tiny little scratch in the top right yeah I kind of hit that with the wi Cutters but it still worked it's still communicated over Wi-Fi I got lucky there so what can the esp32 C3 do um it

has uh USB to JTAG controller um which you can use there's two pins you have to connect to that data Plus data minus line um has GPI openin for two to three different Ur interfaces runs on 3.3 volts supports JTAG um and then for the default ESP 32 configuration it will spit out some messages on boot um like specifically what version of the software it's running anything the vendor has done um there's even like some debug messages for specific variables iess it another nice thing was that um there was a lot of documentation for this device uh it's basically meant for makers so there's a lot of resources you can use to figure out how to work with

it here are some of the links and I have the pinout which uh you probably can't read but it turns out that the top two right pins are uh the data Plus data minus lines that I'm going to attempt to connect over USB so I tried connecting to these pins um the first time I did it by soldering I just add a normal normal soldering iron normal tip just the standard one that came with the hako um and I was actually able to connect the wires to the chip on the side there but um one tip that you might want for whenever you're doing this is use some hot glue after you finish soldering it soldering it um otherwise you might

rip it out while you're trying to fix things uh as you can see there there's a small black area between the silver pads and that are the ones I soldered to and yeah that's where I ripped the pad off completely time for a new W so um I still wanted to map out this chip kind of figure out how the outside pins go to the inner ESP 32 um and what I did for that was I had some help used a hot air gun to remove the subboard there um and the bottom pads as you can see they're a lot bigger a lot there's no risk of me uh destroying anything there well ideally but um this lets me test the

connections and kind of map out uh which pins I have access to without doing anything funny um surprisingly enough after I yanked it off there's two buttons on the side there um that still work for turning the switch on and off so you lose Wi-Fi but uh if for some reason you still want to use it yeah it works so the next thing I need to do is attempt to talk to this device um I need to get some information out need to find something interesting I'm trying to hack it I'm not trying to just understand it I want to make it do something cool so this is why I have many many backups um thankfully I had some other test

equipment that made things e easier there's these um Pogo pin connectors called um uh PCB PC bite makes them they have like little Poco pin connectors you can sort of set them up to just gradually Place uh little connections on a circuit without having to solder anything this is absolutely great for me I suck at soldering uh anything to avoid it is good um and then along with that I also used my multimeter for checking connections to things uh my flipper zero I actually used that for art communication and to power the device uh bit bit of a waste for something so expensive but you know I had it I decid to use it um there's cheaper options

like the um bus pirate but one thing I noticed with that one was uh I would get a message that it was having a brown out every once in a while so it wasn't able to deliver enough power um if you get one of those make sure to test it make sure everything you know Powers properly so now that I'm retesting pins um what is the PIN to get boot messages out um turns out it's s swdi uh that's not single wire debug it's just the transmit pin for the boot messages it's art zero on the esp32 um there's more pins available for like JTAG USB I kind of discounted those cuz I didn't want to connect to like five

six things at a time um there was painless to change the boot mode I actually used that to flash the old firmware on it back after ID exploited it so I could try it again without having to buy another one cuz the firmware I flashed didn't have an update functionality not the best idea but it's why I had available so I connected it to USB I was looking for that J tag again just cuz I I wanted to get some more information I wanted to dump the firmware this way um I connected it to this USB adapter and when I connected that to my computer on Windows device descriptor not recognized and windows gave me no

useful information um yeah not great and then I can't even pass it through to anything because Windows doesn't recognize it enough for it to work in a VM or anything so yeah but thankfully like I mentioned earlier the s swdi that was actually the transmit message the UR this is where um boot logs are being printed to um and one of the things you can see here is that the device is um actually running you can see the or vibo like variables here um it might be kind of hard to read for those on the back but has things like the router you're connected to the password for that router uh bunch of different stuff like

that um useful information but if you have physical access like that's not that interesting yet want to do this remotely so in order to get the firmware off it I was attempting to actually communicated with it and I assumed that the swd clock was going to be transmit uh it turned out that was connected to the receive pin on the esp32 but every time I attempted to send anything to it it just crashed and gave me this G meditation error um the signal across it was like constant it was kind of interesting there so it may have really been clock was kind of slow so I'm not 100% sure what was going on but I thought this was kind of

cool so one of the other things that showed up in the boot log messages was actually one command where it lists the download uh URL for the firmware update um and as you can see this is being served over http uh not great um you could man in the middle and try to swap that out which um unfortunately does not work because it does do a small check not the best check by checks the md5 sum really only useful for detecting corruption but now that I have the uh firmware I decide to reverse this try and find more information here um maybe I can find some something that accepts a command maybe I can start executing codon this

something like that just remotely and for this um always always double check the tech docs uh there are a lot of tools for uh reversing the esp32 like firmware on it um none of them were useful for me because they changed their archit Ure um it was using risk 5 IMC instead of the old version which used extensa all of the old tools were using extensa um so I wasn't able to get anything interesting out of that there um but with a specific loader I was able to at least get something and then um another person helped me with actually a conversion script that allowed me to read everything in gidra just fine as long as I S to risk 5

IMC and that's kind of hard so one of the things you can just try is just run strings on it um it actually led me to some interesting locations uh there was a bunch of like directory structure for how they built the thing people's file paths um there was also this tiny CLI module by Chris swong and uh that actually led to a GitHub link that was another piece for another piece of or vibo software that didn't quite help me in this case but could have been a nice route so since both of those routes kind of LED with nothing um one of the things I wanted to do was I got an esp3 do

devit use this to kind of figure out how does this work normally what am I expecting here how do I flash stuff to it how do I read from it what can I possibly update on this thing and I set up the esp32 devit as just a man of the M server um it was my router I connected to and then uh through that I was able to just read all these messages here um and one of the tools I used was mhx to check like the received data versus the sent data kind of diff these from each other and one interesting thing I noticed was um there was this 16 by block that was the same

in the middle of some encrypted data uh not exactly something you would expect but upon researching it a bit more turns out it was running AES 128 in ECB mode so another nice mistake there um give me gave me an idea of what to look for specifically when I looked at the firmware itself in gidra um once I opened that up I kind of looked for a large switch case block here um and that's where it was processing all the messages that came from the server uh one of the things that happened to help me a lot here was the ESP IDF has a bunch of strings defined in it and through that that you can cross

reference those to the firmware image you downloaded and look for the update command there's an OTA update command that the tech docs mentioned there thankfully that helps a lot and I noticed that there was a key being referenced inside the uh data for processing these messages well that key was very nice um it was the encryption key they were using for all initial traffic and that key is the same for every single device they they they do one nice thing the initial communication is um with that key and then they set it to a dynamic key that the server sends you but you can go back to that initial key at any time by just pretending you're

disconnected so you set up your own server you you got some commands you can send now um thankfully there was someone who had already done this for just the off andon functionality of the the various or or vibo products um and I modified that added the key that I found and used that to find this update command it was command 76 which gives a URL and the mt5 sum to compare it against so I modify that to whatever I want for the software that I'm using and here we go um it was hacked we have rout we turned it into a [Applause] router unfortunately um I was not able to flash it back before the talk here but I have a video

here so in the top left we have my fake or vibo server that's running this is what's going to be sending the messages to the device in the middle on the left I have the HTTP server that's hosting the download uh this download is a esp32 natat router that I modified a bit bottom left we have DNS mask so I can take over uh the domain for it and you can see it is now in the process of updating on the right there's a specific um counter it's going up it reports that back to the server every time you can see that on the left just going up now it's fully updated esp32 is starting back up

again and if you'll notice here we have we have ESP 32 net router running on the switch that was originally just meant to turn off and on the lights so one one of the other nice things here is you can actually use this this to go back and um grab the router's password and the SS ID and connect back up to that Network and forward that on to yourself outside um it's nonvolatile storage it persists after it flashes so kind of nice there very useful these slides will be available after but I listed off um some of the tools I used uh basically because I I I think it's nice just to have an idea of everything you need to get

started in one place um these are basically the various options I used you can use something else that's cheaper but I kind of want to make that available to people so where are some important takeaways from this um for attackers red team someone looking to get into Hardware hacking um you should always take shortcuts the fcci ID tear Downs that's good great uh strings all good um if you're in doubt of anything skim the tech docs uh reading them fully is good but personally I never have enough time for that so I look for what I need just skim it yeah and then I test out on like Dev boards and stuff um other thing use the

right tools uh if something's going to make your life easier just go for it um soldering can be hard it'll destroy things uh if you're as bad as it as me so yeah and for blue team like Defenders if you're making a Dev device here uh one of the things the esp32 allows is uh signed images you can use secure boot on it um you should do that just don't let people you know flash whatever they want on your device without any interaction there should at least be some sort of confirmation from the user if there is but yeah another thing just AES that's that's not actually enough um your keys should be unique they shouldn't be like the same

across every single device one person just has to make a small investment get your key off one device to compromise a whole network of like thousands of these things that's not great um and then finally just follow the tech docs they have recommendations inside them this one in particular that even told you don't use HTTP for updates make sure you actually assign things and yeah it's great and that's my talk any questions

yes did you just lose this or get any bug b or anything um maybe from this company they might not care but yeah they're um kind of they had a recent big breach uh that was in the news yeah yeah um I did disclose it to them and they asked for some more details I provided them but after that nothing really yeah so yes you flip back to the pictures of the board yeah did that's obviously you are did yes was there any traffic on that yes um I I looked at it um I was trying with like just the oscilloscope while I powered up to see if I saw any signal at all there

was nothing there at least during the operations I had it doing so it might be communicating like when the remote was there but at the time I didn't have that yes so what are some of the practic Practical implications of what you covered in terms of like every we talking someone could exploit these in Mass yes obviously you could steal the SSID and the pass codes of some of networks if you have the system you know we feel piece of these or you bought one use or things like that what are sort of types of scenarios would you uh all out is like the top two yeah so um if you buy these used well your home network

information's on it uh another thing that was on it was actually your or Vio account so someone could use that to get into your account afterwards um it's a nice one uh turns out some other things in terms of exploiting this if they ever let their domain laps you can basically instantly compromise every single device that checks in at once that's also uh another thing that makes this at least a little bit less of an issue is you already have to be able to man in the middle of someone to exploit this yes do you know how often it checks in for updates and uh well I think I recall it checking in for updates basically every time it

booted up um I never left it connected long enough to actually see if it like keeps doing that afterwards but if it will lose the connection it will start trying to initiate that connection with the server again so you can use that to take down the connection and then restart it well so alsoo so they basically hardcoded the URL to get their update no the URL wasn't hardcoded in there um that just gets updated every time like it has so it has an update um it will store that last update URL and through the boot messages it will show that to you so presumably they could have additional updates in the future yes to make

adjustments at patch yes some of this yes um and they've had at least last time I looked they had like at least a couple patches like every two three months so things are getting patched whether this exact issu is actually patched um I currently don't know so if you have them uh maybe disconnect them from your

network until it runs Doom how long till it run I I think there's probably doom on esp32 already so could do it uh the interesting thing would be like if you could do something funny with the light just yeah Power start yeah um I I don't think uh so like in terms of handling power it won't at least as far as I know uh there's nothing you can do that's dangerous there uh more testing is probably good but uh definitely a valid thing to worry about that's a good question I can post them on my GitHub afterwards if you saw the email earlier it's uh corvid Aon I'll just use that same one uh there

might be someone at the okay it'll be uploaded as well yeah on the YouTube channel do you have any future projects with this specifically or you going move on project for this or um for this device specifically no uh however one thing I'm currently interested is uh there's an iot telescope I'm kind of curious what I could do with that how would you uh if you were behind the software team this G how would you patch this vulnerability do you think it is patchable um so I think one thing they need to do is they'd have to redesign like their back end cuz the server that's communicating with it it assumes that they will be using that same key

every time uh one of the things I noticed while I was researching this as well was this key has actually been in use since at least 2019 um once I found it I ended up searching for it and I found an old uh there was like a Chinese CTF where they were doing some iot and they listed it there for $12 you know um that's a lot of work to manage e yeah and ISS device andic associated with it yeah so in that case since it um it might not be like financially good to have to manage all that uh one of the other things they can do is just enable secure boot on the

device and have a signature there that hopefully they don't release so they don't end up getting compromised uh if you don't have the signature you can't boot the image and yeah thank [Music] [Applause] [Music] you