The document discusses reverse engineering IoT devices like a Syska smart light bulb using free and open source software. It explains that the light bulb communicates over Bluetooth Low Energy using GATT profiles and characteristics that can be analyzed with tools like Wireshark. By analyzing the packet values, which represent RGB color values between 0-255, the presenter was able to determine the light bulb's communication protocol and develop code to control the bulb.

1. REVERSE ENGINEERING IOT DEVICES
USING FOSS
@iAyanPahwa/iayanpahwa

2. @iAyanPahwa/iayanpahwa
‣ Embedded Software Engineer by profession
‣ FPV Drone racer
‣ Content creator and Tech blogger https://iayanpahwa.github.io
‣ Intrigued by everything related to IoT, 3D printing, AI, Wearable
electronics, Cyber forensics, Automation, Programming etc.
KNOW THE PRESENTER

3. IOT DEVICES

4. IOT DEVICES

5. @iAyanPahwa/iayanpahwa
Reverse Engineering?

6. @iAyanPahwa/iayanpahwa
Syska Smart light bulb

7. @iAyanPahwa/iayanpahwa
Syska Smart light bulb

8. COMMUNICATION PROTOCOL

9. BLUETOOTH
BT - Bluetooth Classic (< 4.0)
BLE - Bluetooth Low Energy (> = 4.0)
GAP - Generic Access Profile
GATT- Generic Attribute
Classes - Definition and inheritance
Characteristics - User defined functionalities

10. NRF CONNECT
MAC ID

11. NRF CONNECT
GATT

12. NRF CONNECT
Characteristics

13. NRF CONNECT

14. NRF CONNECT
https://www.bluetooth.com/specifications/gatt/services

15. NRF CONNECT

16. NRF CONNECT
EXPECTATIONS

17. NRF CONNECT
REALITY

18. NRF CONNECT
LEGENDS

19. NRF CONNECT
LEGENDS

20. WHAT TO DO NOW?

21. WHAT TO DO NOW?

22. WHAT TO DO NOW?

23. WHAT TO DO NOW?
btsnoop_hci.log

24. WIRESHARK

25. WIRESHARK

26. PACKET ANALYSIS
Value: 00100006000a03000101000025ff00000000
Value: 00110006000a030001010049ff0000000000
Value: 00120006000a0300010100ff000000000000
Value: 00130006000a030001010049ff0000000000
Value: 00140006000a03000101000025ff00000000

27. PACKET ANALYSIS
Value: 00 10 000 6000a0300010100 0025ff 00000000
Value: 00 11 000 6000a0300010100 49ff00 00000000
Value: 00 12 000 6000a0300010100 ff0000 00000000
Value: 00 13 000 6000a0300010100 49ff00 00000000
Value: 00 14 000 6000a0300010100 0025ff 00000000

28. PACKET ANALYSIS
RED GREEN BLUE
2^8 = 256 (0 to 255) or (0x00 to 0xff)

29. PACKET ANALYSIS
Value: 00 25 ff
Value: 49 ff 00
Value: ff 00 00
Value: 49 ff 00
Value: 00 25 ff
X

30. PACKET ANALYSIS
Value: 00 25 ff
Value: 49 ff 00
Value: ff 00 00
Value: 49 ff 00
Value: 00 25 ff
X

32. CMON IT’S JUST A BULB

35. @iAyanPahwa/iayanpahwa
DEMO

36. @iAyanPahwa
/iayanpahwa
https://iayanpahwa.github.io/Reverse-Engineering-IoT-Devices/