tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

tablets in hotel rooms

From: Michael Richardson <mcr () sandelman ca>
Date: Fri, 11 Mar 2016 13:53:49 -0500
https://mjg59.dreamwidth.org/40505.html

        "I managed to borrow a couple of USB ethernet adapters, set up a
        transparent bridge (brctl addbr br0; brctl addif br0 enp0s20f0u1;
        brctl addif br0 enp0s20f0u2; ifconfig br0 up) and then stuck my
        laptop between the tablet and the wall. tcpdump -i br0 showed
        traffic, and wireshark revealed that it was Modbus over TCP. Modbus
        is a pretty trivial protocol, and notably has no authentication
        whatsoever. tcpdump showed that traffic was being sent to
        172.16.207.14, and pymodbus let me start controlling my lights,
        turning the TV on and off and even making my curtains open and
        close. What fun! "





--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr () sandelman ca  http://www.sandelman.ca/        |   ruby on rails    [

_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Previous By Date Next
Previous By Thread Next

Current thread: