Follow

I spent all day looking for vulns in a IoT clothes dryer. What did I find?

* HTTPS to talk to backend service
* XMPP w/ STARTTLS to steam events
* Cert pinning so no MitM
* Android app obfuscated w/ no obvious backend URLs or certs
* Dryer runs an AP for initial setup w/ DHCP and HTTPS servers
* That HTTPS requires auth with a password printed on a label near the door

Best I could do was get the DHCP server to serve the same IP to every request.

Well done GE.

@kc8apf any word on how LG appliances fare? Asking for a friend.

@kc8apf well shit. A loud "Ping!" at the end of the cycle would be a lot simpler than all that.

@progo
But how would you live without your dryer ordering more dryer sheets from Amazon automatically? *eyeroll*

Sign in to participate in the conversation
mastodon.cloud

Generalistic and moderated instance.