DEF CON 26 - Dennis Giese - Having fun with IoT: Reverse Engineering and Hacking of Xiaomi IoT

Find more information on my homepage: http://dontvacuum.me To root your vacuum cleaners: https://github.com/dgiese/dustcloud Documentation of Xiaomi IoT devices: https://github.com/dgiese/dustcloud-d... Slides: https://dontvacuum.me/talks/DEFCON26/... Follow me on Twitter:   / dgi_de   --- While most IoT accessory manufacturers have a narrow area of focus, Xiaomi, an Asian based vendor, controls a vast IoT ecosystem, including smart lightbulbs, sensors, cameras, vacuum cleaners, network speakers, electric scooters and even washing machines. In addition, Xiaomi also manufactures smartphones. Their products are sold not only in Asia, but also in Europe and North America. The company claims to have the biggest IoT platform worldwide. In my talk, I will give a brief overview of the most common, Wi-Fi based, Xiaomi IoT devices. Their devices may have a deep integration in the daily life (like vacuum cleaners, smart toilet seats, cameras, sensors, lights). In particular I talk about the Xiaomi WiFi Speaker, the Lumi Aqara Camera (including 0Day!) and the Xiaomi Mi Robot/Roborock S50 Vacuum cleaner. I will focus on the features, computational power, sensors, security and ability to root the devices. Let’s explore how you can have fun with the devices or use them for something useful, like mapping Wi-Fi signal strength while vacuuming your house. I will also cover some interesting things I discovered while reverse engineering Xiaomi's devices and discuss which protections were deployed by the developers (and which not). Be prepared to see the guts of many of these devices. We will exploit them and use them to exploit other devices.