Note: Understanding Bluetooth Low Energy GATT and GAP is beyond the scope of this write-up, however, the BLE specifications are easily accessible here, should you want to read up.
Keywe cross platform for free#
I also ran my Nordic nRF Connect mobile app (available for free on Google Play store) to gain useful information about my lock, such as the Bluetooth address, primary service UUIDs, characteristics, etc. I got familiar with the functionality of the lock and the look and feel of the mobile app.
This blog is intended to, not only consolidate my notes and document my research but to maybe inform others of some pretty cool tools and methods for reverse engineering Android/iOS applications.Īfter receiving the shipment of my KeyWe Smart Lock and creating a test fixture to mount it, I downloaded the android app to my mobile phone and created my account. During my journey, I found myself constantly going back to their blogs, especially as I discovered new and relevant information of my own. Instead, they chose to use obfuscation in their android app in an attempt to hide the more relevant sections of code (which they did quite well I might add).Īlthough F-Secure had laid the groundwork, they were careful not to reveal too much information and even REDACTED some of their own tools, thereby retaining the ‘keys to the kingdom’ as they put it.
Keywe cross platform update#
Unfortunately, their mitigation options were extremely limited due to the fact that they had no firmware update functionality. I soon became motivated to see if I could duplicate their efforts, realizing that F-Secure had issued an advisory and that the vendor had been given an opportunity to mitigate their exposure. I found their blog (posted in December of 2019) to be extremely fascinating and very informative. The F-Secure people found that due to a design flaw, an attacker could intercept and decrypt traffic coming from a legitimate owner of the lock. Recently I was afforded the opportunity to research the findings of a well-known security firm (F-Secure), who had discovered a vulnerability in the Guardtec KeyWe Smart Lock.
0 kommentar(er)
