search

SomethingWithComputers / pixoo

A library to help you make the most out of your Pixoo 64 (and hopefully soon other Wi-Fi enabled Pixoos)
Other
197 stars 25 forks source link

Sniffing HTTP requests on Pixoo 64 #14

Closed redphx closed 2 weeks ago

redphx commented 1 year ago

I have an idea: I want to create a project that simulate a Pixoo wifi device, and we can control it using the Divoom app. So in the future we could have our own Pixoo devices running ESP32, RPi...

The thing is I don't have a Pixoo 64 at the moment. I took a look at the firmware and looked like it doesn't use HTTPS when communicating with the server (it calls http://app.divoom-gz.com/). So in theory, we can use mitm to sniff HTTP request on the device.

I'd be grateful if someone could help me. I only need to know the pairing process where it registers the device. I was able to do the first step by calling Device/InitV2, but after that I don't know anything.

Thank you.

vhartikainen commented 1 year ago

I know this is not sniffing traffic per se, but have you ran into this API documentation from Divoom: http://doc.divoom-gz.com/web/#/12?page_id=89

I hope you'll find this helpful. Might be able to do traffic capture at some later stage too.

redphx commented 1 year ago

@vhartikainen thank you. I know this site, but unfortunately it's not what I want. It only shows how to communicate with pixoo, not how pixoo communicate with the app and server.

Grayda commented 1 year ago

@redphx: Are you able to share the URL where you got the firmware from? I'm currently doing some development with the Pixoo 64 and want to take a deeper look at the device.

Side note, if you've got a Windows machine, you can install Windows Subsystem for Android (WSA) and sideload apps, including the Divoom app. You can then use Wireshark to sniff the traffic. Here's some basic steps:

  1. Install WSA from the Microsoft Store here: https://apps.microsoft.com/store/detail/windows-subsystem-for-android%E2%84%A2-with-amazon-appstore/9P3395VX91NR or use winget (winget install 9P3395VX91NR)
  2. Download the Divoom APK from somewhere like APKPure (https://m.apkpure.com/divoom-pixel-art-editor/com.divoom.Divoom)
  3. Open the WSA Settings app from the start menu, then go to the "Developer" tab. Turn on developer options. When it's on, you should see in small text, the address to connect via ADB (e.g. 127.0.0.1:<port number>)
  4. Open the Amazon App Store, just to let WSA do its startup and all that jazz. You don't need to sign in
  5. Open a terminal and run: adb connect 127.0.0.1:<whatever port number you found in step 2>
  6. When ADB connects, run adb install <path-to-APK>. The app will be sideloaded and show up in the start menu
  7. Run Wireshark and get it running
  8. Run the Divoom app and go through the setup.

Alternatively, you can do the same with PCAPDroid and the Divoom app on real hardware.

Additionally, you can extract the Android logs by running adb logcat > logs.txt and then viewing the logs.txt file when you're done playing around in the app.

Also, once you have the APK, you can also decompile it using a decompiler such as http://www.javadecompilers.com/apk . It's an absolute mess (as most decompilations of APKs are), but if you're persistent, you can find some gold in there

And a quick tip: I think the app is an MQTT client, and / or perhaps acts as an MQTT server for the Pixoo, because there's a LOT of calls in the code to MQTT functions. There's an MQTT server that runs on appin.divoom-gz.com, but I suspect the Divoom makes an MQTT connection TO the app, and passes info around via topics (e.g. DivoomApp or possibly DivoomDevice)

If I discover more, I'll update this comment.

redphx commented 1 year ago

Hi @Grayda, here are some firmwares file I downloaded from their server:
divoom-firmwares.zip

Got it awhile ago and forgot how I did it.
90, 91, 92 are device types. I think 90 & 92 are Pixoo64-wifi, and 91 is pixoo16_wifi.

SomethingWithComputers commented 2 weeks ago

Though interesting, I'll have to be sure that the prefixes relate to certain devices. This will be implemented in some way in the future! Though now it'll just try to connect to the "first" Divoom it sees on your LAN if no IP address is set :).

ivan5077 commented 3 days ago

Hi @Grayda, here are some firmwares file I downloaded from their server: divoom-firmwares.zip

Got it awhile ago and forgot how I did it. 90, 91, 92 are device types. I think 90 & 92 are Pixoo64-wifi, and 91 is pixoo16_wifi.

Hi @redphx, can i know this firmware is same with Pixoo64-wifi esp32 board? cause my Pixoo64 esp32 is faulty. i want to replace the esp32 module and re-flash it.

redphx commented 3 days ago

Hi @redphx, can i know this firmware is same with Pixoo64-wifi esp32 board? cause my Pixoo64 esp32 is faulty. i want to replace the esp32 module and re-flash it.

@ivan5077 maybe? I downloaded these files from their server. I never tested it myself.

ivan5077 commented 3 days ago

Hi @redphx, can i know this firmware is same with Pixoo64-wifi esp32 board? cause my Pixoo64 esp32 is faulty. i want to replace the esp32 module and re-flash it.

@ivan5077 maybe? I downloaded these files from their server. I never tested it myself.

@redphx ok. thanks. i try to re-flash the esp32 module. thanks alot.