search

morbith-dqtz / agnoc-tools

Development tools for integration of conga 6090 into agnoc driver
4 stars 1 forks source link

mitmproxy #2

Closed jjcasmar closed 2 years ago

jjcasmar commented 2 years ago

Hi, o the agnoc repo you said you were able to get the traffic between the cecotec server and the conga itself by running mitmproxy. Could you explain exactly how you achieved this?

I have tried to set the gateway of my vacuum cleaner to a local PC (192.168.1.3) and I have redirect the ports with iptables, but I am not seeing any kind of communication.

On the Conga:

root@TinaLinux:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.1.3     0.0.0.0         UG    0      0        0 wlan0
192.168.1.0     *               255.255.255.0   U     0      0        0 wlan0
root@TinaLinux:~# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       tcp  --  192.168.1.83         anywhere             tcp dpt:9090 to:192.168.1.3:8080
DNAT       tcp  --  192.168.1.83         anywhere             tcp dpt:9001 to:192.168.1.3:8080
DNAT       tcp  --  192.168.1.83         anywhere             tcp dpt:8001 to:192.168.1.3:8080
DNAT       tcp  --  192.168.1.83         anywhere             tcp dpt:https to:192.168.1.3:8080
DNAT       tcp  --  192.168.1.83         anywhere             tcp dpt:www to:192.168.1.3:8080

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
morbith-dqtz commented 2 years ago

Hi,

I prefer doing that routing stuff at the Access Point.

If you set a default route there, is no need of using the nat table at robot. You must be missing something (maybe a firewall al that local PC ? ) . If the default GW is set, traffic must arrive there. tcpdump could bring some light at this point.

jjcasmar commented 2 years ago

Yeah, you are right. I was running the routing on the Conga and I had to run it on the AP. I have managed to read the traffic, but I I am just getting connections with status 101 on the port 9090. Apparently mitmproxy is not showing the wss.

How did you read this?

morbith-dqtz commented 2 years ago

Hi,

You must answer the request at mitmproxy as a valid TLS 3irobotix domain host.

From this point it's off topic, thanks for your understanding.