nirnachmani
commented
2 months ago They have changed it - those keys are now in the HTTPS headers, not in the content. Also JavaScriptKey is now called clientkey. I thought I changed the readme in the github repository to reflect those changes but looking at it now, it doesn't - I must have changed it somewhere else. Sorry.
I have spent many hours in an attempt to implement local control. I used WireGuard on an android device and mitmproxy in wiregaurd mode to see the local TCP communication between the app and the hub. This communication is encrypted so I started to reverse engineer the android app to find out what encryption method is used, which I think I managed to do. However, the decrypted data still didn't make much sense, and eventually I just gave up. I can't remember now why, but the wiregurad didn't work on a virtual device so I needed to use an old physical device which I rooted. I am happy to give some more advise but I don't think I want to spend more time on that project - while I would prefer local control, the current implementation works quite well so it is good enough for me.
zhoob
nickw444
hoskerism
Despite following the instructions closely and using various MITM apps with HTTPS functionality on iOS as well as mitmproxy with an Android emulator, I have been unable to fetch the desired secrets needed to make this integration work.
Perhaps PIXIE have changed their communication method to something else that isn't done via HTTP(s)? (Or I'm doing something wrong).
Ultimately I'm not too interested in a cloud integration, but rather mostly interested in local integration. I've previously reversed engineered binary protocols, so would be willing to give this a try. I'd love to know how you went about capturing the TCP messages between the app and hub? (and whether you had a pcap you'd be willing to share). Otherwise I'll try capture myself.