I'd like to see them with a USB port, so I can just plug it into a PC, so it would be quickly and easily modified. Just like any Arduino or ESP developer board. If I had 50 lights, it'd be easier to do that, than to solder pins on and then flash. If it's easy to do, like this, the firmware is irrelevant. For me, ESPHome with a fallback standalone adjuster, would work well.
This was really well done. I'm a layperson and I found it both informative and engaging. Well designed and executed --writing, narration and illustrations kept me focused for the entire clip. I look forward to watching more of your videos.
I'm really enjoying your video's, i'm a newbie into electronics and coding, but already bought and used the oled deauther (Maltronics), and now learning with a rasperry pi 3b+. Please keep the videos coming i'm learning a lot from you and assoc. :)
Have you managed to flash the bulb at 6:33? I have a similar bulb but the board (I believe esp8285) doesn't have labelled pins and I can't find a datasheet anywhere!
Thank you for all your hard work on bringing awareness of wireless/network security to the public. I have been a Network Engineer for over 25 years, going all the way back to the days of FidoNet (if you know what that is), and really enjoy following your work. Hats off to you sir.
is there any non hackable/flashable light bulb out there? that could probably not using esp8266 but other thing? i'm afraid i would get something like that
I was thinking it might be interesting to add an SD card to one of these,to use as a file dump. Sort of an anonymous file sharing server. Something like Sparkfuns "Rogue Router". Typically an SD card would also use pins 12,13,14 though. I'm not sure if the SD card would be happy with having/sharing PWM all over it's data lines. Perhaps if there's a version using the ESP32,that also has some extra GPIO available to connect an SD card to. Or,perhaps you could replace the Flash chip with something larger,to have space for storing files.
Very well informative and all . You must be German . Here in USA many take short cuts and leave a lot out . As I always seen and learned from my relatives in Germany are much more organized and explain in detail. Since I was 1st generation here in USA. I hate the bad habits I have picked up here and wish I had more knowledge from my relatives in Germany . Good job and I will be watching more of your videos and try and learn from you .
Thanks for the video, I didn't know about espurna and while I don't have any lights to hack, I did pick up a couple of super cheap LINGAN / TONBUX smart outlets and noticed they were obviously using an unbranded esp8266 inside and thought about hacking them, so I'll almost certainly do it sometime later.
nice video, covered exactly what i was hoping to find information on, perfectly. All the questions i had in my head when i showed up are answered and i got more useful information than i was expecting, Thanks a lot!
Well done. Very informative. Did you do this from a script? You are very clear and organized in your thinking and presentation. I will watch this and take notes. I feel like I just had a short course in ethical hacking.
to anyone looking to do this using tuya convert in 2020, tuya has started shipping with updated firmware that breaks tuya-convert. it's being worked on, if you want to help out check out the issue on github github.com/ct-Open-Source/tuya-convert/issues/483 or even better the wiki page github.com/ct-Open-Source/tuya-convert/wiki/Collaboration-document-for-PSK-Identity-02 great video btw lol
Really appreciate this video. Today I started digging on a ESP8266 device that came with an app called "Magic Home" and tried to see how to hack it. Found out about security issues when I sniffed with wireshark. This is a good alternative on how to solve any security concern.
Your so right, they never go deep into the tech. It bothers me. Even 2 years later that's why I thought I should say the problem was never addressed. Never will be.
2020-2021 was a great time. My dollar store "action" had 3euro esp8266 bulbs with 806lm and warm/cold white light dimmable from "LSC" that could run tasmota. Now they silently switched to some obscure chinese chip that probably a cent cheaper >:(
This is interesting, but the funny thing is I've ordered some cheap wifi lightbulbs to actually improve my security. The idea is that while I am away from home for a couple of days or more, I can turn on the lights in the evening to simulate activity and scare off burglars because, in my opinion, they are a far larger threat to my security than some chinese data-mining operation. Also reflashing with open-source software seems like a good idea, I might try that.
Not really a funny thing considering he anticipated this point, noting that for him, the cost outweighs any benefit that might come from this (trivial, might I add) proposition.
So what's your alternative? I love light and without wireless connection I can't change the settings of each lamp. Should I buy bulbs with buttons or should I just foregoe colored and dimmable lights? I see your point, but you can't say those lights are useless. If it wasn't for LED lights I would not work with electronics in my free time. Enough of the grumble: This is a very nice video. Actually I was looking for a video on how to hack remote controlled bulbs, but I stayed here :)
You can use them with open source firmware or hack something together yourself, that’s great about them. For everyone else, I’d look at lights that are controlled through Bluetooth, ZigBee, or similar from a reputable brand. Not that they’re perfect, but still a lot safer compared to these trash noname Wi-Fi lamps.
Hi! Can anyone please help me to figure out the pins of the new Shelly Bulb? OTA went to fail, so I’d go with Tasmota, but cannot find any info about its pins.
Vielen Dank! I just started playing with ESP8266, and luckily don't have any smart devices calling home to China on a regular basis... ;-) Yeah, that stuff will get hacked before it goes into service. (Laughs: 'Military-grade encryption' must be the Newfoundland army version)
Pls sell a lamp with the deauth detector software! Because the deauther software isn’t very useful in a lamp you have to power with a huge cable. Oder verändere die deauth detector software so, dass man die Lampe normal benutzen kann ( Farbe wechseln und so) und das erkennungs feature ein Zusatz ist. Am besten kann man noch die Farbe des deauth erkunngs Alarm ändern oder dass es pulsiert.
hi sorry to bother ! most lightbulbs that sell in my country say ¨Wifi+Bluetooth¨ , does that mean that they dont have an ESP8266 and have some sort of ESP32 ? It does say that it uses the SMART LIFE app love your content btw , salutations from argentina
I agree, there are a lot of well-done videos but the depth doesn’t go past what a slightly aggressive DIYer would do. They are good to get you started but there’s a certain point where you have to fend for yourself.
I'm rather cs savvy (maybe never messed with flashing stuff but played around with arduino and working as programmer). I'm interested in buying these cheap rgb wifi lights to test if this is something I want and maybe then later move on to much pricier philips hue or something like that. I don't want to control this outside my home. I presume that blacklisting access to internet on my router would do the trick so that I don't end up with botnets on my network. Also it would be rather easy to analyze requests that these mobile apps for controlling lightbulbs sends. If something would seem fishy I'd consider going open source and flashing firmware or setting up separate network w/o access to internet. If someone breaks into my home and is able to access lightbulbs and flash them then I'd probably worry much more about everything else in my home than lightbulbs. If someone is able to spoof my internet well think about it. It's game over. I'd probably worry about my banking credentials rather than lightbulb. Metadata? Well I've Facebook app on my Google phone... Nevertheless analyzing requests and disabling accesss to internet should do the trick am I right? If somethings fishy then turning to open source is solution. Well I'm more paranoid that these light bulbs might be ticking bombs that would go off when I'm not present at home. Don't know but something like circuit shorting on purpose -> increase of temperature -> fire. I'd assume that when light connector is in off state then it shouldn't be possible. And when going away on holidays probably take them out. So I'm planning to give it a go, yolo. Probably everyone has mic and wifi spoofer in their electric kettles mass produced in china, sike :o
💡Do you want to see preflashed smart light bulbs and if yes, with what firmware?
Ich habe das in einem separaten Kommentar geschrieben. Habe dein Kommentar erst später gesehen
Maybe an open source to do in the most safe way possible even if limited. Sorry by my english.
What do you think about the Mozilla Iot Gateway ?
Give us options. Let us pick and choose between deauther, deauther detection, and just normal open source light.
I'd like to see them with a USB port, so I can just plug it into a PC, so it would be quickly and easily modified. Just like any Arduino or ESP developer board. If I had 50 lights, it'd be easier to do that, than to solder pins on and then flash.
If it's easy to do, like this, the firmware is irrelevant. For me, ESPHome with a fallback standalone adjuster, would work well.
This was really well done. I'm a layperson and I found it both informative and engaging. Well designed and executed --writing, narration and illustrations kept me focused for the entire clip. I look forward to watching more of your videos.
Thank you that means a lot ❤️
I will totally look into the hack to flash the firmware through the automated update. Avoid opening the thing
This was a solid and very informative video! Very well done.
Well done 47
I'm really enjoying your video's, i'm a newbie into electronics and coding, but already bought and used the oled deauther (Maltronics), and now learning with a rasperry pi 3b+. Please keep the videos coming i'm learning a lot from you and assoc. :)
How do you determine the pins if they aren't labeled?
Have you managed to flash the bulb at 6:33? I have a similar bulb but the board (I believe esp8285) doesn't have labelled pins and I can't find a datasheet anywhere!
Thank you for all your hard work on bringing awareness of wireless/network security to the public. I have been a Network Engineer for over 25 years, going all the way back to the days of FidoNet (if you know what that is), and really enjoy following your work. Hats off to you sir.
Would be awesome to have a pre flashed bulb with the deauth detector
is there any non hackable/flashable light bulb out there? that could probably not using esp8266 but other thing? i'm afraid i would get something like that
Your projects are so cool!
You have a great sense of humor.
I was thinking it might be interesting to add an SD card to one of these,to use as a file dump. Sort of an anonymous file sharing server. Something like Sparkfuns "Rogue Router". Typically an SD card would also use pins 12,13,14 though. I'm not sure if the SD card would be happy with having/sharing PWM all over it's data lines. Perhaps if there's a version using the ESP32,that also has some extra GPIO available to connect an SD card to. Or,perhaps you could replace the Flash chip with something larger,to have space for storing files.
Piratebox esk device?
i want to break into a smart light storage warehouse and sneakily flash every light bulb with deauther firmware
Very well informative and all . You must be German . Here in USA many take short cuts and leave a lot out . As I always seen and learned from my relatives in Germany are much more organized and explain in detail. Since I was 1st generation here in USA. I hate the bad habits I have picked up here and wish I had more knowledge from my relatives in Germany . Good job and I will be watching more of your videos and try and learn from you .
Is it possible to use one of the lamps with WLED? I want to use it with Hyperion. :D
Great video, deserves more views : )
Thanks for the video, I didn't know about espurna and while I don't have any lights to hack, I did pick up a couple of super cheap LINGAN / TONBUX smart outlets and noticed they were obviously using an unbranded esp8266 inside and thought about hacking them, so I'll almost certainly do it sometime later.
Very nice good editing and nice Tutorial
I like connect smart lights in wifi network without internet. Please advice
Can you help me to compile ino files in Android for esp8266 if there is a way?
nice video, covered exactly what i was hoping to find information on, perfectly. All the questions i had in my head when i showed up are answered and i got more useful information than i was expecting, Thanks a lot!
Great vid! No bull**ting, just good info! Thank you!
Well done. Very informative. Did you do this from a script? You are very clear and organized in your thinking and presentation. I will watch this and take notes. I feel like I just had a short course in ethical hacking.
to anyone looking to do this using tuya convert in 2020, tuya has started shipping with updated firmware that breaks tuya-convert. it's being worked on, if you want to help out check out the issue on github github.com/ct-Open-Source/tuya-convert/issues/483 or even better the wiki page github.com/ct-Open-Source/tuya-convert/wiki/Collaboration-document-for-PSK-Identity-02
great video btw lol
i desperately wait for your videos.
bro me too
Maybe sall a LigtBUlb that makes an AP and has som OTA Stuff on it so u can Programm it urself!
Really appreciate this video. Today I started digging on a ESP8266 device that came with an app called "Magic Home" and tried to see how to hack it. Found out about security issues when I sniffed with wireshark.
This is a good alternative on how to solve any security concern.
My favorite part was when it ended. Gotta have a powerful ending.
Your so right, they never go deep into the tech. It bothers me. Even 2 years later that's why I thought I should say the problem was never addressed. Never will be.
Always make my own IoT devices. So thanks for the insight view of those light bulbs! Nice video!
7:48 OMG! This is the worst stock photo I've probably ever seen. LOL!
I am definitely interested in open source smart home accessories!
2020-2021 was a great time. My dollar store "action" had 3euro esp8266 bulbs with 806lm and warm/cold white light dimmable from "LSC" that could run tasmota. Now they silently switched to some obscure chinese chip that probably a cent cheaper >:(
Yeah noticed the same. Looks like they prefer other chips now that are not as fun to hack.
@@spacehuhn Small correction in my case they switched to Beken chips which I found out later also have a tasmota like open source firmware (OpenBeken)
Very cool. (That everything apple pro video made me cringe also)
This is interesting, but the funny thing is I've ordered some cheap wifi lightbulbs to actually improve my security. The idea is that while I am away from home for a couple of days or more, I can turn on the lights in the evening to simulate activity and scare off burglars because, in my opinion, they are a far larger threat to my security than some chinese data-mining operation. Also reflashing with open-source software seems like a good idea, I might try that.
Not really a funny thing considering he anticipated this point, noting that for him, the cost outweighs any benefit that might come from this (trivial, might I add) proposition.
Great video, thanks for sharing!
So what's your alternative? I love light and without wireless connection I can't change the settings of each lamp. Should I buy bulbs with buttons or should I just foregoe colored and dimmable lights?
I see your point, but you can't say those lights are useless. If it wasn't for LED lights I would not work with electronics in my free time.
Enough of the grumble:
This is a very nice video. Actually I was looking for a video on how to hack remote controlled bulbs, but I stayed here :)
You can use them with open source firmware or hack something together yourself, that’s great about them. For everyone else, I’d look at lights that are controlled through Bluetooth, ZigBee, or similar from a reputable brand. Not that they’re perfect, but still a lot safer compared to these trash noname Wi-Fi lamps.
I bought a ir remote rgbw bulb.. i want to open all the lights in one.. can you please help me.. i just want to open all the lights steady..
Very cool vid.
Bought led dimmable bulbs... can you explain about these please. I thought dimmable meant just can be dimmed from light switch.
Awesome video bro, your very intelligent 👍
Лучшее что я видел) У канала большой потенциал
You couldn’t have uploaded this 2 days ago. I just ordered one of these
Hi! Can anyone please help me to figure out the pins of the new Shelly Bulb? OTA went to fail, so I’d go with Tasmota, but cannot find any info about its pins.
This guy is here hacking a fucking lamp, this is amazing
Vielen Dank! I just started playing with ESP8266, and luckily don't have any smart devices calling home to China on a regular basis... ;-) Yeah, that stuff will get hacked before it goes into service. (Laughs: 'Military-grade encryption' must be the Newfoundland army version)
Really nice content
I am searching for a light bulb with esp8266 inside. Can you name a specific one? I already ordered some but did not find the right one yet.
During a stay in a rehabilitation clinic I found out they use 802.11 meshed fire alarms... makes me shake my head.
0:40 Ok. I will throw my Hue bridge and ligtbulbs and a beta product that works with them out of my window...
what can you do with a light bulb you managed to hack?
turn off the lights? oh no what a nightmare
Turn it into a wifi deauther
time to rip off that wipro rgb smart bulb 😂😂😂😂😂😂😂😂😂😂😂
Pls sell a lamp with the deauth detector software! Because the deauther software isn’t very useful in a lamp you have to power with a huge cable. Oder verändere die deauth detector software so, dass man die Lampe normal benutzen kann ( Farbe wechseln und so) und das erkennungs feature ein Zusatz ist. Am besten kann man noch die Farbe des deauth erkunngs Alarm ändern oder dass es pulsiert.
We need update for web interface of deauther firmware.. thank u
*laughs in philips hue*
15:39 lol it's funny.
Thanks
Amazing video with meaningful content. Good work.
cool video
Yikes. Thanks for making this video!
shouldnt step 6 be step 1?
hi sorry to bother ! most lightbulbs that sell in my country say ¨Wifi+Bluetooth¨ , does that mean that they dont have an ESP8266 and have some sort of ESP32 ? It does say that it uses the SMART LIFE app
love your content btw , salutations from argentina
Sounds like ESP32 to me
I agree, there are a lot of well-done videos but the depth doesn’t go past what a slightly aggressive DIYer would do. They are good to get you started but there’s a certain point where you have to fend for yourself.
Dude u r awsmm....
Motels Are Full Of These Things...Thats Why Hackers Go To Them
Tyyy
Thanks; Danke :)
Yeeeeet
Imagine a lightbulb looking to your hated neighbour
Be careful when buying Smart Life Wifi Switches - they use a Realtek Chip instead of an ESP which is incompatible
Im just looking to hook my light up to my pc for immersive lighting and dont want to waste hundreds for phillips hue.
I'm rather cs savvy (maybe never messed with flashing stuff but played around with arduino and working as programmer). I'm interested in buying these cheap rgb wifi lights to test if this is something I want and maybe then later move on to much pricier philips hue or something like that.
I don't want to control this outside my home. I presume that blacklisting access to internet on my router would do the trick so that I don't end up with botnets on my network. Also it would be rather easy to analyze requests that these mobile apps for controlling lightbulbs sends. If something would seem fishy I'd consider going open source and flashing firmware or setting up separate network w/o access to internet.
If someone breaks into my home and is able to access lightbulbs and flash them then I'd probably worry much more about everything else in my home than lightbulbs.
If someone is able to spoof my internet well think about it. It's game over. I'd probably worry about my banking credentials rather than lightbulb.
Metadata? Well I've Facebook app on my Google phone... Nevertheless analyzing requests and disabling accesss to internet should do the trick am I right? If somethings fishy then turning to open source is solution.
Well I'm more paranoid that these light bulbs might be ticking bombs that would go off when I'm not present at home. Don't know but something like circuit shorting on purpose -> increase of temperature -> fire. I'd assume that when light connector is in off state then it shouldn't be possible. And when going away on holidays probably take them out.
So I'm planning to give it a go, yolo. Probably everyone has mic and wifi spoofer in their electric kettles mass produced in china, sike :o
Hi dude all your videos are great but we need a fluxion esp
Hier sind ja kaum Deutsche xD
100th like!
Mach mal deutsche Videos was dieses Probe Attacks nutzt und so
ugh whatever he is just trying to impress people