![]() As I said, it should be available by the end of the week. I wrote a detailed post explaining the whole process and the trails that I find interesting so far. I have some research to do on this but it would really accelerate the test process and if a vulnerability allowing to write to arbitrary files is found we could have a tethered exploit not requiring any dodgy hardware manipulation. I’ve managed to gain full root access on the latest version and to prevent the update utility to brick the TaHoma at the first reboot.Īnother thing interesting is that the TaHoma is capable of rebooting to an attached USB mass storage if root access has already been obtained. Hopefully, I’ll go full disclosure by Friday. I’m keeping a bit under an embargo here, just the time to check some details. They would have a non-negligible chance to brick the box. ![]() It may be patchable by software but I doubt that Somfy and Overkiz will ever do it because: ![]() It still requires hardware access but it is way much simpler that the method I used before to dump the NAND. I found a vulnerability in the TaHoma box. Sorry about that, I had so much things to do that the io-homecontrol project has a bit gone under the pile. ![]() ![]() On my side, I’ve been dark for a long time. Nice work io-homecontrol frames are in fact encrypted in AES-128, so this may be the key you have here. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |