-
|
This doesn't really have anything to do with wz_mini_hacks per se. But, I am curious, what kind of information, if any, do we get if someone uses one of the Wyze apps to view video, toggle buttons/nightvision, etc? It is all handled in their layer/iCamera, so we don't know anything about it? The reason I ask, is Wyze kind of sucks when it comes to sharing cams. It might be interesting if we could intercept certain calls, and block them (ie, like we do for the firmware update), and only permit the operation if we mark that we want to allow it, in our config. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
it goes through the tutk library, if you see logread output, you can see the commands being rec'd by iCamera, so they do need authorization as far as I know. Maybe @mrlt8 would know more. |
Beta Was this translation helpful? Give feedback.
-
|
The authkey used by clients to authenticate with the device is based on the ENR and Mac address, so spoofing the mac address (or unspoofing it since wyze already does some weird spoofing) could theoretically change the authkey and block clients from authenticating. However, I believe they are using AWS IoT Core for all the "web api" stuff - e.g., rebooting the cam, notifications, etc, so you'd probably need to block that as well. |
Beta Was this translation helpful? Give feedback.
it goes through the tutk library, if you see logread output, you can see the commands being rec'd by iCamera, so they do need authorization as far as I know. Maybe @mrlt8 would know more.