Overview
Syllabus
Intro
Xiaomi Cloud
Device to Cloud Communication
Cloud protocol
App to Cloud communication
Operation Systems
Implementations
Device Overview
Rooting: Challenges
Teardown
Backside layout mainboard
Frontside layout mainboard (GEN2)
Pin Layout CPU
Software
Available data on device
Communication relations
eMMC Layout
Update process
Firmware updates
Lets root remotely
Gain Independence
Replacing the cloud interface
Proxy cloud communication
Summary of the Vacuum
Xiaomi Ecosystem
Overview Hardware
Sensors connected via gateway
Acquiring the Key
Binary Patching: Goals
Binary Patching: Why can it be hard?
Binary Patching: Nexmon Framework
Preparing the modified binary (Marvell)
Applying the modified firmware
Taught by
Recon Conference