dsorlov / hubble-mitm Goto Github PK
View Code? Open in Web Editor NEWUsed to create a proxy to intercept messages and alter traffic to hubble
License: MIT License
Used to create a proxy to intercept messages and alter traffic to hubble
License: MIT License
Hi
I was delighted to see your project here, as I have a Hubble based baby monitor. Since they (and the world) deprecated Flash, there is no longer a way to view this camera on a desktop PC. I was hoping this may help with this issue.
But I can't get this working with my camera. I have a number of questions as to how this should work.
What I did to try and run this. I downloaded the complete repo and cd'd into the directory and ran "node index.js". On a Fedora system, but I doubt it matters too much (installed a dep that was needed)? The program listens and I can now connect with a telnet to 443 and 80, so it does seem to be working. I'm trying to use an Android device to connect to the script, I presume is the right thing to do?
1/ I think all I need to configure in the script are these parameters:
response.data.data[device].device_location.local_ip = "192.168.100.210";
response.data.data[device].device_location.remote_ip = "192.168.100.210";
response.data.data[device].device_location.local_port_1 = "6667";
response.data.data[device].mac_address = "281878FFDB54";
Is "mac_address" the address of the camera or the Android device?
Likewise are "remote_ip" and "local_ip" the camera address or the Android device?
2/ I then I believe need redirect DNS entries to the machine running this script.
So I added the following names (as found in your script) to a local DNS service:
192.168.100.128 ota.hubble.in
192.168.100.128 cs.hubble.in
192.168.100.128 api.hubble.in
192.168.100.128 ping.hubble.in
192.168.100.128 bootstrap.hubble.in
I have iptables rules I can set on my router to redirect all port 53 traffic to my fake DNS server from specific IPs.
I did "all DNS traffic" as I see that the camera seems to try and use google DNS from tcpdump.
I can verify that this works, as on my Android device I see it ping these names and I get my fake host.
The question, do I then need to direct the camera or the Android device to these fake DNS server/entries (or both)?
I didn't really get anywhere with this, even after camera and Android reboots (to flush any caching), but maybe my params are worng.
3/ As a final really brutal approach, I thought something might be detecting the private class C DNS returns and rejecting. So I removed the fake DNS and resolved all the real IPs returned by above. I then created iptables rules and redirected all these IPs to the fake service IP. (Now of course to the fake service all the requests will come from the router IP and MAC). But I still can't get any output, from the script. I tried the MAC address of my router and IP in the above, but again maybe not understanding the params is limiting what I'm seeing. And I don't know if I should be redirecting the camera or the Android device (or both) to this fake service.
Or have I completely missed the point?
Thanks
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.