Reverse Engineering Asked by Richard Zilahi on November 29, 2020
I am trying to reverse engineering an ENSTO "smart" bluetooth thermostat, which i just got installed in the house. The thermostat due to some technical and electrical challenges sometimes got placed at weird positions, so I thought, I am giving this a try, and see how far I can get.
In their official app, i was playing around to generat some log, so I managed to sniff the bluetooth packages, then using wireshark, noticated some patterns, but having hard times actually understanding them:
The first 01
or 00
definitely indicates whether we are increasing or decreasing, but what the rest could be?
Any tips, ideas, and suggestions are welcome!
I am a fullstack engineer, and pretty new all these iot and smarthome things, but trying my best.
ACTION PAYLOAD
INCREASE_BY_5_IN_ONE_HOUR Value: 01f401143c003c00
DECREASE_BY_5_IN_ONE_HOUR Value: 00f401143c003c00
INCREASE_BY_3_IN_ONE_HOUR Value: 012c010a3c003c00
DECREASE_BY_3_IN_ONE_HOUR Value: 002c010a3c003c00
INCREASE_BY_1_IN_3_HOURS Value: 01640014b400b400
DECREASE_BY_1_IN_3_HOURS Value: 00640014b400b400
Thank you!
Some elements of answer:
INCREASE_BY_5_IN_ONE_HOUR Value: 01f401143c003c00
01=increase
f401 = 0x1f4=500 times 1/100 of degree (little-endian)
14 =0x14=20 could be a step ?(other case 0x0a=10 )
3c00 =0x3c = 60 minutes
( 2 times to check the validity of the frame ?)
more data would be needed to go further
Correct answer by Gordon Freeman on November 29, 2020
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP