Sound bars hacked by Bluetooth with a Raspberry Pi

The Yamaha YAS-207 It is a sound bar that may be managed by way of Bluetooth with an software for iOS or Android. However, if you wish to management it with one other system by way of Bluetooth, or with a laptop, there’s nothing you are able to do. However, a hacker has supplied a resolution.

Analyzing packets despatched by way of Bluetooth

To do that, you first put in Android-x86 on a digital machine and enabled the Bluetooth HCI snoop log in Developer Settings. With the netcat command, you regularly ship to your Linux and Wireshark laptop to research packets. With this, by urgent the buttons within the Yamaha app, you’ll be able to view what information was despatched by way of Bluetooth.

From there, you’ll be able to already analyze the instructions on the particular person stage, in addition to the packets to reply. Subsequently, he wrote the code that allowed him talk with the soundbar by the Raspberry Pi. He mixed that with Shairpoint Sync, which permits, with a Raspberry Pi, to activate the soundbar and alter the sound supply for streaming with AirPlay or every other supply.

There are unprotected Bluetooth sound bars

Thanks to this, now you can management the soundbars with any system you need, however this additionally opens the door for anybody else close by to take action. Luckily, the scenario is just not as dangerous because it occurs instantly with different sound bars, the place they don’t even put safety mechanisms to forestall misuse.

Thus, there are fashions of LG or Samsung that come straight with out safety. In the case of LG, there’s a option to shield it after shopping for it, however in Samsung fashions there isn’t a option to do it, having to undergo torture if now we have an excessively humorous neighbor as a result of they’ll join at any time to the bar; even when now we have it linked by HDMI or we’re utilizing it with one other cable. For this cause, it’s crucial for producers to place particular emphasis on defending these connections, the place confirming the connections can be so simple as having to press a bodily button on the bar or on the distant.