Intercepting Communications of IoT Device with ARP Poisoning and MITMProxy

In this video, we show how to intercept and analyze network traffic from an IoT device using ARP poisoning and Wireshark. Then, we use mitmproxy to transparently intercept TLS communications of a device when it is not properly verifying certificates.

mitmtools github repo:
https://github.com/nmatt0/mitmtools

ARP:
https://en.wikipedia.org/wiki/Address_Resolution_Protocol

mitmproxy:
https://mitmproxy.org/

IoT Hackers Hangout Community Discord Invite:
https://discord.com/invite/vgAcxYdJ7A

🛠️ Stuff I Use 🛠️

🪛 Tools:
XGecu Universal Programmer: https://amzn.to/4dIhNWy
Multimeter: https://amzn.to/4b9cUUG
Power Supply: https://amzn.to/3QBNSpb
Oscilloscope: https://amzn.to/3UzoAZM
Logic Analyzer: https://amzn.to/4a9IfFu
USB UART Adapter: https://amzn.to/4dSbmjB
iFixit Toolkit: https://amzn.to/44tTjMB

🫠 Soldering & Hot Air Rework Tools:
Soldering Station: https://amzn.to/4dygJEv
Microsoldering Pencil: https://amzn.to/4dxPHwY
Microsoldering Tips: https://amzn.to/3QyKhrT
Rework Station: https://amzn.to/3JOPV5x
Air Extraction: https://amzn.to/3QB28yx

🔬 Microscope Setup:
Microscope: https://amzn.to/4abMMao
Microscope 0.7X Lens: https://amzn.to/3wrV1S8
Microscope LED Ring Light: https://amzn.to/4btqiTm
Microscope Camera: https://amzn.to/3QXSXsb

About Me:
My name is Matt Brown and I'm an Hardware Security Researcher and Bug Bounty Hunter. This channel is a place where I share my knowledge and experience finding vulnerabilities in IoT systems.

- Soli Deo Gloria

💻 Social:
twitter: https://twitter.com/nmatt0
linkedin: https://www.linkedin.com/in/mattbrwn/
github: https://github.com/nmatt0/

#iot #networking #hacking #wireshark #raspberrypi #proxy #linux #embedded_systems