| ▲ | buggeryorkshire 2 days ago | |||||||
It's reliant on a bounty iirc for the server and device side code to be open-sourced. Will be about an hour after that I reckon and I cannot wait to contribute. | ||||||||
| ▲ | z3ugma a day ago | parent [-] | |||||||
After you flash the exploit and SSH into the thermostat you can see it at https://github.com/codykociemba/NoLongerEvil-Thermostat/issu... It's a boot script called /bin/nolongerevil.sh that supplies its own trust material and redirects traffic intended for frontdoor.nest.com to a hard-coded IP 15.204.110.215. 99.9% of this image is the original copyrighted Nest image. Maybe it's enough for the bounty though? And I suppose you could change that IP to a local server. If you wanted to publish the server side Nest API discovered through WireShark . Just stand up your own http rest server. | ||||||||
| ||||||||