Hacking a Neato Robotics BotVac Connected
-
Sorry haven't had time to do much cleaner-hacking during x-mas here. But I must have stripped a bit too much from the zip above (the initial pack was way too big to upload here)..
Might be easier if you decompile apk yourself to get the full file list.
http://www.javadecompilers.com/apkAnyhow a good starting point would be /res/values/strings.xml which contains the service endpoints
<string name="beehive_endpoint_staging">https://beehive-staging.neatocloud.com</string> <string name="cometa_endpoint_playground">https://cometa-playground.neatocloud.com</string> <string name="cometa_endpoint_production">https://cometa.neatocloud.com</string> <string name="cometa_endpoint_staging">https://cometa-staging.neatocloud.com</string>Then you can follow that back in the program where it's used.
/com/neatorobotics/android/p032e/p042j/C0746c.java
Then search for C0746c and so on... -
Thank you for your help.
I have downloaded the "APK Downloader" add-on for Firefox (https://addons.mozilla.org/nl/firefox/addon/apk-downloader/) and followed the instructions.
After downloading te APK I decompiled it at the given website. I now have almost 3000 files ;)Will look in the files later. Hope I can find something usefull. Its the first time for me.
I was wondering did you already find something usefull to use?
Have a nice day to you all.
-
@hek I was looking at the Neato as well - except it was hart to HA integrate, are you happy with the robot?
-
There is nothing wrong with its cleaning abilities. Impressed by their room scanning algorithm.
@hek I'm surprised you didn't research for maximum open source/HA support in first time. Suppose it's to late to change it now? Even if it's easy to hack this one, I think it's a good general principle - to a certain price of course.
-
Yeah, yeah.. usually good at doing research.. But this one was a black friday find... Didn't have time to do my homework.. :/ Have to pay for that now ....
-
I am now looking at the files you provided. I can't get some logic out of it.
You gave some service endpoints and then you pointed to the java file. I don't see the link between these two.
Sorry for my noob questions i'm not an programmer.
I am only looking for a why to implement the Neato in my domoticz home automation. But google gives very little help. Only desent hit was this link.
Greetings.
-
-
What I have come up with so far is that the Neato it self is running a websocket server on port 8081 - and uses some kind of standard Auth-behavior in the headers,
Hypertext Transfer Protocol
GET /drive HTTP/1.1\r\n
Host: xxx.xxx.xxx.xxx:8081\r\n
Sec-WebSocket-Key: XXXXXXX==\r\n
Sec-WebSocket-Version: 13\r\n
Upgrade: websocket\r\n
Origin: ws://xxx.xxx.xxx.xxx:8081/drive\r\n
Date: Tue, 29 Dec 2015 09:17:57 GMT\r\n
Authorization: NEATOAPP XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r\n
Connection: Upgrade\r\n
\r\n
[Full request URI: http://xxx.xxx.xxx.xxx:8081/drive]
[HTTP request 1/1]There also a port 8080 open but I can not figure out what's running on that one.
The communication between the Neato and the central server is handled via a server on Amazon - this traffis is HTTPS though. Next step is to set up a SSLSplit and hope that they don't have a pinned cert.
-
If we can figure out what's going on between Cloud <-> Neato we can do a version which is in depended on the Cloud-service being online or not - which also means that we can disallow it internet access
-
I recently ventured into writing some custom scripts both for my cloud connected home security system as well as my music streamer at home. It was quite easy to retrieve the commands needed from my android phone using an app I found called "Packet Capture" by the author Grey Shirts. Even https communication could be found. Perhaps this could be a way forward? Following this thread since I am considering getting a Botvac connected but failing to see the point if I would be dependent on a specific app on specific hardware..
