With curiosity of entering the Cyber-security world and what it has in store, our team has decided to tackle the CACI "Hack a SmartThings Outlet" challenge.
What it does
Our hack captures RF traffic packets being exchanged between the hub and the smart outlet, allowing us to identify the MAC address of the hub. After identifying the MAC address, we are able to spoof our Linux machine's MAC address as the hub's to send illegitimate commands to the SmartThings outlet.
How we built it
We utilized an open-source project called CCsniffpiper, which is a python script that allows us to communicate with the CC2531 USB dongle and allows us to pipe the RF traffic packets between the hub and the smart outlet into Wireshark. From the packets, we were able to identify the MAC address of the hub and successfully spoof the MAC address of our Linux machine to mimic the hub using the "macchanger" command on terminal.