Ask Your Question

Capture incoming packets from remote web server

asked 2017-10-31 11:37:21 +0000

lucas gravatar image

I have a device (an air conditioner) on my local network which is connected via wifi to the router. It receives commands from an external web site.

I can send JSON formatted commands to the web server and it will forward the commands to the device. This results in an undesirable pause between the command being sent and the device actioning it. Additionally there are security issues.

I am trying to find a way to circumvent the web server. I would like to create a webserver on my own network to be able to control the device and reduce my reliance on the external service.

I have tried to capture data incoming from the web server using Wireshark but am really struggling to get it to work.

I've done a lot of background reading but some of the concepts are quite hard to understand. Can anyone provide a bit of advice on how to go about capturing and analysing these packets? This might include how to actually set up wireshark to actually capture the packets in the first place, because I am convinced that I haven't got that right.

Any help is very much appreciated

edit retag flag offensive close merge delete


Capturing WiFi traffic adds a lot of extra burden so unless you are interested in the WiFi operation itself, it is a much better idea to capture at Ethernet interface of the wireless AP - of course if it has one, i.e. if it is not a modem with WiFi. What is your case?

sindy gravatar imagesindy ( 2017-10-31 12:03:42 +0000 )edit

Regardless how you capture, if the A/C connects to its controlling server using encrypted communication, you have no chance to reverse-engineer the protocol as you won't even see it.

sindy gravatar imagesindy ( 2017-10-31 12:06:35 +0000 )edit

Thanks for your response. I think that the device is an AP and connects to the router via wifi. It has an IP address assigned by the router. Does that clarify things?

A post by someone else who has done this already (but who has not responded to questions) indicates that the packets are not encrypted and are in plain text.

lucas gravatar imagelucas ( 2017-11-01 01:57:12 +0000 )edit

I think that the device is an AP and connects to the router via wifi. Sorry, I wasn't clear enough.

Typically, the "WiFi router" is an AP (Access Point), while all the other WiFi devices connecting to it are STAtions (clients). Only some printers, wireless beamers etc. seem to be an exception from this, providing their own AP functionality to allow laptops and phones to connect directly to them as STAtions.

Now what I was asking about was whether your wireless router is connected directly to the phone cable (via splitter) or CATV cable, or whether you have a modem for phone line or CATV and a wireless router as two separate boxes connected to each other using an RJ-45 cable.

The reason for this question is that it is ways simpler to capture reliably on wired Ethernet than "in the air", and that capturing in the air is ...(more)

sindy gravatar imagesindy ( 2017-11-01 13:55:08 +0000 )edit

I have a cable modem at the moment and am using the built in wireless because the router I had got fried. It is a basic model modem/router. I also have a spare wireless router which connects to the modem to provide some extender capabilities.

lucas gravatar imagelucas ( 2017-11-02 11:47:30 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2017-12-01 21:41:42 +0000

Hmm... Seperate adapters maybe? I am not so sure about this one.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools



Asked: 2017-10-31 11:37:21 +0000

Seen: 2,092 times

Last updated: Dec 01 '17