How I Hacked a Colorfit Pro 4
2024-10-13 22:0:21 Author: hackernoon.com(查看原文) 阅读量:7 收藏

Colorfit Pro 4 (Noisefit) | Reverse Engineering (Not a Tutorial)

Disclaimer:

The content provided on this blog regarding the reverse engineering of a smartwatch is intended solely for educational and informational purposes. It is not meant to encourage or promote any illegal, malicious, or unethical activities. The techniques and analyses shared are for understanding how these devices operate and should be used responsibly.

I have not shared any code or detailed instructions that could be used to exploit these devices for harmful purposes. Readers are advised to adhere to all relevant laws and regulations in their respective jurisdictions. Any misuse of the information provided is solely the responsibility of the individual involved.

By accessing and using the content on this blog, you agree to use the information responsibly and ethically.

Why Did I Do That?

I really hate sharing my personal data with any company. That’s why I thought, why not use my old smartwatch to check my health data without connecting to the app (which will save my data on a server)? This way, I can also do some automation using it.

Little Introduction

I started working on this by connecting the watch to its app. I began analyzing the BLE connection between them to understand what was happening. When I saw the data, it seemed somewhat complex, so I used jadx to check the code. After a few minutes, I found some functions responsible for communication between the app and the watch.

Digging a bit deeper, I discovered .proto files being used to populate the data received from the watch and display it in the app’s UI. The code is dynamic, and it can connect to any noisefit pro 4 watch nearby. I’m not going to share the complete code at the moment but below is a sneak peek.

async def noisefit_4_pro() -> None:
    """Search device and perform operation of getting basic data"""
    limit = 50
    retry = 0
    try:
        cprint.header(f"Searching for noisefit watch ...")
        devices = await discover()
        this_device = None
        if len(devices):
            devices_set = list(set(devices))
            this_device = devices_set[0]
            cprint.info(f"Total noisefit watch found: {len(devices_set)}")
            cprint.info(f"Devices: {devices_set}")
        if this_device is None:
            cprint.error(f"No noisefit watch found. Please make sure your watch is not connected to other device. Exiting!")
            return
        cprint.warning(f"Trying connecting to {this_device.name} {this_device.address} ...")
    except AttributeError as ae:
        cprint.error(f"Failed to connect to Watch. Please check if Watch is not connected to other device.")
        cprint.error(f"{ae}")
        return
    # get basic data
    await get_basic_data(this_device, retry, limit)

Demo

HRM


文章来源: https://hackernoon.com/how-i-hacked-a-colorfit-pro-4?source=rss
如有侵权请联系:admin#unsafe.sh