question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Trying to understand how getpassword works

See original GitHub issue

Hi, I’ve been using your excellent library, and have ported it to python. I’m now trying to figure out getpassword. Perhaps you could explain how it works (I’m just working on the fw V2 version).

I can get the blid, no problem. This is the crucial part of the code:

const packet = 'f005efcc3b2900';
  var client = tls.connect(8883, host, {rejectUnauthorized: false}, function () {
    client.write(new Buffer(packet, 'hex'));
  });

  client.on('data', function (data) {
    if (data.length === 2) {
      sliceFrom = 9;
      return;
    }
    if (data.length <= 7) {
      console.log('Error getting password. Follow the instructions and try again.');
    } else {
      console.log('Password=> ' + new Buffer(data).slice(sliceFrom).toString() + ' <= Yes, all this string.');
      console.log('Use this credentials in dorita980 lib :)');
    }

So what I would like to know is where ‘f005efcc3b2900’ comes from? I’m sending it as hex, and I get back two bytes ‘f023’ - what are you supposed to get back? is this an error code?

The other mystifying bit is:

if (data.length === 2) {
      sliceFrom = 9;

How can you slice from 9 if the data length is 2? Anyway, I’m assuming I should get more back than this, maybe I’m sending the "magic packet’ incorrectly, and I’m getting an error code back.

Any tips or suggestions would be welcomed.

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:5 (2 by maintainers)

github_iconTop GitHub Comments

1reaction
NickWatertoncommented, May 7, 2017

Thanks for the info, this explains a lot. So the magic packet is 7 bytes long, correct? I ask because the JavaScript description of Buffer(string, ‘hex’) is confusing. I will try reading two packets if the first is just two bytes long (which is what I’m currently getting).

To get the password, I’m opening a raw TLS socket connection, but in the actual Python roomba class, I’m using Paho mqtt client with a TLS connection.

The Python class is working, I’ve just been putting the final touches to my live map drawing section.

The last part was how to get the password, so the Python library was fully featured.

I will post the code on my github, but I was waiting until I had all the bugs out before I posted. I’ll let you know when it’s up.

On a different note, any idea which ports roomba uses for firmware updates? I’m worried about an update closing off our mqtt access, but if I block all ports, the cloud service can’t connect. I don’t know if they are using the mqtt port for upgrades, but I would suspect not, more likely they are downloading over 433 (you could upgrade over mqtt though…). If I block 433, the cloud service is cut off, so that is used as part of the cloud service, but the same is true of 8883. Probably a combo of the two.

Anyway, thanks for the help.

0reactions
koalazakcommented, May 7, 2017

No idea about the upgrade process 😕

Read more comments on GitHub >

github_iconTop Results From Across the Web

Hashcat explained: How this password cracker works
At its most basic level, hashcat guesses a password, hashes it, and then compares the resulting hash to the one it's trying to...
Read more >
Understanding Password Authentication & Password Cracking
Explore how passwords work for authentication, what is password hashing works, and how hackers can be stopped from cracking passwords.
Read more >
How to Use a Password Manager - Consumer Reports
Look for the Password Health Score (Dashlane), Vault Health Report and Data Breach Report (Bitwarden), Watchtower Report (1Password), or ...
Read more >
How Do Password Managers Work and Store Your Data?
Learn how to make your credentials management not only safer but ... time we want to present three technologies and explain how they...
Read more >
What is password encryption and how much is enough?
Every time you log in using your password, the hash function recreates the hash to see if it matches what's stored. If the...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found