Some ChromeCast URLs
Posted by jpluimers on 2017/02/01
I need to check these against a Chromecast v2 as the below URLs are from a v1 device:
- http://192.168.71.113:8008/apps/ChromeCast (and others: most return an empty string)
- http://192.168.71.113:8008/apps/YouTube
- http://192.168.71.113:8008/ssdp/device-desc.xml
- http://192.168.71.113:8008/ssdp/notfound
- http://192.168.71.113:8008/setup/icon.png redirects to http://www.gstatic.com/eureka/images/eureka_device.png
- http://192.168.71.113:8008/setup/eureka_info
- http://192.168.71.113:8008/setup/eureka_info?options=detail
- http://192.168.71.113:8008/setup/scan_results (empty when connected over Ethernet adapter)
- http://192.168.71.113:8008/setup/supported_timezones
More is possible by using cURL: Chromecast Hacking Has Begun | fiquett.com
sleep 8h; while true; do curl -H "Content-Type: application/json" http://192.168.71.113:8008/apps/YouTube -X POST -d 'v=somevideo'; done
Related:
- [WayBack] Google to Fix Location Data Leak in Google Home, Chromecast — Krebs on Security
- [WayBack] Some Basic Rules for Securing Your IoT Stuff — Krebs on Security
- [WayBack] Google Home unofficial API documentation, which you can abuse:
- [WayBack] #Google Home devices have a few open doors ;) “I was surprised to see so many ports open so I started to do some research and found that these devic… – Alan Cox – Google+
- [WayBack] Google Home (in)Security – JerryGamblin.com
- [WayBack] #Google Home devices have a few open doors ;) “I was surprised to see so many ports open so I started to do some research and found that these devic… – Jan Wildeboer – Google+
–jeroen
via:
- java – Can i programatically detect if there are any Chromecast devices on the current WiFi network? – Stack Overflow
- Chrome-Casting to your Mac | Wolf Paulus
- dz0ny/leapcast: ChromeCast emulation app for any device
- google cast – Will there be Chromecast Receiver Emulator or an alternate app that acts as a receiver for development? – Stack Overflow
- Google Chromecast – Exploitee.rs
- Exploitee.rs » Blog Archive » Chromecast: Exploiting the Newest Device By Google.
- Hacking the ChromeCast…
- DIAL: Dial-multiscreen.org – a specification for multiscreen “DI”scovery “A”nd “L”aunch of first-screen (TV) content apps.
- SunboX/chromcast-network-logs
- Chromecast Implementation Documentation WIP · jloutsenhizer/CR-Cast Wiki
Frank said
V2
curl -H “Content-Type: application/json” http://192.168.2.11:8008/setup/icon.png
RedirectThis page is redirected permanently to http://www.gstatic.com/eureka/images/eureka_device.png
jpluimers said
Thanks. Did you try any other URLs?
jpluimers said
Via: https://plus.google.com/u/0/+JeroenPluimers/posts/2opH9sVVznt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ChromeV2Answer.xml
hosted with ❤ by GitHub