MiTM Firmware

By default August automatically updates a lock's firmware whenever a new version is released. This functionality can be used to push custom or old firmware versions to a lock. While it is possible to write support for this into the keymaker codebase that has not been done yet.

Using mitmproxy's -s option and the following script one can make the official August application load any firmware they want their lock. CAUTION: it is possible to brick an August lock by loading bad firmware via this script. Do not use this script if you are unwilling to accept the risk of bricking your lock

import os
# Replace defcon-august-arm-arm1.0.79.bin with the name of the firmware you wish to upload to
# the lock.
farm =   open(os.path.join(os.path.dirname(__file__), "defcon-august-arm-arm1.0.79.bin"), 'r');
arm = farm.read();
farm.close();

def response(context, flow):
	# Replace {{lockid}} with the id of your lock
	if "locks/{{lockid}}/firmware/arm/" in flow.request.path:
		flow.response.code = 200
		flow.response.content = arm
	# Replace defc0924-1.0.79-1.1.17 with the desired final firmare version
	elif "locks/{{lockid}}/firmware/defc0924-1.0.79-1.1.17" in flow.request.path:
		# this is the version of firmware we want
		flow.response.code = 200
		flow.response.content = '{}'
	# Replace 9140a5d3-1.0.176-1.1.17 with the current version of firmware on lock
	elif "locks/{{lockid}}/firmware/9140a5d3-1.0.176-1.1.17" in flow.request.path:
		flow.response.code = 200
		# This json object is what tells the August app what firmware should be download from the 'cloud'
		# and loaded on to {{lockid}} if multiple chips are to be updated that should be specified here.
		flow.response.content = '{"updateInfo":[{"chip":"arm","githash":"defc0924","version":"1.0.79"}]}'
	else:
		flow.response.content = flow.response.content.replace('"user"', '"superuser"')