Skip to content

rani-i/Mi365Locker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

app

app

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

build.gradle

build.gradle

 
 

gradle.properties

gradle.properties

 
 

gradlew

gradlew

 
 

gradlew.bat

gradlew.bat

 
 

settings.gradle

settings.gradle

 
 

Repository files navigation

XiaomiM365Locker

@RaniXCH

The app allows you to search for Xiaomi scooters lock & unlock the devices. This security concerned was put to the attention of Xiaomi and disclosed responsibly. Xiaomi responded it is publicly known and it is a third party.

PoC for iOS - https://github.com/chilik/Mi365Locker-iOS

References

Android library for BLE communication - https://github.com/Polidea/RxAndroidBle

Most of the BLE commands - https://github.com/maisi/M365-Power

Blog post - https://blog.zimperium.com/dont-give-me-a-brake-xiaomi-scooter-hack-enables-dangerous-accelerations-and-stops-for-unsuspecting-riders/

TODOs

  • Add check whether the BLE device is scooter by catching BadCharacteristic exception
  • Add remote install firmware from that code instead of different app.

Disclaimer

The app is intended to be used for education purposes only. Keep in mind not to risk your surroundings, add your scooter name or the mac address to whitelist.

About

Xiaomi Mi365 Scooter locker

Resources

Readme

License

GPL-3.0 license
Activity

Stars

210 stars

Watchers

26 watching

Forks

72 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages