I wish to check how and what is being sent when I interact with my TV via the remote that talks to the communicator box (not smart tv). I am curious what protocols are used, and how often does the communicator phones home. Does it send encrypted data or not. The ISP is also my TV network provider.
To tackle this question I tried to use a recently obtained knowledge of ARP poisoning. I installed a Kali Linux and used arpspoof. I also enabled IP forwarding and launched Wireshark but failed to receive any kind of packets that I could attribute to my communicator box. The TV also continued to operate normally which leads me to 2 theories:
- My ARP poisoning failed, that is why TV worked normally and Wireshark failed to show any packets.
- ARP poisoning worked, TV continued to work so IP forwarding must have worked too, but why would Wireshark then not capture anything?
Prior to that, I tested ARP poisoning on a 2nd home PC and successful intercepted traffic.
Data from port scanning my communicator box:
PORT STATE SERVICE VERSION
9010/tcp open ssh Dropbear sshd 2016.74 (protocol 2.0)
What are my options? Any alternatives to ARP spoofing if I wish to observe traffic my home appliances are sending to the internet? A special kind of router to put between TV communicator and the rest of the home network? If I can insert myself between the box and router, how do I install a root certificate to decrypt encrypted traffic on a device where I don't have root privileges or any other for that matter.
