Escea Gas Fire Binding Investigation

Edit: 3/07/2017 - Removed as contains unpatched exploits
Edit: 09/12/16 - Files removed at request of Escea
Edit: 09/12/16 - Hashed values removed at request of Escea

You can.

…that was quick!

Care to explain a little??

Sure!
Just took these md5 hashes and pasted them in online md5 decrypter I found in google :slight_smile:

So they are straight MD5 hashes then? The code suggested they were being passed through a custom function, so I didn’t think to try that.

Just received these documents from the manufacturer - these will be incredibly useful.

* ESCEA Controller
* ESCEA LAN Comms

I still maintain that there are security vulnerabilities here that could be easily addressed. Even if the protocols are designed to be open, that doesn’t mean that they should be open to unauthorized people.

I imagine the scenario when a household is on an external gas supply and everyone is away on vacation. An attacker could very easily gain unauthorized access, turn the fire on and accrue massive gas charges in addition to risking fire. Granted there is no financial benefit in this, but part of the problems of having Smart Homes is that screwing with people could become a motivation in itself.

Anyway, these documents should really help build a binding for the fireplace. Does anyone know of any resources OpenHAB has as a sort of introduction to building a binding? Would like to have a go if I can.

After looking at the MD5 script I realized that the MD5.js script is the same as this one I found online, which, as you discovered, simply hashed the strings with the MD5 algorithm.

For some reason I thought they had defined a function called MD5 that did something else in addition to MD5 hashing it… Suppose Occam’s razor should have applied!

All, was a binding developed or is there a way to interface with OH ?