Initial submission, more tools and information will follow ;)

You can find a step-by-step guide how to wirelessly root your vacuum robot here.

Our presenation was designed for 35 minutes, however our time was cut to 20 minutes. Therefore we had to reduce the content in our presentation. You can find a more detailed version of our 34c3 presentation with more details here. More technical information you find here (techinfo.pdf).

FAQ

Can you hack all Xiaomi vacuum cleaners connected to the internet?

No, you can root only your own device, devices which are in your own wifi or where you have physical access to.

Do you consider the Xiaomi cloud as insecure?

Actually we think that Xiaomi did a good job in designing their cloud protocol (at least from a security perspective).

Is it required to open the robot / break the warranty seals to root it?

No, you can push the firmwareupdate to the robot without opening it. See the Update howto.

Does the root also work for Gen2?

There might be a way to root also Gen2. However as I (Dennis) do not have access to a Gen2 vacuum, i cannot give you more information on that. As soon as i will get my own Gen2 vacuum, i will update the information.

Contact

Dennis Giese <dgi[at]posteo.de>
Daniel Wegemer <daniel[at]wegemer.com>

Acknowledgements:

Prof. Matthias Hollick at Secure Mobile Networking Lab (SEEMOO)

Prof. Guevara Noubir (CCIS, Northeastern University)

About

Xiaomi Vacuum Robot Reverse Engineering and Hacking

Languages

Language:Python 57.1%Language:PHP 35.4%Language:Shell 7.5%