Tracing how a https api server communicates with smart devicesLog and debug/decrypt a windows application's...

Should I assume I have passed probation?

How to reduce predictors the right way for a logistic regression model

Do you waste sorcery points if you try to apply metamagic to a spell from a scroll but fail to cast it?

The Digit Triangles

Animation: customize bounce interpolation

How to test the sharpness of a knife?

Alignment of six matrices

How to leave product feedback on macOS?

I'm just a whisper. Who am I?

Isometric embedding of a genus g surface

Does the Crossbow Expert feat's extra crossbow attack work with the reaction attack from a Hunter ranger's Giant Killer feature?

Air travel with refrigerated insulin

Has the laser at Magurele, Romania reached a tenth of the Sun's power?

When and why was runway 07/25 at Kai Tak removed?

Given this phrasing in the lease, when should I pay my rent?

How much do grades matter for a future academia position?

Why the "ls" command is showing the permissions of files in a FAT32 partition?

Echo with obfuscation

Anime with legendary swords made from talismans and a man who could change them with a shattered body

Would this string work as string?

Is there a distance limit for minecart tracks?

What does "Scientists rise up against statistical significance" mean? (Comment in Nature)

How can I, as DM, avoid the Conga Line of Death occurring when implementing some form of flanking rule?

Quoting Keynes in a lecture



Tracing how a https api server communicates with smart devices


Log and debug/decrypt a windows application's HTTPS trafficWireshark Not Displaying Packets From Other Network Devices, Even in Promisc ModeMonitor network connection, auto responsehow to see all network requests made by an applicationudp client sending ICMP “port unreachable” when receiveing messages from the serverHow do I get Wireshark to filter for a specific web host?packet sniffing 3dsnginx http to https proxy with self-signed certificateHow do I setup Fiddler to advertise it as real server under test?Forcing HTTPS through proxy by DNS / How works “Smart DNS” with HTTPS?













0















I've been trying to work out for days how the TP-Link API communicates with the HS100 or any other TP-Link smart device. There is no official documentation, and it's been driving me mad. I use Insomnia REST client to post JSON requests to the API server (https://wap.tplinkcloud.com), and can see simple back and forth requests. However, when trying to control a smart device, I have no idea how the response it transmitted on my network to the device. I've tried Wireshark analysis, but due it being a https server, all data is encrypted. I have used Fiddler and Live HTTP Headers for Chrome to monitor packets leaving my client machine, but I am interested in response and how it reaches the device. My initial guess that the response is sent to the router and then broadcast across the network, but I don't understand how the API server would know the address of the router, considering that the POST request can be sent from any network. My second guess is that the device itself polls to the server, but I can see no evidence of any traffic to or from the device in Wireshark. The only interesting thing is that the device periodically sends out ARP requests for the default gateway, yet this can't be the polling because the intervals are so long, yet the update to the device state is almost instantanious. I'll add a screenshot of Wireshark logs at the point of the request. 07 IPV4 Addresses are the machine making the request, and 54 addresses are the API server. I understand that this is a long question, but I feel like I have exhausted my options based on my ameteur knowledge. Any advice or solutions would be greatly appreciated, thanks. Wireshark results






networking wireshark https sniffing api






share







New contributor




Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    0















    I've been trying to work out for days how the TP-Link API communicates with the HS100 or any other TP-Link smart device. There is no official documentation, and it's been driving me mad. I use Insomnia REST client to post JSON requests to the API server (https://wap.tplinkcloud.com), and can see simple back and forth requests. However, when trying to control a smart device, I have no idea how the response it transmitted on my network to the device. I've tried Wireshark analysis, but due it being a https server, all data is encrypted. I have used Fiddler and Live HTTP Headers for Chrome to monitor packets leaving my client machine, but I am interested in response and how it reaches the device. My initial guess that the response is sent to the router and then broadcast across the network, but I don't understand how the API server would know the address of the router, considering that the POST request can be sent from any network. My second guess is that the device itself polls to the server, but I can see no evidence of any traffic to or from the device in Wireshark. The only interesting thing is that the device periodically sends out ARP requests for the default gateway, yet this can't be the polling because the intervals are so long, yet the update to the device state is almost instantanious. I'll add a screenshot of Wireshark logs at the point of the request. 07 IPV4 Addresses are the machine making the request, and 54 addresses are the API server. I understand that this is a long question, but I feel like I have exhausted my options based on my ameteur knowledge. Any advice or solutions would be greatly appreciated, thanks. Wireshark results






    networking wireshark https sniffing api






    share







    New contributor




    Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      0












      0








      0








      I've been trying to work out for days how the TP-Link API communicates with the HS100 or any other TP-Link smart device. There is no official documentation, and it's been driving me mad. I use Insomnia REST client to post JSON requests to the API server (https://wap.tplinkcloud.com), and can see simple back and forth requests. However, when trying to control a smart device, I have no idea how the response it transmitted on my network to the device. I've tried Wireshark analysis, but due it being a https server, all data is encrypted. I have used Fiddler and Live HTTP Headers for Chrome to monitor packets leaving my client machine, but I am interested in response and how it reaches the device. My initial guess that the response is sent to the router and then broadcast across the network, but I don't understand how the API server would know the address of the router, considering that the POST request can be sent from any network. My second guess is that the device itself polls to the server, but I can see no evidence of any traffic to or from the device in Wireshark. The only interesting thing is that the device periodically sends out ARP requests for the default gateway, yet this can't be the polling because the intervals are so long, yet the update to the device state is almost instantanious. I'll add a screenshot of Wireshark logs at the point of the request. 07 IPV4 Addresses are the machine making the request, and 54 addresses are the API server. I understand that this is a long question, but I feel like I have exhausted my options based on my ameteur knowledge. Any advice or solutions would be greatly appreciated, thanks. Wireshark results






      networking wireshark https sniffing api






      share







      New contributor




      Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      I've been trying to work out for days how the TP-Link API communicates with the HS100 or any other TP-Link smart device. There is no official documentation, and it's been driving me mad. I use Insomnia REST client to post JSON requests to the API server (https://wap.tplinkcloud.com), and can see simple back and forth requests. However, when trying to control a smart device, I have no idea how the response it transmitted on my network to the device. I've tried Wireshark analysis, but due it being a https server, all data is encrypted. I have used Fiddler and Live HTTP Headers for Chrome to monitor packets leaving my client machine, but I am interested in response and how it reaches the device. My initial guess that the response is sent to the router and then broadcast across the network, but I don't understand how the API server would know the address of the router, considering that the POST request can be sent from any network. My second guess is that the device itself polls to the server, but I can see no evidence of any traffic to or from the device in Wireshark. The only interesting thing is that the device periodically sends out ARP requests for the default gateway, yet this can't be the polling because the intervals are so long, yet the update to the device state is almost instantanious. I'll add a screenshot of Wireshark logs at the point of the request. 07 IPV4 Addresses are the machine making the request, and 54 addresses are the API server. I understand that this is a long question, but I feel like I have exhausted my options based on my ameteur knowledge. Any advice or solutions would be greatly appreciated, thanks. Wireshark results






      networking wireshark https sniffing api




      networking wireshark https sniffing api





      share







      New contributor




      Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.










      share







      New contributor




      Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.








      share



      share






      New contributor




      Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 8 mins ago









      AuspexisAuspexis

      12




      12




      New contributor




      Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Auspexis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Auspexis is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1415849%2ftracing-how-a-https-api-server-communicates-with-smart-devices%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          Auspexis is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          Auspexis is a new contributor. Be nice, and check out our Code of Conduct.













          Auspexis is a new contributor. Be nice, and check out our Code of Conduct.












          Auspexis is a new contributor. Be nice, and check out our Code of Conduct.
















          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1415849%2ftracing-how-a-https-api-server-communicates-with-smart-devices%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

          Image
          Why didn't Boeing produce its own regional jet? What is the most common color to indicate the input-field is disabled? Theorists sure want true answers to this! What is the opposite of "eschatology"? What do you call someone who asks many questions? Is there a hemisphere-neutral way of specifying a season? Is this draw by repetition? Bug? String.split chopping off empty trailing value Is it inappropriate for a student to attend their mentor's dissertation defense? How dangerous is XSS Why do I get negative height? Is it possible to map
          Read more

          VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...

          Image
          risk of flooding in petra in november How to get directions in deep space? How could a planet have erratic days? 15% tax on $7.5k earnings. Is that right? Did the UK lift the requirement for registering SIM cards? Is it allowed to activate the ability of multiple planeswalkers in a single turn? Stack Interview Code methods made from class Node and Smart Pointers Non-trope happy ending? What is the highest possible scrabble score for placing a single tile Open a doc from terminal, but not by its name The IT department bottlenecks progress, how should I handle this?
          Read more

          Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...

          Image
          Does the Mueller report show a conspiracy between Russia and the Trump Campaign? Relating to the President and obstruction, were Mueller's conclusions preordained? How much damage would a cupful of neutron star matter do to the Earth? Nose gear failure in single prop aircraft: belly landing or nose landing? Should a wizard buy fine inks every time he want to copy spells into his spellbook? Can you force honesty by using the Speak with Dead and Zone of Truth spells together? A trigonometry question from STEP examination Special flights What is the "studentd" process? systemd and copy (/bin/cp): no such file or directory
          Read more