MobileHackingLabs — IOT Connect writeup
📰 Medium · Cybersecurity
Learn how to exploit a vulnerability in an IoT application to control connected devices
Action Steps
- Set up the MobileHackingLabs IoT Connect application and understand its functionality
- Identify the vulnerability in the broadcast receiver that allows control of connected devices
- Exploit the vulnerability to activate the master switch and control all connected devices
- Analyze the application's login and registration process to identify potential entry points for exploitation
- Use tools such as Burp Suite or ZAP to intercept and manipulate traffic between the application and the server
Who Needs to Know This
Security researchers and penetration testers can benefit from this tutorial to improve their skills in identifying and exploiting vulnerabilities in IoT applications
Key Insight
💡 Identifying and exploiting vulnerabilities in IoT applications requires a deep understanding of the application's functionality and potential entry points for exploitation
Share This
🚨 Exploit IoT app vulnerabilities to control connected devices! 🚨
Key Takeaways
Learn how to exploit a vulnerability in an IoT application to control connected devices
Full Article
Title: MobileHackingLabs — IOT Connect writeup
URL Source: https://medium.com/@danielearn4211/mobilehackinglabs-iot-connect-writeup-bea924bd7c5e?source=rss------cybersecurity-5
Published Time: 2026-06-19T00:24:03Z
Markdown Content:
# MobileHackingLabs — IOT Connect writeup | by Daniel Ndungu (Blank) | Jun, 2026 | Medium
[Sitemap](https://medium.com/sitemap/sitemap.xml)
[Open in app](https://play.google.com/store/apps/details?id=com.medium.reader&referrer=utm_source%3DmobileNavBar&source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)
[](https://medium.com/?source=post_page---top_nav_layout_nav-----------------------------------------)
Get app
[Write](https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---top_nav_layout_nav-----------------------new_post_topnav------------------)
[Search](https://medium.com/search?source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)
# MobileHackingLabs — IOT Connect writeup
[](https://medium.com/@danielearn4211?source=post_page---byline--bea924bd7c5e---------------------------------------)
[Daniel Ndungu (Blank)](https://medium.com/@danielearn4211?source=post_page---byline--bea924bd7c5e---------------------------------------)
Follow
13 min read
·
2 hours ago
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fbea924bd7c5e&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&user=Daniel+Ndungu+%28Blank%29&userId=be1b06ed1860&source=---header_actions--bea924bd7c5e---------------------clap_footer------------------)
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Frepost%2Fp%2Fbea924bd7c5e&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&user=Daniel+Ndungu+%28Blank%29&userId=be1b06ed1860&source=---header_actions--bea924bd7c5e---------------------repost_header------------------)
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fbea924bd7c5e&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&source=---header_actions--bea924bd7c5e---------------------bookmark_footer------------------)
[Listen](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3Dbea924bd7c5e&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&source=---header_actions--bea924bd7c5e---------------------post_audio_button------------------)
Share
* So our goal for this lab is to exploit a vulnerability in the application in a broadcast receiver that allows us to activate the master switch and control all connected devices
* Well, let’s set up the application and see how it works
* On the first activity, we see a login panel with the option to login or register
* If we try login, we get an “Invalid username or password” toast
* We click register and we can register with a given username and password
* With the same username and password, we can now
URL Source: https://medium.com/@danielearn4211/mobilehackinglabs-iot-connect-writeup-bea924bd7c5e?source=rss------cybersecurity-5
Published Time: 2026-06-19T00:24:03Z
Markdown Content:
# MobileHackingLabs — IOT Connect writeup | by Daniel Ndungu (Blank) | Jun, 2026 | Medium
[Sitemap](https://medium.com/sitemap/sitemap.xml)
[Open in app](https://play.google.com/store/apps/details?id=com.medium.reader&referrer=utm_source%3DmobileNavBar&source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)
[](https://medium.com/?source=post_page---top_nav_layout_nav-----------------------------------------)
Get app
[Write](https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---top_nav_layout_nav-----------------------new_post_topnav------------------)
[Search](https://medium.com/search?source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)
# MobileHackingLabs — IOT Connect writeup
[](https://medium.com/@danielearn4211?source=post_page---byline--bea924bd7c5e---------------------------------------)
[Daniel Ndungu (Blank)](https://medium.com/@danielearn4211?source=post_page---byline--bea924bd7c5e---------------------------------------)
Follow
13 min read
·
2 hours ago
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fbea924bd7c5e&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&user=Daniel+Ndungu+%28Blank%29&userId=be1b06ed1860&source=---header_actions--bea924bd7c5e---------------------clap_footer------------------)
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Frepost%2Fp%2Fbea924bd7c5e&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&user=Daniel+Ndungu+%28Blank%29&userId=be1b06ed1860&source=---header_actions--bea924bd7c5e---------------------repost_header------------------)
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fbea924bd7c5e&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&source=---header_actions--bea924bd7c5e---------------------bookmark_footer------------------)
[Listen](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3Dbea924bd7c5e&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40danielearn4211%2Fmobilehackinglabs-iot-connect-writeup-bea924bd7c5e&source=---header_actions--bea924bd7c5e---------------------post_audio_button------------------)
Share
* So our goal for this lab is to exploit a vulnerability in the application in a broadcast receiver that allows us to activate the master switch and control all connected devices
* Well, let’s set up the application and see how it works
* On the first activity, we see a login panel with the option to login or register
* If we try login, we get an “Invalid username or password” toast
* We click register and we can register with a given username and password
* With the same username and password, we can now
DeepCamp AI