SkyLine
  • SkyLine | Introduction
    • Module Overview
    • SkyLine's Development
    • Skyline's Reason
    • SkyLine Syntax
    • SkyLine Concepts
      • Concepts | Modes
  • SkyLine | Technologies
    • Module Overview
    • REPL
      • REPL - Basic usage
      • REPL - Console Design
      • REPL - Commands
    • SLC
      • SLC - What is it
      • SLC - Use cases
      • SLC - Lexical Analysis
      • SLC - Intro To Development
      • SLC - Error System
  • SkyLine | Theory
    • Module Overview
    • Theory | Type Systems
      • Objects | Strings
      • Objects | Integers & Floats
  • SkyLine | Development
    • Module Overview
    • Development | Hello Integers?
  • SL | Hybrid Development
    • Module Overview
    • Hybrid Projects | Advancing
    • Hybrid Projects | Wrapping
    • Hybrid Projects | Using SLC
  • SkyLine | For Abusers
    • SL Abuser | Security Research
    • SL Abuser | Module Overview
    • SL Abuser | Abusing Helps
  • SkyLine Experiments
    • Introduction To Module
      • Caster - IoT Manipulation With SkyLine
        • Caster In Real World Scenarios
          • Cracking The Grounds
        • Caster: Setting Up
        • Caster - Running Caster
        • Caster - Dev Manipulation
          • Caster - Console
          • Caster - Apple Devs
          • Caster - Amazon Devs
          • Caster - Google Devs
          • Caster - Roku Devs
      • SkyNeXt - Hacking The Skies
      • SkyLine - PwnLib
Powered by GitBook
On this page
  • Caster - Roku Section
  • Roku - `roku-remote`
  • Roku - `roku-activeapp`
  • Roku - `roku-getrawapps`
  • Roku - `roku-devinfo`
  • Roku - `roku-dialinfo`
  • Roku - `roku-searchquery`
  • Roku - `startapp`
  • Other Unique Sides
  1. SkyLine Experiments
  2. Introduction To Module
  3. Caster - IoT Manipulation With SkyLine
  4. Caster - Dev Manipulation

Caster - Roku Devs

Enumerating & Controlling Roku Devices

PreviousCaster - Google DevsNextSkyNeXt - Hacking The Skies

Last updated 1 year ago

This entire framework wanted to be built around Google and Roku devices in the same way the research paper was. This section will explain to you how you can go from controlling a Roku device to starting applications on the device!

Note: A very interesting thing about this section is that it is byfar the largest section out of all of them. Now, this is where it also starts to get interesting. Roku has more commands due to the ease of abuse not just within their APIs but within protocols and systems like ECP (External Control Protocol) - that being said, this section will be designed a bit differently. Instead of just giving you examples, we decided to just explain the commands in the list and link the YouTube video to this!

Caster - Roku Section

In order to explain this menu, each "sub point" will have its own unique section and will also be using some example screenshots.

Roku - `roku-remote`

This command is actually pretty unique. Because we are able to abuse ECP on multiple devices at once, we can also revert the functionality of the protocol and use it for an unofficial remote for a RokuTV device!

When you enter this command into the console, you are immediately thrown into the console where you can type "help" and get a list of commands. Below are the commands in basic.

  • up -> Move the cursor on the TV up

  • down -> Move the cursor on the TV down

  • left -> Move the cursor on the TV left

  • right -> Move the cursor on the TV right

  • back -> Go back from the most recent step you made

  • home -> Go to the home screen

  • options -> Will take you to the options screen

  • vup -> volume up

  • vdown -> volume down

  • mute -> will mute the volume

  • select/ok -> will mimic the 'ok' control on the remote

Note: It is important that you understand the server might return a 404 . This is because ECP is not universal on every single Roku device in the same state and there is no version detection system built into Caster for this yet

Roku - `roku-activeapp`

For further manipulation of the device, say actually starting an application, you need to ensure that the application is off before turning it on. To do this, Caster has a command called activeapp.

This will get the current application from the Roku device and will also get you its state ( if there is one ).

Roku - `roku-getrawapps`

There is another option in Caster for Roku devices called roku-getapps which will grab all the applications on the device by name. The issue? If you really want to shut down or start an application even go as far as installing one, you need the application ID.

Sadly, due to formatting issues, the table can not grab the IDS of the applications when using the standard getapps . That being said, the current option getrawapps will directly grab and parse the raw XML response from the server with all current applications on the device.

Note: Skipping roku-getapps is justified due to the fact that we pretty much covered what they both do in one section

Roku - `roku-devinfo`

This will simply just get the device information and print it in a wonderful table for you to use!

Roku - `roku-dialinfo`

Similar to devinfo, this command will retrieve all of the SSDP/SCP dial information from the device's server. This can help with further enumeration of the device especially for endpoint discovery.

Roku - `roku-searchquery`

This amazing command is quite funny but actually quite intuitive.

When entering this command, you are allowed to type whatever you want and search it up on the device using the device's native search bar for applications, movies, shows, etc! The cool part about this is you can use some characters to actually slap some things in there that Roku does not like haha!

Roku - `startapp`

If you saw the command to grab applications, this is where that will become helpful.

Basically, this command will start an application based on the unique ID that is given to it. Again, this is why using commands to grab application information on the device is important.

Other Unique Sides

I felt that this section needed its own system. So, I just decided to film a few YouTube videos for you and get to working on that so you guys can watch it!

1 (Abusing Roku Devices With Caster):

2 (Automating Roku KeyPresses With Files):

https://www.youtube.com/watch?v=Tye8FD7aAgM&list=PLjdGpZIIr-0gtGn8ERB1V53pXGzg9QBy-&index=2
https://www.youtube.com/watch?v=AHarr-wtxrc&list=PLjdGpZIIr-0gtGn8ERB1V53pXGzg9QBy-&index=3
Page cover image