Custom Integration: Tecnoalarm Italian anti-theft system

Share your Projects! Custom Integrations
1

Hi,

I have a tecnoalarm TP10-42 “smart” system that can be controlled using “myTecnoalarm TCS” app.
Tecnoalarm provides Alexa Tecnoalarm Skill but I have no Alexa device and I’d like to integrate directly into Home Assistant.

Using Android studio + HTTP Toolkit I was able to capture and decrypt https communication generated by app. :sunglasses: so I think that could be tecnically possible to create a custom integration.

Note: I’m totally new in home assistant, this kind of activity have some legal impact?

Note2: there was another thread related to tecnoalarm but it was focused to hardware part: Tecnoalarm Homeassistant integration

1 Like
2

Hi @Mirmanero! Any updates on this? Do you have created a GitHub repo?

3

Hi,

this sounds really interesting! I had previously integrated everything using the Alexa Media Player, but it’s a really terrible plugin with tons of issues. A direct integration would definitely be the best solution. However, from what I’ve been told, it doesn’t seem possible to do it just by sniffing the traffic. How is your progress going? Could you keep me updated on what you’re working on?

4

Hi,

happy to see that there is some interest! Yes I started working but with the end of vacation the time for the project disappeared :frowning:

Anyhow…I’m happy to share my very first results:

Please note that is a pre-beta version only for development scope; is totally useless for users because it still don’t get status neither can arm\disarm the alarm.
you wil see two areas with two sensors in but are all fake :sweat_smile:

What it really does is performing login to tecnoalarm cloud and handshake to get appkey; you should receive an e-mail from tecnoalarm for a new device registered to demostrates it works :upside_down_face: even from app you will see a “HomeAssistant_CustomIntegration(1.0”
!!Please note that actualy reports in log sensitive data like password in clear text pay attention before sharing them!!!

I’m very happy to receive comments and suggestions, and to share info for next steps if someone whants to collaborates :wink:

1 Like
5

Regarding sniffing: yes it is possible :wink: I created my environment last year so I forgot something but in general what I did was:

  • downloaded and installed Android studio
  • created an emulated device with a random (quite recent) android version
  • installed desired app (mytecnoalarm) in emulated device
  • downloaded and installed on my pc HTTP Toolkit (https://httptoolkit.com/)
  • installed HTTP toolkit ap on emulated device (sorry, I don’t remember how if apk or whatelse :sweat_smile: )
  • activated HTTP toolkit on PC as Android Device via ADB and activated on device app
  • I don’t remember if I had to install certificate on device or it was all automatic

In practice HTTP toolkit put itself in the middle and act as proxy replacing certificate seen by app so it can decrypt.
It shoud be possible to do the same even with a physical (not emulated) android device but I didn’t trusted to do that on my personal one with bank app and so on :wink:
Obviously you can do that with any other app (my next project is clima)

6

nice, thanks for sharing