Let's be clear on one thing: I am not a developer.
I am dangerous with bash, PERL, and, increasingly, Python. Given the state of the world, gaining skill in writing code is high on my priority list. But all that self-loathing disclaimer and wishful thinking aside...
I've been doing a pile of work lately with Chromecasts. Ya know, those cute little dongles you connect to you TV and stream stuff to. Yeah, those. Well, as it turns out there's an undocumented API that you can use to do all kinds of things on them. Most of these undocumented APIs are documented in various places around the Web. I used these, in conjunction with a little of my own packet sniffing to figure out how to setup a default Chromecast without having to use the Google Home app. I took this derivative work, and piled it all into a bash script that seems to do the job (read: there's MASSIVE room for improvement, but hey running code rules the world, right?).
As this is an undocumented API this is totally use at your own risk. I am not liable for any unexpected consequences, or if the API endpoints happen to change at any moment. This worked today, but I make no promises about tomorrow.
Tuesday, May 28, 2019
Thursday, May 23, 2019
Let's Encrypt for Meraki Webhooks and Scanning API
Yesterday Meraki sent out a notification to their customers that they were updating their Scanning API and webhooks features to only allow HTTPS based receivers. No more unencrypted HTTP. This, naturally, makes sense since there's potentially sensitive customer and configuration data being sent over the Internet with these features, so I applaud Meraki on taking this step.
But, I've done a bunch of testing and PoC work with those APIs using HTTP. Shame on me for doing it unencrypted, but, well, things are hard. OK, not really. So I'm glad Meraki has pushed me to tighten up my own testing environment. Since before today I didn't have a certificate I could use to do this, and I spent the morning hammering this all out, I thought I'd put this here in case you find it useful.
But, I've done a bunch of testing and PoC work with those APIs using HTTP. Shame on me for doing it unencrypted, but, well, things are hard. OK, not really. So I'm glad Meraki has pushed me to tighten up my own testing environment. Since before today I didn't have a certificate I could use to do this, and I spent the morning hammering this all out, I thought I'd put this here in case you find it useful.
Subscribe to:
Posts (Atom)