Jump to content


Photo
- - - - -

BodyBugg Hacking


  • Please log in to reply
1 reply to this topic

#1 Enmaku

Enmaku

    SUP3R 31337

  • Members
  • 163 posts
  • Country:
  • Gender:Male
  • Location:Las Vegas, NV

Posted 02 March 2011 - 12:18 AM

So I've been hitting the gym a lot lately, and I was looking at some of the various calorimeters on the market. For the money the BodyBugg looks nice but I hate that they rope you into a monthly payment just to get the data off of your own property. I've decided to pick up a used one and try to RE it, see if I can pull the data off and do my own analysis, and of course release whatever I cobble together for the general good. I'm here because I'm not sure if it's been done or if my Google-fu is failing me... I found some python scripts circa 2009 here that may or may not work with the current generation of devices, and a handful of links from that site go to questionably valid places, the other half are dead.

Does anyone have more recent experience with such devices or perhaps a suggestion for a similar device that doesn't require a subscription? I'd rather give my money to more reasonable people, but I think if I were to make a workable free alternative to the monthly subscription crap they offer I could do more than enough damage to offset the profit they'll make from one sale ;)

#2 moktar

moktar

    the 0ne

  • Members
  • 1 posts
  • Gender:Male

Posted 22 March 2012 - 05:46 PM


I'm here because I'm not sure if it's been done or if my Google-fu is failing me... I found some python scripts circa 2009 here that may or may not work with the current generation of devices, and a handful of links from that site go to questionably valid places, the other half are dead.



Yes, the v2 and v3 have been reliably compromised by a java app named "freethebugg". A quick google search will bring up the 4shared download page. You'll also need the driver package from BodyMedia to use it.

This was achieved by decompiling and analyzing the .JAR files from the BodyMedia site.

The BodyBuggSP is proving to be a tougher target, however. It seems to require a security token received from the website to operate. I am continuing to work on this, as is the fellow who wrote FreeTheBugg.

Edited by moktar, 22 March 2012 - 05:47 PM.





BinRev is hosted by the great people at Lunarpages!