First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Question about my TV talking to my computer?

So I am Information Security graduate not currently active in the field(graduated in 2012 and left the field in 2014).I'm always researching my network to keep my interest going. Anyways my knowledge with wireshark isn't up to par, but I know enough to be dangerous. I have wiped my computer several times as well as devices in my house, because I believe someone is messing around in my network. So I have a Vizio TV that has been sending interesting traffic to the main computer I use and I hope posting here will give me some answers. I believe the hacker is operating off of 'containers' or my Linux partition on my computer because I see my nvidia software using containers as well as finding some in my linux partition when i log in. We will start with the basics and go from there. I have blocked my TV on my software firewall for my computer. Please tell me what exactly is going on here. Any information/feedback/brainstorming is greatly appreciated. I just want my network safe again. This is a UDP stream from the TV(192.168.1.188) trying to communicate with my main computer.

HTTP/1.1 200 OK
LOCATION: http://192.168.1.188:56790/dd.xml
CACHE-CONTROL: max-age=1800
EXT:
BOOTID.UPNP.ORG: 1
SERVER: Linux/2.6 UPnP/1.1 quick_ssdp/1.1
ST: urn:dial-multiscreen-org:service:dial:1
USN: uuid:8bf7c893-d2a6-9389-0b5b-f92ac169e3f3::urn:dial-multiscreen-org:service:dial:1
WAKEUP: MAC=0C:8B:7D:3A:8C:E6;Timeout=30

HTTP/1.1 200 OK
LOCATION: http://192.168.1.188:56790/dd.xml
CACHE-CONTROL: max-age=1800
EXT:
BOOTID.UPNP.ORG: 1
SERVER: Linux/2.6 UPnP/1.1 quick_ssdp/1.1
ST: urn:dial-multiscreen-org:service:dial:1
USN: uuid:8bf7c893-d2a6-9389-0b5b-f92ac169e3f3::urn:dial-multiscreen-org:service:dial:1
WAKEUP: MAC=0C:8B:7D:3A:8C:E6;Timeout=30

HTTP/1.1 200 OK
LOCATION: http://192.168.1.188:56790/dd.xml
CACHE-CONTROL: max-age=1800
EXT:
BOOTID.UPNP.ORG: 1
SERVER: Linux/2.6 UPnP/1.1 quick_ssdp/1.1
ST: urn:dial-multiscreen-org:service:dial:1
USN: uuid:8bf7c893-d2a6-9389-0b5b-f92ac169e3f3::urn:dial-multiscreen-org:service:dial:1
WAKEUP: MAC=0C:8B:7D:3A:8C:E6;Timeout=30

EDIT: I did a nmap scan on my Vizio TV and it has the following ports open

TCP - 7000 - afs3- fileserver
TCP - 8007 - http
TCP - 8009 - ajp13
TCP - 8443 - https-alt
TCP - 9080 - glrpc

all syn-ack

Let me know if you need anymore info on the packets I have captured.

Thanks a ton everyone!

packetguy21's avatar
1
packetguy21
asked 2022-08-06 14:40:19 +0000
grahamb's avatar
23.8k
grahamb
updated 2022-09-14 15:47:59 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Doing a Google search on the noted URL, I found this: DIAL—for DIscovery And Launch—is a simple protocol that second-screen devices can use to discover and launch apps on first-screen devices. Details can be found here: http://www.dial-multiscreen.org/

My 2 cents, I sense you TV is trying to discover other devices that support DIAL.

DavidB's avatar
1
DavidB
answered 2022-09-14 15:34:25 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer