Rinnai R16E32FBF is a tankless water heater with an internal recirculation pump. It is WiFi-enabled and has a companion app on Android/iOS platform. The app is capable to turn on/off the heater, adjust the temperature setting, turn on/off the pump, report the state of heater and provide statistics about gas consumption. However, there is no APIs for programmatic access.
There are two possible point to intercept the traffic. One is traffic between the heater and the manufacturer's server, another is between the app and the server. I plan to try to the 1st one as it does not affect the server.
Goal for this Hackweek
- Intercept and analyze the traffic between the heater and the server.
- Create a fake server to control the heater.
This project is one of its kind!