Zigbee / Thread / Matter Attacks

802.15.4-based mesh protocols underpin most "smart home" devices. Zigbee is widely deployed and has well-known crypto-key-reuse issues; Thread (modern, IPv6-based) ships with stronger defaults; Matter unifies their commissioning model with stronger crypto but still has implementation pitfalls.

Quick Workflow

1. Sniff target frequency (channels 11–26 in 2.4 GHz)
2. Identify network coordinator and joining devices
3. For Zigbee: try Touchlink commissioning with the well-known key
4. Capture join-key exchange when devices commission
5. Replay or inject ZCL/ZHA cluster commands

Hardware