# ct-open-source/tuya-convert **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/ct-open-source-tuya-convert).** 5,012 stars · 522 forks · Python · mit ## Links - GitHub: https://github.com/ct-Open-Source/tuya-convert - awesome-repositories: https://awesome-repositories.com/repository/ct-open-source-tuya-convert.md ## Topics `35c3` `esp8266` `iot` `mqtt` `smarthome` `tuya` `tuya-smart` ## Description Tuya-Convert is a firmware flashing utility for IoT devices that exploits the over-the-air (OTA) update process to install custom firmware, bypass Tuya cloud dependencies, and enable local or open-source control. It automatically backs up the device’s original firmware before overwriting, allowing easy restoration. The tool achieves this by creating a spoofed Wi-Fi access point that the target device connects to, intercepting the OTA communication between the device and the Tuya cloud, then substituting a custom firmware binary during the transfer. It emulates the Tuya cloud protocol’s response structure so that the device accepts the replacement as a legitimate update, all without opening the device or requiring physical access. Beyond the core flashing capability, Tuya-Convert supports firmware dump and restore via the OTA channel, uses a secondary microcontroller as a low‑cost attack vector, and functions as a general‑purpose IoT device jailbreak utility. It is a Python‑based tool designed for smart plugs, switches, and bulbs that rely on Tuya’s update mechanism. ## Tags ### Part of an Awesome List - [Smart Home Device Firmware Replacement](https://awesome-repositories.com/f/awesome-lists/productivity/smart-home-and-iot/smart-home-device-firmware-replacement.md) — Replaces firmware on commercial smart home devices to remove cloud dependencies and enable local control. - [Development Tools](https://awesome-repositories.com/f/awesome-lists/devtools/development-tools.md) — Tool for flashing custom firmware onto Tuya-based devices. ### Development Tools & Productivity - [Custom Firmware Installers for Smart Home Devices](https://awesome-repositories.com/f/development-tools-productivity/firmware-installers/custom-firmware-installers-for-smart-home-devices.md) — Enables uploading custom firmware to smart home devices by intercepting the OTA update process. ### Hardware & IoT - [Custom Firmware Flashing via Network Access Point](https://awesome-repositories.com/f/hardware-iot/connectivity-iot/hardware-communication/serial-device-communication/firmware-flashing/custom-firmware-flashing-via-network-access-point.md) — Installs custom firmware on smart home devices by using a secondary device as a network access point. ([source](https://github.com/ct-Open-Source/tuya-convert#readme)) - [IoT Firmware Flashing via OTA Exploitation](https://awesome-repositories.com/f/hardware-iot/connectivity-iot/hardware-communication/serial-device-communication/firmware-flashing/iot-firmware-flashing-via-ota-exploitation.md) — Flashes custom firmware onto Tuya IoT devices by exploiting the OTA update mechanism without physical access. - [Custom Firmware Tools for Smart Home Devices](https://awesome-repositories.com/f/hardware-iot/connectivity-iot/home-automation/smart-home-bridges/custom-firmware-tools-for-smart-home-devices.md) — Enables installing custom firmware on Tuya smart home devices by intercepting over-the-air updates. - [Firmware Dump and Restore via OTA](https://awesome-repositories.com/f/hardware-iot/firmware-management/remote-firmware-updaters/firmware-ota-update-systems/firmware-dump-and-restore-via-ota.md) — Provides a mechanism to dump and restore original firmware over the air, enabling safe custom firmware experimentation. - [Tuya OTA Firmware Flashers](https://awesome-repositories.com/f/hardware-iot/firmware-management/remote-firmware-updaters/firmware-ota-update-systems/tuya-ota-firmware-flashers.md) — Exploits the Tuya IoT update mechanism to flash custom firmware using a secondary WiFi access point. - [IoT Device Jailbreak Utilities](https://awesome-repositories.com/f/hardware-iot/iot-device-jailbreak-utilities.md) — Bypasses Tuya cloud restrictions to allow full control of the device via custom firmware. - [Tuya Cloud Bypass Tools](https://awesome-repositories.com/f/hardware-iot/tuya-cloud-bypass-tools.md) — Bypasses Tuya cloud dependencies to install alternative firmware for offline or open-source control of devices. - [Firmware Backup and Restore](https://awesome-repositories.com/f/hardware-iot/connectivity-iot/hardware-communication/serial-device-communication/firmware-flashing/firmware-backup-and-restore.md) — Automatically saves the original firmware before flashing, enabling easy recovery and restoration. - [Original Firmware Backup Before Flashing](https://awesome-repositories.com/f/hardware-iot/connectivity-iot/hardware-communication/serial-device-communication/firmware-flashing/original-firmware-backup-before-flashing.md) — Automatically backs up the original firmware to a local file before overwriting, enabling easy restoration. ([source](https://github.com/ct-Open-Source/tuya-convert/blob/master/README.md)) - [Wi-Fi-Based Flash Attack Vectors](https://awesome-repositories.com/f/hardware-iot/secondary-microcontroller-integrations/wi-fi-based-flash-attack-vectors.md) — Ships a secondary microcontroller attack vector that runs a custom access point and proxy for Wi-Fi-based flashing. ### Networking & Communication - [Cloud Protocol Emulation](https://awesome-repositories.com/f/networking-communication/service-emulators/cloud-protocol-emulation.md) — Emulates the Tuya cloud protocol's response structure to trick devices into accepting custom firmware as legitimate. - [Rogue Access Points](https://awesome-repositories.com/f/networking-communication/wireless-access-point-management/rogue-access-points.md) — Creates a spoofed Wi-Fi access point to intercept device firmware update requests during the OTA process. ### Security & Cryptography - [Man-in-the-Middle Frameworks](https://awesome-repositories.com/f/security-cryptography/man-in-the-middle-frameworks.md) — Implements a man-in-the-middle proxy that intercepts OTA update traffic to substitute firmware binaries. - [WiFi MITM Exploit Utilities](https://awesome-repositories.com/f/security-cryptography/wifi-mitm-exploit-utilities.md) — Uses a WiFi hotspot to capture and replace the device's firmware update payload during the OTA process.