Open dgliosca opened 5 years ago
Yeah that would be awesome!
Hello, No I have not tried yet, for that I must crack the device and I get the files that are used for recipes. If anyone can recover the files it would be nice.
Hello, I was wondering if anybody made any progress on this.
While the app itself cannot be distributed due to licenses, I guess it should be fine to discuss the reverse engineering process. Has anybody started such a community anywhere or started the work on looking at how the recipes are stored?
Hello, It's like with a smartphone or tablet android can do anything with but it will necessarily leave traces so pay attention to the guarantee in case of problems.
which traces would those be if you flash all partitions with the original backup? Where would they be stored? In any case, I'm less concerned about the warranty and more concerned about losing functionality and future upgrades, and was wondering if anybody had succeeded in restoring this functionality. Knowing this would be useful. Thanks!
I fear that the boot partition is changed because now we have access to the MC via ADB while with the original it is not possible. It is also possible that the date of the flash (in case of complete restore) is written in the memory. In any case whis happens when you do a complete original restore on a smartphone. Personally, I do not see the interest of tinkering with the system other than to be able to modify the program of recipes or to be able to program specific and automatic functions more elaborate than that of origin. Changing the MC software to use as a tablet has no interest. The interest (for me) is to be able to control the devices as it wishes (Motor, heating, weighing, security, thermometer, stopwatch, .....)
The recipes are stored in a sqlite DB in the system. I do not remember the correct location but try finding it using a search for ".sqlite" file in the filesystem.
Thank for this information.
Hi Guys, I'm interested as well how we can inject custom/community recipes into machine. Is anyone knows if application using API which could be reversed engineered and we can do our backend and that way inject new custom recipes.
or is anyone could share full image of rooted android? I would be able to do some work to trace how recipes are updated.
or to be honest easiest way would inject recipes directly to sql lite database. We would need to know what structure has database. and write 3rd party app which periodically would check for new recipes. only downside could be that original app could overwrite/delete added recipes? Can someone with rooted machines find and share .sqlite file?
Hello To edit the sql database i use notepad++ if someone can share the base I can look at what can be done.
much better is to use sql browser https://sqlitebrowser.org/ I don't have currently access to rooted device so would be handy if someone could share sql file in private.
I think that recipe can not be copyrighted... so I should be shared here without problem (if the presentation pictures of recipe is not in the database)
we need structure, so we can work out how new recipes could be added to database. as well we could use one click solution by using usb microcontroller every user would be able to enable new recipes in easy way just by inserting usb stick with microcontroller into machine.
I think that recipe can not be copyrighted... so I should be shared here without problem (if the presentation pictures of recipe is not in the database)
so could you share with us?
I think that recipe can not be copyrighted... so I should be shared here without problem (if the presentation pictures of recipe is not in the database)
so could you share with us?
I didn't rooted it yet, and someone using it right now 😋 sorry
Hey there, there is two files extracted from my MCC. I'll try to play with it. https://drive.google.com/open?id=1K0DD80j0iIvR_wjOOdr9oJsK7UTPTcHN
@tomy137 Thanks for the files - looks like the French recipes :-) Maybe you can extract the download urls of the recipes from the machine?
@tomy137 Thanks for the files. I think we should be able to modify the recipes with that. At first be able to correct errors in recipes. Now you have to understand how it works ...
The file "Recipes" is a sqlite database
sqlite> .open Recipes
sqlite>
sqlite>
sqlite> .tables
INGREDIENT MACHINE_VALUES RECIPE android_metadata
INGREDIENTS_BASE MEASUREMENT STEP
LED NUTRIENT TAG
sqlite>
sqlite>
sqlite> .schema
CREATE TABLE android_metadata (locale TEXT);
CREATE TABLE IF NOT EXISTS "LED" ("ACTION" TEXT,"COLOR" TEXT,"_id" INTEGER PRIMARY KEY AUTOINCREMENT );
CREATE TABLE sqlite_sequence(name,seq);
CREATE TABLE IF NOT EXISTS "NUTRIENT" ("AMOUNT" TEXT,"_id" INTEGER PRIMARY KEY AUTOINCREMENT ,"RECIPE_ID" INTEGER,"TYPE" TEXT,"UNIT" TEXT);
CREATE TABLE IF NOT EXISTS "TAG" ("CATEGORY" TEXT,"_id" INTEGER PRIMARY KEY AUTOINCREMENT ,"NAME" TEXT,"RECIPE_ID" INTEGER);
CREATE TABLE IF NOT EXISTS "STEP" ("_id" INTEGER PRIMARY KEY AUTOINCREMENT ,"LED_ID" INTEGER,"MACHINE_VALUES_ID" INTEGER,"MEASUREMENT_ID" INTEGER,"MODE" TEXT,"RECIPE_ID" INTEGER,"STEP" INTEGER NOT NULL ,"TEXT" TEXT);
CREATE TABLE IF NOT EXISTS "INGREDIENTS_BASE" ("_id" INTEGER PRIMARY KEY AUTOINCREMENT ,"NAME" TEXT,"RECIPE_ID" INTEGER);
CREATE TABLE IF NOT EXISTS "RECIPE" ("COMPLEXITY" TEXT,"DURATION" INTEGER NOT NULL ,"DURATION_TOTAL" INTEGER NOT NULL ,"_id" INTEGER PRIMARY KEY ,"IMAGE_BASE" TEXT,"IMAGE_NAME" TEXT,"RECIPE_TYPE" TEXT,"INSTRUCTIONS" TEXT,"IS_FAVORITE" INTEGER NOT NULL ,"LANGUAGE" TEXT,"LEVEL" INTEGER NOT NULL ,"MACHINE_TYPE" TEXT,"MACHINE_VERSION" REAL NOT NULL ,"NAME" TEXT,"PREPARATIONS" TEXT,"SCHEME_VERSION" INTEGER NOT NULL ,"UNIT" TEXT,"UPDATED" INTEGER,"VALID_FROM" INTEGER,"VALID_TO" INTEGER,"VERSION" INTEGER NOT NULL ,"YIELD" INTEGER NOT NULL ,"YIELD_UNIT" TEXT);
CREATE TABLE IF NOT EXISTS "INGREDIENT" ("AMOUNT" TEXT,"_id" INTEGER PRIMARY KEY AUTOINCREMENT ,"INGREDIENTS_BASE_ID" INTEGER,"NAME" TEXT,"UNIT" TEXT);
CREATE TABLE IF NOT EXISTS "MACHINE_VALUES" ("_id" INTEGER PRIMARY KEY AUTOINCREMENT ,"REVERSE" INTEGER NOT NULL ,"SPEED" INTEGER NOT NULL ,"TEMP" INTEGER NOT NULL ,"TIME" INTEGER NOT NULL ,"WEIGHT" INTEGER NOT NULL );
CREATE TABLE IF NOT EXISTS "MEASUREMENT" ("_id" INTEGER PRIMARY KEY AUTOINCREMENT ,"LID" INTEGER NOT NULL ,"SPEED" INTEGER NOT NULL ,"TEMP" INTEGER NOT NULL ,"WEIGHT" INTEGER NOT NULL );
sqlite>
It should be easy to modify the database to include/modify new recipes
@tomy137 Could you tell us how you got the file? It's possible to modify the file? What is its location path?
I found it at this location directly on the MCC : /data/data/de.silpion.mc2/databases/
The tutoriel helped me to mount system file with ADB. I will try to modify and re-import the file into the MCC.
This is the ER diagram:
It would be good news if we could get into ADB mode over wifi. We could develop apps to add/modify recipes.
Does anyone know if it is possible to enable developer mode without changing the firmware? Can we access android settings?
In fact when you get an update with new recipes, it all happens through wi-fi. Did someone managed to get the MC2 app decompiled? It would be good to understand what apis we can exploit to push new recipes through.
On 2 Apr 2020, at 13:23, Ximo Catala notifications@github.com wrote:
It would be good news if we could get into ADB mode over wifi. We could develop apps to add/modify recipes.
Does anyone know if it is possible to enable developer mode without changing the firmware? Can we access android settings?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/EliasKotlyar/Monsieur-Cuisine-Connect-Hack/issues/6#issuecomment-607813091, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACDAG7U5EKPDKXFJDVWY63RKR7UXANCNFSM4I2EI7ZA.
To use with discretion https://pastebin.com/MPiEn4AN
Maybe we can migrate our research on Discord ? https://discord.gg/SqQ4ND
I think it is better to stay here on github with EliasKotlyar who is at the origin of this subject on the MCC. There is no point going elsewhere as there are not many people interested in the issue.
https://pastebin.com/vsnQZ7r2 got a 404 for the dropbox link :-(
https://pastebin.com/vsnQZ7r2 got a 404 for the dropbox link :-(
Fixed ! Sorry.
I'm trying to install the apk in a virtual machine with virtualbox (Android 6.0), but It doesn't work. Maybe the characteristics of the virtual machine have to be the same as those of MMC
I think that there is another point of view for the recipes problem... What if we simply changed the url route that the app uses to update recipes? We can create a site that responds to requests for updates. I am sure that in this request, the device identification is included. So we could each create a profile on this site, and control with which recipes you want to update your device, whether they are their own, shared by the community or the official ones. This approach seems much more interesting to me.
I think that there is another point of view for the recipes problem... What if we simply changed the url route that the app uses to update recipes? We can create a site that responds to requests for updates. I am sure that in this request, the device identification is included. So we could each create a profile on this site, and control with which recipes you want to update your device, whether they are their own, shared by the community or the official ones. This approach seems much more interesting to me.
Hey Guys! I was just googling exactly that question! Is there any update? I can try an interface like Website Remote URL to change oder add new stuff.. but probably someone did it before?
I tried to install the apk provided by @tomy137 in a Android 6 virtual machine, but it didn't work. If we succeed, we could decompile the apk, modify the code with the new URL, install it and try.
Does someone know how to install the apk in a virtual machine?
Hello I think it installs like any apk on an Android smartphone or an Android tablet. Personally, I installed an android emulator on my windows10 tablet and I installed my apk by copying them into the virtual memory of the emulator (representing the android storage space) and I clicked on the apk file which installed like on an android smartphone or tablet. You must as on a smartphone or a tablet activate in the settings the installation of external apk and activate USB debugging. For the moment I have not yet tried to install recipe.apk on my Android emulator on Win10 tablet ....
I think it would make it difficult to use a replacement server to update or modify the recipes. I think that a modification of the sql files would be easier because it would be enough to replace the existing one (via USB) with a copy paste. The problem is to understand the architecture and the functioning of the sql file to modify it.
I succeed to create and modify recipies into the database file. I also succeed to use this recipies with the MCC as usual. I created a little script in nodeJS to translate one json file with the recipie to SQL requests. It works ! I'll upload it soon.
But it's painful to have to boot the MCC with USB câble on my pc at each change.
STEP A --- Make the HACK easier
1-The idea of the fake server would be the best but maybe really complex to imitate official server ?
2-Or maybe it's possible to automatise all the manipulation with an USB KEY witch contain hack scripts + recipe ? The MCC would stay in the kitchen !
STEP B --- Make the recipie generation easier
1-Maybe work on UI like webite who help to generate recipes just with some button and input forms.
I succeed to create and modify recipies into the database file. I also succeed to use this recipies with the MCC as usual. I created a little script in nodeJS to translate one json file with the recipie to SQL requests. It works ! I'll upload it soon.
But it's painful to have to boot the MCC with USB câble on my pc at each change.
STEP A --- Make the HACK easier
1-The idea of the fake server would be the best but maybe really complex to imitate official server ? 2-Or maybe it's possible to automatise all the manipulation with an USB KEY witch contain hack scripts + recipe ? The MCC would stay in the kitchen !
STEP B --- Make the recipie generation easier
1-Maybe work on UI like webite who help to generate recipes just with some button and input forms.
I think the easy way it will be: 1 - Friendly Use interface (HTML or small Software) to create the recipes with no need of programming knowledge. 2 - With an USB stick just plug it and run like an "IMPORT APK" that generates everything :)
The online server from MCC its not the best one and they dont care to much about it..
I succeed to create and modify recipies into the database file. I also succeed to use this recipies with the MCC as usual. I created a little script in nodeJS to translate one json file with the recipie to SQL requests. It works ! I'll upload it soon. But it's painful to have to boot the MCC with USB câble on my pc at each change. STEP A --- Make the HACK easier 1-The idea of the fake server would be the best but maybe really complex to imitate official server ? 2-Or maybe it's possible to automatise all the manipulation with an USB KEY witch contain hack scripts + recipe ? The MCC would stay in the kitchen ! STEP B --- Make the recipie generation easier 1-Maybe work on UI like webite who help to generate recipes just with some button and input forms.
I think the easy way it will be: 1 - Friendly Use interface (HTML or small Software) to create the recipes with no need of programming knowledge. 2 - With an USB stick just plug it and run like an "IMPORT APK" that generates everything :)
The online server from MCC its not the best one and they dont care to much about it..
ofc that's a joke. That would break cookidoo TOS ;)
My script to generate SQL lines to execute on your sql file : https://github.com/tomy137/mcc_recipies_convert_toSQL
Successfully tested with my MCC. Please be aware that i'm speaking new language between french and english. Be gentle ! =D
ximocat write :
I tried to install the apk provided by @tomy137 in a Android 6 virtual machine, but it didn't work. If we succeed, we could decompile the apk, modify the code with the new URL, install it and try.
Does someone know how to install the apk in a virtual machine?
Hello At the start I thought you didn't know how to install an apk in a virtual machine ... I'm sorry ... I have the same problem as you? I tried to install the apk in an emulator "BlueStacks" under win10 and it does not want to install, it appears impossible to install the application. Same with Remix OS ver 3.0.207 (under Android 6.0.1) in BOOT version on USB key on Intel i3 PC
Hello I modify a recipe by manually inserting the new lines in the tables with the DB browser ... and it works Tomy137's script is not complete and does not allow to create your own personalized recipe because there are missing fields in the tables .... I think i can create my own recipe by adding rows in the tables (with DB Browser) and filling in the necessary fields. I studied the architecture of the "Recipes" file and I was able to identify the use of all the fields as MODE "ramp" or "level" and that the most important thing when we want to create our recipe is to know the list and the detailed number of ingredients and the number of steps in the recipe before anything else. Knowing that the steps can be sequential as for MODE "ramp". For example: for "mixing 6 seconds / speed 3 to 9" involves 3 steps : 1 step to mix 2 seconds / speed 3 and 1 step to mix 2 seconds / speed 6 and 1 step to mix 2 seconds / speed 9 so we have 3 steps for 1 operation on the screen Tomy137's script does not allow this kind of function ... Thank you Tomy137 for the work done because it makes things happen.
Hi all! I have investigated MCC a little bit and want share some information.
MCLauncher.apk - main apk in the system. There are lot of recipes in json files inside this apk. The numbers of recipes for every language are different. After first start(settings reset or change language) device deletes existing and creates new database for recipes. Then it imports recipes from internal json file to database and works with it in the future.
Recipes server. When device is connected to internet, it asks server for recipe's ids for current language. If database has recipe with id not listed in server's response - it will be deleted. If there is no recipe with some id in the database - device will request whole bunch of recipes on the server and will try import all of them. Now most interesting part - protocol to the server. All recipe's ids in German:
curl -H "Accept-Language: de" -H "X-Recipe-Type" https://mc20.monsieur-cuisine.com/mcc/api/v1/recipe/ids
All recipes in German:
curl -H "Accept-Language: de" -H "X-Recipe-Type" https://mc20.monsieur-cuisine.com/mcc/api/v1/recipe/all
Header Accept-Language: [ de | es | fr | it | pl | pt | en ]
defines recipe's language.
UPDATE.
Header X-Recipe-Type: [default | live]
defines recipe type. If no type specified - default
is used by server.
In result:
de lang has default: 510 live: 81 uniq: 3 total: 591 recipe IDs
en lang has default: 165 live: 406 uniq: 0 total: 571 recipe IDs
es lang has default: 213 live: 404 uniq: 39 total: 617 recipe IDs
fr lang has default: 225 live: 473 uniq: 138 total: 698 recipe IDs
it lang has default: 208 live: 397 uniq: 34 total: 605 recipe IDs
pl lang has default: 208 live: 397 uniq: 35 total: 605 recipe IDs
pt lang has default: 157 live: 378 uniq: 0 total: 535 recipe IDs
Total: 849 recipe IDs
Live means recipe ID available only after registration and login on the device. Uniq means recipe ID present only for one language.
Hi,
@kovz How did you find out about the api and which requests are there?
I am interested in the process of providing a server facade which would offer and inject own recipes into the system without rooting. Is this even possible? I think one would need to capture/replicate the servers certificate to achieve this which might be possible with TLS 1.2.
Further information (in german) about the security: https://www.iot-tests.org/de/2020/04/lidl-monsieur-cuisine-connect-waere-remy-stolz/
Hi @toolsche
@kovz How did you find out about the api and which requests are there?
You have two possibilities:
I am interested in the process of providing a server facade which would offer and inject own recipes into the system without rooting. Is this even possible? I think one would need to capture/replicate the servers certificate to achieve this which might be possible with TLS 1.2.
Much more easy unpack apk, change server address, pack everything back, sign and use modified apk on the device ;) Sounds complex, but simple if you have googling skills.
Further information (in german) about the security: https://www.iot-tests.org/de/2020/04/lidl-monsieur-cuisine-connect-waere-remy-stolz/
I can add only one fact - device signed with Android developer key, this makes modification of apks much easier.
Actually, my main goal - add non presented language to the apk, translate recipes to this language and provide local update server with these recipes. Second goal - make a possibility to write own and edit existing CoockingPilot recipes on this server. My wife is very frustrated, when recipe asks for "Öl 2 EL" instead of equivalent 20g in scale mode. And third idea, most difficult(probably impossible), make a possibility for portion select inside recipe.
Hi @kovz, I don't want to root the new device yet. Maybe you can privately share the apk so we can work on the problem together? I'm interested in the second goal to add new and change existing recipes.
toolsche write : Hi @kovz, I don't want to root the new device yet. .../... I'm interested in the second goal to add new and change existing recipes.
Hello Why not root the device? It is much easier to work on the recipe file to add / modify a recipe than to work on the APK / servers ... If it is for warranty you can always restore the original firmware if you need to send the MCC for repair. In addition if you modify the APK it will be replaced during an automatic software update while the (automatic) update of the recipes will not affect the file that you have modified but will simply add the new recipes. . The only time your modified recipe file can be deleted / replaced is when you reset MCC or change your language.
@bobstar-fr
Why not root the device?
It's been a while since I last rooted a device (I think it was a Samsung Galaxy S3) and since then it just wasn't necessary for me and I'm just a little afraid of doing something wrong, but maybe I'll do it after all. As far as I understand it, I need a torx screwdriver, a USB A-Male to Male cable and the corresponding tools for backup and flashing. How long does the backup and rooting take in total? Do the tools run on a MacBook?
Hello The USB A Male To A Male cable must be angled 90 ° on one side (The side under the MCC) Saving all partitions takes a while because the throughput is not very fast. I do not know if the utilities work on MACbook but I see a LINUX or WINDOWS icons on the SP Flash Tool site .... Personally I used a Windows 10 PC.
Look here it will give you further explanations. Use the google translator if necessary... Personally I stopped at point 9. I did not install the gapps nor the launcher and I use ADB to download the recipes file and upload it (I'm not interested in transforming the MCC into a gaming tablet or other) 1) I flash with SP Flash Tools the recovery.img (hacked) in boot partition. 2) I restart the MCC (it restarts in TWRP recovery mode) 3) I recover the recipes file with an ADB pull command (in the Win10 PC) 4) I modify or add new recipe in the recipes file with the Win10 PC (it may take time ....) 5) I upload the new recipes file in the MCC with an ADB push command 6) I flash with TWRP original boot.img (copied before in MCC /sdcard) in the boot partition. 7) I restart the MCC (it restarts on the MCLauncher.apk)
All this takes only 5 minutes (except the modification on PC of the recipes file). I had 1 full crash of the MCC (MC2 application) because I had made an error in the recipes file. I recovered everything with the backups. Currently I am working on an excel file to automate the addition of the personnals recipes in the recipes file. I can help you to understand the architecture of the recipes database
Hi I was wondering if you ever explored how to create new recipes and feed them to the collection.