Closed oharbol closed 2 years ago
Unbrick
commented
2 years ago Hey there! You might wanna give this one a try:
Secret: KLznblPWytpbUKfDTBxHKpCpFQdrPIEGAyDFzstX
Version: 7.35.1Just extracted them from the Android-App, you might need to change the client type to android_ .
oharbol
commented
2 years ago Thank you for sharing the secret key. I was able to edit my local jodel api library and get it working again!
While I appreciate you sharing the key, I was mainly seeking help to give myself the ability to find the key so that I don't have to keep asking you guys in the future. Would you be willing to share the method that you used or help me with a work around for my issues above?
I really appreciate the help.
Unbrick
commented
2 years ago I usually use a real device with Google Play Services installed.
If that is not possible, you might want to attempt to find an alive object of the class HmacInterceptor using Fridas Java.choose() method or create one using Java.use('com.tellm.android.app.api.HmacInterceptor').$new(...args...) (you might want to check the spelling).
When having an alive HmacInterceptor instance, you can call the sign() method of the instance. This will result in a crash but should also trigger the signing of a request including the key. The hook given in this project should then print out the HMAC key.
oharbol
commented
2 years ago Thank you @Unbrick for the suggestions. I will probably attempt using a real device to get the HMAC key within the next week. If I am unsuccessful, I will place another issue/request in this repository or the jodel_api repository to request the updated secret key prior to our Capstone's presentation date.
Regarding the requirements: I am using Ubuntu on Windows and an Android Studio emulator with the x86 architecture. I have verified that SELinux is set to permissive and I have done the pip install for frida tools.
On the first android emulator, I can push the frida server file (I am using "frida-server-15.1.14-android-x86") on the android. My issue is that when I put in "adb shell" and "cd" to the required file I cannot gain superuser access when I put in "su." I get returned the error "/system/bin/sh: su: inaccessible or not found." I found this issue only occurred with the emulators that had google play already installed.
My work around was to use a different emulator without the google play installed. I was able to download Jodel onto the android via an .apk file. While I could gain superuser access with "su", change the file's permissions and run the frida server file, running the command "python3 extract_hmac.py" in another Ubuntu command prompt would run Jodel but I would get a message telling me that it needs the google play services app. With the most recent update, running that same python command would run Jodel on its splash screen and then timeout. I have attempted to download the google play services app, on the same emulator, with an .apk file however it fails every time due to a mismatched signatures error.
Is there a known way to solve either one of these problems to get the secret key or should I use an entirely different approach (whether it be software or emulator) to achieve this key hack?
I would really appreciate the help since I am using the Jodel API repository for my Capstone project. I need the API to be functional in April during my live demonstration and being able to update the secret key in the repository would be useful since it is not being updated quickly enough by others after Jodel updates their app.