search

cgerro / ios-location-trace-study

Répertoire créé dans le cadre de mon travail de Bachelor portant sur l'étude des services de localisation iOS. Ce répertoire contient les trames en hexadécimal interceptées avec mitmproxy, les fichiers .proto nécessaires à la déserialisation des trames en Protobuf ainsi que quelques fonctions en Python
1 stars 0 forks source link

Hello. Wanna work together on this? #1

Open acheong08 opened 1 month ago

acheong08 commented 1 month ago

I've been doing something similar for a while here and it seems we could share some info.

For example, the values for

https://github.com/cgerro/ios-location-trace-study/blob/90f60ac797c2fc541a6b6dcf8ef1c43f669e05d9/proto-files/request_pbcwloc.proto#L54-L71

can be found by decompiling CoreLocationProtobuf (You can find a sample here: https://github.com/acheong08/apple-corelocation-experiments/blob/3243a0c2c6fb99cc52808f6a598fff705531c757/CoreLocationProtobuf.c)

And you can find the field names here: https://github.com/acheong08/apple-corelocation-experiments/blob/1027ca875c4fd8a16e234bd48d1b5de32fad5779/pb/BSSIDApple.proto#L40-L76

It seems you've figured out how to upload data into the API. May I ask how you found 'https://gsp10-ssl.ls.apple.com/hvr/aploc' and 'https://gsp10-ssl.apple.com/hcy/pbcwloc'. I've been running MITM for a while but haven't been able to catch a request, presumably due to privacy settings. Not sure which one though

acheong08 commented 1 month ago

edit: nope, Apple is crazy and uses different encodings for each API

acheong08 commented 1 month ago 

message PbcWifiEntry {
    string bssid = 1;
    int32 channel = 2;
    int32 rssi = 3;
    optional PbcWlocLocation location = 4;
    // Source: https://github.com/cgerro/ios-location-trace-study
    int32 unknown_varint7 = 7;
  double timestamp = 8;
  int32 unknown_varint9 = 9;
}

message PbcWlocRequest {
    DeviceType device_info = 163;
    repeated PbcWifiEntry wifi_entries = 3;
}

message MotionActivity {
    enum type {
        unknown = 0;
        stationary = 1;
        walking = 2;
        running = 3;
        automotive = 4;
        cycling = 5;
    }
    uint32 confidence = 1;
    type activity = 2;
}

message PbcWlocLocation {
  optional double latitude = 1;
  optional double longitude = 2;
  optional float horizontal_accuracy = 3;
  optional float altitude = 5;
  optional float vertical_accuracy = 6;
  optional float speed = 7;
  optional float course = 8;
  optional double timestamp = 9;
  optional int32 provider = 13; // Only shows up if your phone is tied to a cell provider
  optional int32 motion_vehicle_connected_state_changed = 16;
  optional int32 motion_vehicle_connected = 17;
  optional MotionActivity raw_motion_activity = 18;
  optional MotionActivity motion_activity = 19;
  optional MotionActivity dominant_motion_activity = 20;
  optional float course_accuracy = 21;
  optional float speed_accuracy = 22;
}