Duplicate of #10: New User ID Issues

[deveyNull]

For example, typing P goes through the entire process, finishes up and says "Yak Successful :)". Inputting Y demonstrates that Yakarma has gone up by 2. However, the post did not go through, nothing changed.

The same thing happens with voting and commenting, the app says the procedure was completed successfully, but nothing happened. The API hasn't been updated that recently, I was wondering if this is a problem for all users or if I am missing something.

Thank you

[deandunbar]

I think posts might not be working. After a "successful" post, I check my own yaks and get an error message

[deveyNull]

Hey, I got the code working, the problem is that the user ID's your program makes do not work anymore. I'm working on figuring out whats up with that, but using an already assigned ID makes it work

On Thu, Nov 20, 2014 at 2:13 AM, Dean Dunbar notifications@github.com wrote:

I think posts might not be working. After a "successful" post, I check my own yaks and get an error message

— Reply to this email directly or view it on GitHub https://github.com/djtech42/YikYakTerminal/issues/11#issuecomment-63769524 .

Very Respectfully, Dennis M. Devey MIDN USN

[deveyNull]

Heres the test ID I have been using: 46C8E8491692F83A9D229CA586EE1B52

On Thu, Nov 20, 2014 at 7:10 AM, Dennis Devey m171458@usna.edu wrote:

Hey, I got the code working, the problem is that the user ID's your program makes do not work anymore. I'm working on figuring out whats up with that, but using an already assigned ID makes it work

On Thu, Nov 20, 2014 at 2:13 AM, Dean Dunbar notifications@github.com wrote:

I think posts might not be working. After a "successful" post, I check my own yaks and get an error message

— Reply to this email directly or view it on GitHub https://github.com/djtech42/YikYakTerminal/issues/11#issuecomment-63769524 .

Very Respectfully, Dennis M. Devey MIDN USN

Very Respectfully, Dennis M. Devey MIDN USN

[deveyNull]

Test ID is now banned... damnit. Working on finding another working one

On Thu, Nov 20, 2014 at 7:11 AM, Dennis Devey m171458@usna.edu wrote:

Heres the test ID I have been using: 46C8E8491692F83A9D229CA586EE1B52

On Thu, Nov 20, 2014 at 7:10 AM, Dennis Devey m171458@usna.edu wrote:

Hey, I got the code working, the problem is that the user ID's your program makes do not work anymore. I'm working on figuring out whats up with that, but using an already assigned ID makes it work

On Thu, Nov 20, 2014 at 2:13 AM, Dean Dunbar notifications@github.com wrote:

I think posts might not be working. After a "successful" post, I check my own yaks and get an error message

— Reply to this email directly or view it on GitHub https://github.com/djtech42/YikYakTerminal/issues/11#issuecomment-63769524 .

Very Respectfully, Dennis M. Devey MIDN USN

Very Respectfully, Dennis M. Devey MIDN USN

Very Respectfully, Dennis M. Devey MIDN USN

[djtech42]

I think a cookie needs to be implemented for the API now, so I will look into it. Here is a test ID that works: B6C52E0EA41CBD9D4A1FA7D65C60AA4D

[j1bruno]

If you could add that to the program, that would be awesome.

[huttotw]

B6C52E0EA41CBD9D4A1FA7D65C60AA4D 46C8E8491692F83A9D229CA586EE1B52

These test ID's do not seem to work anymore.

[j1bruno]

Is there anyway to generate new ID's?

Sent from my iPhone

On Nov 24, 2014, at 8:34 PM, "Trevor Hutto" notifications@github.com<mailto:notifications@github.com> wrote:

B6C52E0EA41CBD9D4A1FA7D65C60AA4D 46C8E8491692F83A9D229CA586EE1B52

These test ID's do not seem to work anymore, how can I find another?

Reply to this email directly or view it on GitHubhttps://github.com/djtech42/YikYakTerminal/issues/11#issuecomment-64296548.

[huttotw]

You can generate ID's, and register them using the API.py, but I have not found a good way of finding IDs that work.

[djtech42]

It requires a cookie to be generated now. I need to add it to the API. Sorry, I haven't had much time to work on it. I will work on it tomorrow.

B6C52E0EA41CBD9D4A1FA7D65C60AA4D must have gotten banned at some point.

[huttotw]

46C8E8491692F83A9D229CA586EE1B52 this key works sometimes.

Yik Yak may have some flags in place to stop multiple people using it at the same time. Like geographical restrictions saying that you can't yak somewhere, and then yak somewhere else 100 miles away in less than 5 minutes.

[djtech42]

I added the cookie, but it still isn't working with new IDs.

[lknparktheory88]

Don't know if this helps, But if I use my jailbroken iPhone (root access) and remove all APP data and reinstall it of course generates a new "USER ID". If I use this newly generated ID with YikYakTerminal any actions will fail, However if I proceed with some actions such as Upvoting, Commenting through the app itself then try again with the same "USER ID" all actions work perfectly.

[huttotw]

Yes, that helps. Is it possible for you to try to generate and register a user_id with YikYakTerminal and try it in the app?

[lknparktheory88]

With my limited knowledge in programming, (I just tinker with stuff) I would have to figure out where the "plist" file is located to swap out the ID - This should be easy though.

Would it help if I sniff out the requests the app makes when I do actions in the app?

[huttotw]

Yes, that would be helpful also, let us know if you get anywhere.

[lknparktheory88]

Found the plist, lets see if it's as simple as swapping the ID's

[huttotw]

If you could sniff the request when the app is performing registerUser, that would be extremely helpful.

[lknparktheory88]

Okay, I am doing that now... So far no luck with swapping IDS as it makes the app unstable and crash. Under Private Documents file named "currentInstallation". - Perhaps a permissions issue I gotta look into.

{"classname":"_Installation","data":{"updatedAt":"2014-11-27T15:38:58.797Z","parseVersion":"1.4.2","deviceToken":"4859da5668ff9e40153275848e7c8465e8514124ea1889dffb02c805ecf4dcbc","badge":0,"deviceType":"ios","installationId":"6ddd9774-c606-462f-978e-ded22d3b36bc","channels":["c3C64F319-7515-4749-AE7C-00346E816D51 c"],"appIdentifier":"engineering.locus.chatter","timeZone":"America\/Los_Angeles","appName":"Yik Yak","objectId":"nK0GqKfef0","appVersion":"2.1.2.2","createdAt":"2014-11-27T15:38:58.797Z"}}

the above ID 3C64F319-7515-4749-AE7C-00346E816D51 is valid and works

[lknparktheory88]

https://us-east-api.yikyakapi.net/api/getMessages?userID=CBA42CFD-AEAD-415C-A308-980AC6C0C333&lat=34.057076&long=-117.824496&userLat=34.057076&userLong=-117.824496&version=2.1.2&horizontalAccuracy=65.000000&verticalAccuracy=10.000000&altitude=76.308350&floorLevel=0&speed=-1.000000&course=-1.000000&salt=1417103505&hash=rgdPKnYPelRbtggfVUD6rT99oZo%3D

[huttotw]

I just noticed that the user ID had leading and trailing c's in that response. I don't know if that would change anything.

[huttotw]

Can you find the url for registerUser?

[lknparktheory88]

GET /api/registerUser?userID=067542B7-9155-4D4F-80F1-5A72D3C1FDDC&userLat=34.057076&userLong=-117.824496&version=2.1.2&horizontalAccuracy=65.000000&verticalAccuracy=10.000000&altitude=76.308350&floorLevel=0&speed=-1.000000&course=-1.000000&salt=1417103872&hash=%2BY96PUGB2vB6HQD8Y5LeTOBlL0U%3D HTTP/1.1

URL for above is - https://us-west-api.yikyakapi.net/api/registerUser?userID=067542B7-9155-4D4F-80F1-5A72D3C1FDDC&userLat=34.057076&userLong=-117.824496&version=2.1.2&horizontalAccuracy=65.000000&verticalAccuracy=10.000000&altitude=76.308350&floorLevel=0&speed=-1.000000&course=-1.000000&salt=1417103872&hash=%2BY96PUGB2vB6HQD8Y5LeTOBlL0U%3D

[lknparktheory88]

After the above you get

https://api.parse.com/2/create - POST /2/create HTTP/1.1

THEN

https://content.yikyakapi.net/refreshers/locate?latitude=34.057077&longitude=-117.824494 - GET /refreshers/locate?latitude=34.057077&longitude=-117.824494 HTTP/1.1

and finally it uses the east coast URL for the remaining requests..... - perhaps this is the reason??

https://us-east-api.yikyakapi.net/api/getMessages?userID=067542B7-9155-4D4F-80F1-5A72D3C1FDDC&lat=34.057076&long=-117.824496&userLat=34.057076&userLong=-117.824496&version=2.1.2&horizontalAccuracy=65.000000&verticalAccuracy=10.000000&altitude=76.308350&floorLevel=0&speed=-1.000000&course=-1.000000&salt=1417103876&hash=foggf9yJck8Qj9%2BMziTH7ss%2FStI%3D

[huttotw]

Perfect! I'll try it out next time I get the chance. Happy Thanksgiving!

[lknparktheory88]

Same to you! Let me know and I also might have a custom request/for hire job after you figure out the issue :)

[huttotw]

We need to figure out what the POST parameters are for the https://api.parse.com/2/create url.

I am getting {"error":"unauthorized"}.

[lknparktheory88]

For Request

{ "appBuildVersion": "2.1.2.2", "data": { "timeZone": "America\/Los_Angeles", "appVersion": "2.1.2.2", "channels": ["cAB2FE464-6F82-4940-B525-377EB80B838Ec"], "deviceType": "ios", "appName": "Yik Yak", "badge": 0, "installationId": "e0314b51-dc33-4ffc-b968-af4b71d659aa", "appIdentifier": "engineering.locus.chatter", "parseVersion": "1.4.2", "deviceToken": "4859da5668ff9e40153275848e7c8465e8514124ea1889dffb02c805ecf4dcbc" }, "osVersion": "Version 8.1 (Build 12B411)", "appDisplayVersion": "2.1.2", "classname": "_Installation", "v": "i1.4.2", "uuid": "LEFT BLANK FOR PRIVACY", "iid": "E0314B51-DC33-4FFC-B968-AF4B71D659AA" }

And Response

{ "result": { "data": { "createdAt": "2014-11-28T20:55:15.292Z", "objectId": "cSAarEmx2G" } } }

[lknparktheory88]

There is also a section called "authentication" but I don't know if it's wise I post this publicly, I don't know if personal info is in there.

[deveyNull]

Anyone come up with a way to get these ID's registered yet?

If not, does anyone know an easy way to find the ID's on your phone? I'm starting to look, just can't find them yet.

If anyone has a list of test ID's that still work, I'd really appreciate it, because I'm almost out.

[brian-murphy]

Do these ones work?

64F8355DC1FF501A9405753FBAE1AFC3
D1A7BCC3B573537312F6E35EF81DCF91
76130FFB84E12A0CE8E4FEA14A146548
F07F93340D1B9ACB1056229C12EC5DEB

If so, I can generate them. For some reason, I'm getting a 500 error when I try to post, which is new. And I can't read the feed any more.

[huttotw]

@lknparktheory88 used a jail broken iPhone to get an ID out. They are contained in the plist file. Here are two that I have found that are currently working. AB2FE4646F824940B525377EB80B838E 46C8E8491692F83A9D229CA586EE1B52

You may be able to get some information on how ID's are created from @lknparktheory88 dumped data.

I have not been able to generate a working ID yet. Yik Yak has become a lot more complicated than it used to be.

[brian-murphy]

That's the thing: I think I reverse engineered a way to generate them. Can someone with a working build try the ids I posted above?

[deveyNull]

Sorry Murphy, not working. Does anyone have even the slightest idea? I remember hearing rumors about some sort of salt using a hashed geolocation, but I'm not sure if that is still applicable. Anyone on android know where the user ID's are located?

On Fri, Dec 5, 2014 at 6:29 PM, Brian Murphy notifications@github.com wrote:

That's the thing: I think I reverse engineered a way to generate them. Can someone with a working build try the ids I posted above?

— Reply to this email directly or view it on GitHub https://github.com/djtech42/YikYakTerminal/issues/11#issuecomment-65871327 .

Very Respectfully, Dennis M. Devey MIDN USN

[huttotw]

If you sniff the getMessages request on your own network, you may be able to get your phone's ID since it is a parameter in this request. I am not an Android user, but this method should work for anyone.

https://us-east-api.yikyakapi.net/api/getMessages?userID=067542B7-9155-4D4F-80F1-5A72D3C1FDDC&lat=34.057076&long=-117.824496&userLat=34.057076&userLong=-117.824496&version=2.1.2&horizontalAccuracy=65.000000&verticalAccuracy=10.000000&altitude=76.308350&floorLevel=0&speed=-1.000000&course=-1.000000&salt=1417103876&hash=foggf9yJck8Qj9%2BMziTH7ss%2FStI%3D

[brian-murphy]

They are taking a compilation of the sim card number, the serial number, and a few other things, and then using them to choose a semi-random string of characters from 0-9 and A-F. If those services are not available, they are using the Java UUID to pick their string. I am looking at the source code. Are you sure we are registering these IDs correctly? if we aren't, that would explain why only the ones we pull off of devices are working.

[huttotw]

No, the ID's are not being registered correctly.

[deveyNull]

Sniffing packets on Android isn't working for me, all traffic is encrypted. Now I'm going into finding the location of the user ID in the actual app's memory, anyone have any clue where that is?

[lay295]

@ankerMan On android the User ID is located in /data/data/com.yik.yak/shared_prefs/YikYak.xml near the bottom. When I pull my user ID from my phone into the program it works. But if I replace it with an ID generated by the program it won't work

[deveyNull]

Thanks but I'm still missing it, think I'm missing the permissions. Are you rooted?

[lay295]

Yes you need to be rooted in order to see the files, or else the data folder will look empty

[sheriffsparks]

Does anyone know the file path for where the user ID is located on iPhone?

[mjbmitch]

@brain-murphy What source code are you looking at?

[brian-murphy]

I decompiled the yik yak android apk. Is it illegal for me to post it? I don't have any money, so as long as I don't go to jail I'm cool with it.

-------- Original message -------- From: Mitchell Borrego notifications@github.com Date:12/21/2014 9:09 PM (GMT-05:00) To: djtech42/YikYakTerminal YikYakTerminal@noreply.github.com Cc: "Murphy, Brian P" brianmurphy@gatech.edu Subject: Re: [YikYakTerminal] Duplicate of #10: New User ID Issues (#11)

@brain-murphyhttps://github.com/brain-murphy What source code are you looking at?

Reply to this email directly or view it on GitHubhttps://github.com/djtech42/YikYakTerminal/issues/11#issuecomment-67795370.

[mjbmitch]

@brain-murphy I am not sure if you should post it directly on here, but go ahead and put relevant code into a Pastebin and send a few of us in this thread a PM with the link.

[jkingsman]

I'd be interested if there's any relevant pastes as well, please -- there's nothing out there for yik yak right now; this is our last, best hope.

[lay295]

If anyone needs valid ID's, I generated ~400 Id's for people to use. http://pastebin.com/bHJMx1cG (I did not use YikYakTerminal to generate these, I used YikYak's actual Android app and they should mostly, if not all be working)

[deveyNull]

Thank you so much, I was down to two working accounts.

How'd you do that? I'd love to contribute to the fund

On Sun, Jan 25, 2015 at 10:45 PM, lay295 notifications@github.com wrote:

If anyone needs valid ID's, I generated ~400 Id's for people to use. http://pastebin.com/bHJMx1cG (I did not use YikYakTerminal to generate these, I used YikYak's actual Android app and they should mostly, if not all be working)

— Reply to this email directly or view it on GitHub https://github.com/djtech42/YikYakTerminal/issues/11#issuecomment-71411658 .

Very Respectfully, Dennis M. Devey MIDN USN

[djtech42]

Thank you for posting valid IDs. Are these using the old format or new format used by Yik Yak?

[lay295]

@ankerMan I've just set up an android emulator to open the app, grab the userID, upvote a comment, then close and clear app data. For some reason on my Android emulator when I clear app data, it gives me a whole new ID. This is not true on my phone though and gives me the same ID everytime

@djtech42 They should all be in the new format, just made them yesterday