Closed oleksa4262 closed 1 week ago
Also the latest commit (5 posts loading at a time) breaks the app sometimes by not loading more posts when you scroll to the end.
+1. Also receiving Error 500 using a German (+49) phone number.
+1. Also receiving Error 500 using a German (+49) phone number.
I have the same problem
It looks like BeReal changed something :-( I tried looking at the latest bereal apk with jadx (since i cant use frida to intercept requests) and it looks like there is a "tokens" array to add to the request? I'll have to look more into that.
It looks like BeReal changed something :-( I tried looking at the latest bereal apk with jadx (since i cant use frida to intercept requests) and it looks like there is a "tokens" array to add to the request? I'll have to look more into that.
@macedonga Hello. Can you please revert what you were doing the last 2 hours because everything worked fine - until you posted your comment - with a version using the old May 02 code with only the sig token changed as per Sep 03. Now I am getting the 500 error as well. Can't be a coincidence the old code stopped working the minute you posted some comment ...
EDIT: I mean of course the changes you made to the sig.beunblurred.co
Reverted. I have no idea what is going on with BeReal... Maybe the device ID got banned? It's probably not that since toofake is not working either though...
Reverted. I have no idea what is going on with BeReal... Maybe the device ID got banned? It's probably not that since toofake is not working either though...
Also getting these, in fact, even on the bereal app I cannot re-login.
It looks like BeReal changed something :-( I tried looking at the latest bereal apk with jadx (since i cant use frida to intercept requests) and it looks like there is a "tokens" array to add to the request? I'll have to look more into that.
From what I've found, the Vonage request now requires a phoneNumber and deviceId, as it did previously, along with a new "tokens" array that you mentioned. This array contains two elements: token
and identifier
, which are utilized to create the AntibotToken. However, I couldn't figure out how their values get generated yet.
It looks like BeReal changed something :-( I tried looking at the latest bereal apk with jadx (since i cant use frida to intercept requests) and it looks like there is a "tokens" array to add to the request? I'll have to look more into that.
From what I've found, the Vonage request now requires a phoneNumber and deviceId, as it did previously, along with a new "tokens" array that you mentioned. This array contains two elements:
token
andidentifier
, which are utilized to create the AntibotToken. However, I couldn't figure out how their values get generated yet.
I'm interested in helping for this, the problem is I can't find the bereal source code in the apk. I have been doing only request intercepting for a while. How do you guys do that ?
It looks like BeReal changed something :-( I tried looking at the latest bereal apk with jadx (since i cant use frida to intercept requests) and it looks like there is a "tokens" array to add to the request? I'll have to look more into that.
From what I've found, the Vonage request now requires a phoneNumber and deviceId, as it did previously, along with a new "tokens" array that you mentioned. This array contains two elements:
token
andidentifier
, which are utilized to create the AntibotToken. However, I couldn't figure out how their values get generated yet.I'm interested in helping for this, the problem is I can't find the bereal source code in the apk. I have been doing only request intercepting for a while. How do you guys do that ?
I've also used jadx, as @macedonga mentioned. It’s pretty straightforward: after downloading jadx, you can drag the APK into it, and it’ll automatically decompile the source code for you.
Yeah I do know that but I don't find where the code is. I try to search for some strings but I can't manage to find some interesting piece of code.
Search for 'tokens='. This is how I found the first piece, the parameters for the send-code request. From there, just find connections between classes, and try putting the whole picture together. I'm also new to reverse-engineering by source code (this is the first time I do it lmao), so that's probably why I didn't find the solution to the problem, but this was my method to getting where I'm currently at with this.
Alright, I managed to understand that to fetch the antibot token, the app makes a HEAD request to what i think is the endpoint https://mobile.bereal.com/api/antibot_android.txt
with some specific headers that make the api not return a 404 status code (at least i think that's how the app gets that token(s))...
If only I could bypass the google pairip tampering protection library thing i could just hook frida to the bereal process to unpin the ssl certificate like in the good old days :-(
Alright, I managed to understand that to fetch the antibot token, the app makes a HEAD request to what i think is the endpoint
https://mobile.bereal.com/api/antibot_android.txt
with some specific headers that make the api not return a 404 status code (at least i think that's how the app gets that token(s))...If only I could bypass the google pairip tampering protection library thing i could just hook frida to the bereal process to unpin the ssl certificate like in the good old days :-(
This is still working for me using lsposed
Alright, I managed to understand that to fetch the antibot token, the app makes a HEAD request to what i think is the endpoint
https://mobile.bereal.com/api/antibot_android.txt
with some specific headers that make the api not return a 404 status code (at least i think that's how the app gets that token(s))...If only I could bypass the google pairip tampering protection library thing i could just hook frida to the bereal process to unpin the ssl certificate like in the good old days :-(
The correct url is https://cdn.bereal.network/killswitch/antibot_android.txt
, the problem is that even when connecting with the real bereal app, it gets me a 404 error.
The correct url is https://cdn.bereal.network/killswitch/antibot_android.txt, the problem is that even when connecting with the real bereal app, it gets me a 404 error.
Oh, hmmmmmmm, thanks! How did you manage to find that url?
The correct url is https://cdn.bereal.network/killswitch/antibot_android.txt, the problem is that even when connecting with the real bereal app, it gets me a 404 error.
Oh, hmmmmmmm, thanks! How did you manage to find that url?
It was in some encrypted strings in the apk, also got the confirmation while analysing traffic using http-toolkit
Here are all the encrypted strings I got if that can help maybe
mobile.bereal.com
https://mobile.bereal.com/api/
auth.bereal.com
auth.bereal.com
https://auth.bereal.com/api/
https://auth.bereal.com/
https://ogma.bereal.com/
https://observability.bereal.com/events
H7F4R4AN6dzb6R/pVhnZahJ0iPmepdqdODTjYqt05eQ=
8defa8aa2651e48ca11adff7c783613a
client-1pLB1sRQ5LOFXMtAQJHjUeF1v1R8e4tV
CCB0863E-D45D-42E9-A6C8-9E8544E8B17E
https://cdn.bereal.network/killswitch/
sha256/H7F4R4AN6dzb6R/pVhnZahJ0iPmepdqdODTjYqt05eQ=
android
F5A71DA-32C7-425C-A3E3-375B4DACA406
gs://storage.bere.al
Just found out that the 404 on the antibot_android.txt page is normal. 404 on antibot_android.txt = no need to show captcha using arkoselabs no 404 on antibot_android.txt = will show captcha using arkoselabs also, the tokens sent are just the result of the tests done by arkoselabs (they are runned at some time, before login)
This is the token they use for arkoselabs: CCB0863E-D45D-42E9-A6C8-9E8544E8B17E
For example this request: POST https://client-api.arkoselabs.com/fc/gt2/public_key/CCB0863E-D45D-42E9-A6C8-9E8544E8B17E
For wich the body is (url encoded format):
bda: a crazy long jwt token public_key: CCB0863E-D45D-42E9-A6C8-9E8544E8B17E site: file:// userbrowser: (my user agent) capi_version: 2.11.0 capi_mode: inline style_theme: default rnd: random float between 0 and 1 data[blob]: empty
Then it returns:
{ "token": "THE TOKEN|r=eu-west-1|meta=3|metabgclr=transparent|metaiconclr=%23757575|guitextcolor=%23000000|pk=CCB0863E-D45D-42E9-A6C8-9E8544E8B17E|at=40|sup=1|rid=18|ag=101|cdn_url=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc|lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com|surl=https%3A%2F%2Fclient-api.arkoselabs.com|smurl=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager", "challenge_url": "", "challenge_url_cdn": "https://client-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.25.0/standard/game_core_bootstrap.js", "challenge_url_cdn_sri": "sha384-yD6pmTuZgiTFBDDTRM/3MtyiyYGVyZbEGtnMOSGSPoMXL7cS2KweeBGs64MPbqCW", "noscript": "Disable", "inject_script_integrity": null, "inject_script_url": null, "mbio": true, "tbio": true, "kbio": true, "styles": [ { "name": "base", "theme": "", "iframeWidth": null, "iframeHeight": null, "style": { "id": "bb6d3290-5cd3-4ef1-9087-3c20da455944", "sriHash": "sha384-mg8Ut1ul6odO4eCMXaofxPRV/iXoU1RHKFpX2R1NUwYAKCH/jyD1Ws6ygec/SuPU" }, "assets": {} } ], "iframe_width": null, "iframe_height": null, "disable_default_styling": false, "string_table": { "meta.api_timeout_error": "La connexion à un serveur de vérification a été interrompue. Veuillez recharger le défi pour réessayer.", "meta.compat_mode_error_string": "Pour des raisons de sécurité, votre appareil ou votre navigateur ne peut se connecter à un serveur de vérification. Afin de vérifier que vous êtes une personne réelle, veuillez mettre à jour votre appareil ou votre navigateur.", "meta.custom_compat_mode_error_string": "", "meta.generic_error": "Une erreur s’est produite. Veuillez recharger le défi pour réessayer.", "meta.loading_info": "En cours d’opération, veuillez patienter...", "meta.reload_challenge": "Recharger le défi", "meta.visual_challenge_frame_title": "Défi visuel" }, "compatibility_mode_enabled": true, "force_standard_mode": false }
Then it will make this GET request: https://client-api.arkoselabs.com/fc/a/?callback=__jsonp_1729716033069&category=loaded&action=game%20loaded&session_token=THE TOKEN&data[public_key]=CCB0863E-D45D-42E9-A6C8-9E8544E8B17E&data[site]=file%3A%2F%2F
which will return: __jsonp_1729716033069({ "logged": true })
Okay guys, big news, I managed to send myself an otp code, and now a second one :)
And just got my access and refresh token, perfect !
And just got my access and refresh token, perfect !
Great job ! Hopefully macedonga will be able to replicate it
And just got my access and refresh token, perfect !
Great job ! Hopefully macedonga will be able to replicate it
I'll try to setup the code for beunblurred and make a pull request.
Btw, does somebody know how does macedonga generate the bereal-signature ? I've been using his sig.beunblurred.co for a while but I want to generate it myself :/
Too lazy to setup the project but here is my code from my project:
Send OTP and Check OTP
private static string ArkoseKey = "CCB0863E-D45D-42E9-A6C8-9E8544E8B17E";
private static string BeRealClientSecret = "F5A71DA-32C7-425C-A3E3-375B4DACA406";
private long UnixTimeStamp() {
return DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
}
static string GenerateRandomDouble(int decimalPlaces) {
if (decimalPlaces < 1) {
throw new ArgumentOutOfRangeException(nameof(decimalPlaces), "Decimal places must be between 1 and 17.");
}
Random random = new Random();
StringBuilder sb = new StringBuilder("0.");
for (int i = 0; i < decimalPlaces; i++) {
int digit = random.Next(10);
sb.Append(digit);
}
return sb.ToString();
}
public async Task<string> GetArkoseToken() {
// get public key //
var publicKeyPayload = new Dictionary<string, string> {
{ "bda", (the bda key, don't know if I can share it bcz I don't know myself what it contains) },
{ "public_key", ArkoseKey },
{ "site", "file://" },
{ "userbrowser", "Mozilla/5.0 (Linux; ... Build/UP1A.231105.003; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/129.0.6668.100 Mobile Safari/537.36" },
{ "capi_version", "2.11.0" },
{ "capi_mode", "inline" },
{ "style_theme", "default" },
{ "rnd", GenerateRandomDouble(17) },
{ "data[blob]", "" }
};
var publicKeyContent = new FormUrlEncodedContent(publicKeyPayload);
var publicKeyRequest = new HttpRequestMessage(HttpMethod.Post, "https://client-api.arkoselabs.com/fc/gt2/public_key/" + ArkoseKey);
publicKeyRequest.Content = publicKeyContent;
var publicKeyResponse = await _httpClient.SendAsync(publicKeyRequest);
if (!publicKeyResponse.IsSuccessStatusCode) {
throw new Exception("Internal server error while getting public key response");
}
var publicKeyResponseContent = JsonConvert.DeserializeObject<dynamic>(await publicKeyResponse.Content.ReadAsStringAsync());
string unformattedToken = publicKeyResponseContent!.token;
string token = unformattedToken.Substring(0, 28);
// callback to confirm token //
var callbackName = "__jsonp_" + UnixTimeStamp();
Debug.WriteLine("callback: " + callbackName);
var baseUri = new Uri("https://client-api.arkoselabs.com/fc/a/");
var queryParameters = HttpUtility.ParseQueryString(string.Empty);
queryParameters["callback"] = callbackName;
queryParameters["category"] = "loaded";
queryParameters["action"] = "game loaded";
queryParameters["session_token"] = token;
queryParameters["data[public_key]"] = ArkoseKey;
queryParameters["data[site]"] = "file://";
var uriBuilder = new UriBuilder(baseUri)
{
Query = queryParameters.ToString()
};
var callbackRequest = new HttpRequestMessage(HttpMethod.Get, uriBuilder.ToString());
var callbackResponse = await _httpClient.SendAsync(callbackRequest);
if (!callbackResponse.IsSuccessStatusCode) {
throw new Exception("Error while sending callback request");
}
return token;
}
public async Task BeRealSendOtp(string phoneNumber, bool useL7 = true) {
string arkoseToken = await GetArkoseToken();
var payload = new {
client_id = "android",
client_secret = BeRealClientSecret,
device_id = "2312889cb6b5f15f",
phone_number = phoneNumber,
tokens = new[] {
new {
token = arkoseToken,
identifier = "AR" // identifier type for arkose tokens only
}
}
};
var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json");
var request = new HttpRequestMessage(HttpMethod.Post, "https://auth" + (useL7 ? "-l7" : "") + ".bereal.com/token/phone");
request.Content = content;
request.Headers.Add("User-Agent", "BeReal/3.10.1 (com.bereal.ft; build:2348592; Android 14) 4.12.0/OkHttp");
request.Headers.Add("bereal-app-version-code", "14549");
request.Headers.Add("bereal-signature", await FetchSignatureAsync());
request.Headers.Add("bereal-platform", "android");
request.Headers.Add("bereal-os-version", "14");
request.Headers.Add("bereal-device-id", "2312889cb6b5f15f");
request.Headers.Add("bereal-app-version-code", "2348592");
request.Headers.Add("bereal-app-version", "3.10.1");
request.Headers.Add("Accept-Encoding", "gzip");
request.Headers.Add("bereal-timezone", "Europe/Paris");
var response = await _httpClient.SendAsync(request);
if (!response.IsSuccessStatusCode) {
throw new Exception("Internal server error while sending otp: " + response.StatusCode);
}
}
public async Task BeRealCheckOtp(string accountName, string phoneNumber, string otp, bool useL7 = true) {
var payload = new {
client_id = "android",
client_secret = BeRealClientSecret,
code = otp,
device_id = "2312889cb6b5f15f",
phone_number = phoneNumber
};
var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json");
var request = new HttpRequestMessage(HttpMethod.Post, "https://auth" + (useL7 ? "-l7" : "") + ".bereal.com/token/phone");
request.Content = content;
request.Headers.Add("User-Agent", "BeReal/3.10.1 (com.bereal.ft; build:2348592; Android 14) 4.12.0/OkHttp");
request.Headers.Add("bereal-app-version-code", "14549");
request.Headers.Add("bereal-signature", await FetchSignatureAsync());
request.Headers.Add("bereal-platform", "android");
request.Headers.Add("bereal-os-version", "14");
request.Headers.Add("bereal-device-id", "2312889cb6b5f15f");
request.Headers.Add("bereal-app-version-code", "2348592");
request.Headers.Add("bereal-app-version", "3.10.1");
request.Headers.Add("Accept-Encoding", "gzip");
request.Headers.Add("bereal-timezone", "Europe/Paris");
var response = await _httpClient.SendAsync(request);
if (!response.IsSuccessStatusCode) {
throw new Exception("Internal server error while sending otp: " + response.StatusCode);
}
var responseContent = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync());
string berealAccessToken = responseContent!.access_token;
string refreshToken = responseContent!.refresh_token;
long expiresIn = responseContent!.expires_in;
long expires = GetCurrentDate() + expiresIn;
// ....
}
To refresh the token:
var payload = new {
client_id = "android",
client_secret = BeRealClientSecret,
grant_type = "refresh_token",
refresh_token = account.BeRealRefreshToken
};
var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json");
var request = new HttpRequestMessage(HttpMethod.Post, "https://auth" + (useL7 ? "-l7" : "") + ".bereal.com/token?grant_type=refresh_token");
request.Content = content;
request.Headers.Add("User-Agent", "BeReal/3.10.1 (com.bereal.ft; build:2348592; Android 14) 4.12.0/OkHttp");
request.Headers.Add("bereal-app-version-code", "14549");
request.Headers.Add("bereal-signature", await FetchSignatureAsync());
request.Headers.Add("bereal-platform", "android");
request.Headers.Add("bereal-os-version", "14");
request.Headers.Add("bereal-device-id", "2312889cb6b5f15f");
request.Headers.Add("bereal-app-version-code", "2348592");
request.Headers.Add("bereal-app-version", "3.10.1");
request.Headers.Add("Accept-Encoding", "gzip");
request.Headers.Add("bereal-timezone", "Europe/Paris");
var response = await _httpClient.SendAsync(request);
if (!response.IsSuccessStatusCode) {
throw new Exception("Internal server error while sending otp: " + response.StatusCode);
}
var responseContent = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync());
account.BeRealRefreshToken = responseContent.refresh_token;
account.BeRealAccessToken = responseContent.access_token;
This new login method doesn't use Vonage or Firebase but this is the only one I found working.
Mmh, refreshing doesn't even work properly, I'll try to use the vonage api tomorrow
That's awesome @NOctu1412! As soon as I get home I'll push the edits! Thanks!
Too lazy to setup the project but here is my code from my project:
Send OTP and Check OTP
private static string ArkoseKey = "CCB0863E-D45D-42E9-A6C8-9E8544E8B17E"; private static string BeRealClientSecret = "F5A71DA-32C7-425C-A3E3-375B4DACA406"; private long UnixTimeStamp() { return DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(); } static string GenerateRandomDouble(int decimalPlaces) { if (decimalPlaces < 1) { throw new ArgumentOutOfRangeException(nameof(decimalPlaces), "Decimal places must be between 1 and 17."); } Random random = new Random(); StringBuilder sb = new StringBuilder("0."); for (int i = 0; i < decimalPlaces; i++) { int digit = random.Next(10); sb.Append(digit); } return sb.ToString(); } public async Task<string> GetArkoseToken() { // get public key // var publicKeyPayload = new Dictionary<string, string> { { "bda", (the bda key, don't know if I can share it bcz I don't know myself what it contains) }, { "public_key", ArkoseKey }, { "site", "file://" }, { "userbrowser", "Mozilla/5.0 (Linux; ... Build/UP1A.231105.003; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/129.0.6668.100 Mobile Safari/537.36" }, { "capi_version", "2.11.0" }, { "capi_mode", "inline" }, { "style_theme", "default" }, { "rnd", GenerateRandomDouble(17) }, { "data[blob]", "" } }; var publicKeyContent = new FormUrlEncodedContent(publicKeyPayload); var publicKeyRequest = new HttpRequestMessage(HttpMethod.Post, "https://client-api.arkoselabs.com/fc/gt2/public_key/" + ArkoseKey); publicKeyRequest.Content = publicKeyContent; var publicKeyResponse = await _httpClient.SendAsync(publicKeyRequest); if (!publicKeyResponse.IsSuccessStatusCode) { throw new Exception("Internal server error while getting public key response"); } var publicKeyResponseContent = JsonConvert.DeserializeObject<dynamic>(await publicKeyResponse.Content.ReadAsStringAsync()); string unformattedToken = publicKeyResponseContent!.token; string token = unformattedToken.Substring(0, 28); // callback to confirm token // var callbackName = "__jsonp_" + UnixTimeStamp(); Debug.WriteLine("callback: " + callbackName); var baseUri = new Uri("https://client-api.arkoselabs.com/fc/a/"); var queryParameters = HttpUtility.ParseQueryString(string.Empty); queryParameters["callback"] = callbackName; queryParameters["category"] = "loaded"; queryParameters["action"] = "game loaded"; queryParameters["session_token"] = token; queryParameters["data[public_key]"] = ArkoseKey; queryParameters["data[site]"] = "file://"; var uriBuilder = new UriBuilder(baseUri) { Query = queryParameters.ToString() }; var callbackRequest = new HttpRequestMessage(HttpMethod.Get, uriBuilder.ToString()); var callbackResponse = await _httpClient.SendAsync(callbackRequest); if (!callbackResponse.IsSuccessStatusCode) { throw new Exception("Error while sending callback request"); } return token; } public async Task BeRealSendOtp(string phoneNumber, bool useL7 = true) { string arkoseToken = await GetArkoseToken(); var payload = new { client_id = "android", client_secret = BeRealClientSecret, device_id = "2312889cb6b5f15f", phone_number = phoneNumber, tokens = new[] { new { token = arkoseToken, identifier = "AR" // identifier type for arkose tokens only } } }; var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json"); var request = new HttpRequestMessage(HttpMethod.Post, "https://auth" + (useL7 ? "-l7" : "") + ".bereal.com/token/phone"); request.Content = content; request.Headers.Add("User-Agent", "BeReal/3.10.1 (com.bereal.ft; build:2348592; Android 14) 4.12.0/OkHttp"); request.Headers.Add("bereal-app-version-code", "14549"); request.Headers.Add("bereal-signature", await FetchSignatureAsync()); request.Headers.Add("bereal-platform", "android"); request.Headers.Add("bereal-os-version", "14"); request.Headers.Add("bereal-device-id", "2312889cb6b5f15f"); request.Headers.Add("bereal-app-version-code", "2348592"); request.Headers.Add("bereal-app-version", "3.10.1"); request.Headers.Add("Accept-Encoding", "gzip"); request.Headers.Add("bereal-timezone", "Europe/Paris"); var response = await _httpClient.SendAsync(request); if (!response.IsSuccessStatusCode) { throw new Exception("Internal server error while sending otp: " + response.StatusCode); } } public async Task BeRealCheckOtp(string accountName, string phoneNumber, string otp, bool useL7 = true) { var payload = new { client_id = "android", client_secret = BeRealClientSecret, code = otp, device_id = "2312889cb6b5f15f", phone_number = phoneNumber }; var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json"); var request = new HttpRequestMessage(HttpMethod.Post, "https://auth" + (useL7 ? "-l7" : "") + ".bereal.com/token/phone"); request.Content = content; request.Headers.Add("User-Agent", "BeReal/3.10.1 (com.bereal.ft; build:2348592; Android 14) 4.12.0/OkHttp"); request.Headers.Add("bereal-app-version-code", "14549"); request.Headers.Add("bereal-signature", await FetchSignatureAsync()); request.Headers.Add("bereal-platform", "android"); request.Headers.Add("bereal-os-version", "14"); request.Headers.Add("bereal-device-id", "2312889cb6b5f15f"); request.Headers.Add("bereal-app-version-code", "2348592"); request.Headers.Add("bereal-app-version", "3.10.1"); request.Headers.Add("Accept-Encoding", "gzip"); request.Headers.Add("bereal-timezone", "Europe/Paris"); var response = await _httpClient.SendAsync(request); if (!response.IsSuccessStatusCode) { throw new Exception("Internal server error while sending otp: " + response.StatusCode); } var responseContent = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync()); string berealAccessToken = responseContent!.access_token; string refreshToken = responseContent!.refresh_token; long expiresIn = responseContent!.expires_in; long expires = GetCurrentDate() + expiresIn; // .... }
To refresh the token:
var payload = new { client_id = "android", client_secret = BeRealClientSecret, grant_type = "refresh_token", refresh_token = account.BeRealRefreshToken }; var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json"); var request = new HttpRequestMessage(HttpMethod.Post, "https://auth" + (useL7 ? "-l7" : "") + ".bereal.com/token"); request.Content = content; request.Headers.Add("User-Agent", "BeReal/3.10.1 (com.bereal.ft; build:2348592; Android 14) 4.12.0/OkHttp"); request.Headers.Add("bereal-app-version-code", "14549"); request.Headers.Add("bereal-signature", await FetchSignatureAsync()); request.Headers.Add("bereal-platform", "android"); request.Headers.Add("bereal-os-version", "14"); request.Headers.Add("bereal-device-id", "2312889cb6b5f15f"); request.Headers.Add("bereal-app-version-code", "2348592"); request.Headers.Add("bereal-app-version", "3.10.1"); request.Headers.Add("Accept-Encoding", "gzip"); request.Headers.Add("bereal-timezone", "Europe/Paris"); var response = await _httpClient.SendAsync(request); if (!response.IsSuccessStatusCode) { throw new Exception("Internal server error while sending otp: " + response.StatusCode); } var responseContent = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync()); account.BeRealRefreshToken = responseContent.refresh_token; account.BeRealAccessToken = responseContent.access_token;
This new login method doesn't use Vonage or Firebase but this is the only one I found working.
You are crazy. How did you manage to find that?
@xer0xde Reversed the apk and used a little bit of requests intercepting, but yeah, as I said this is not using the firebase api. The refresh token is some shit of bereal, I don't really like that, I'm trying to do something else.
Ok so first, here is the updated refreshing code that works now:
var payload = new {
client_id = "android",
client_secret = BeRealClientSecret,
grant_type = "refresh_token",
refresh_token = account.BeRealRefreshToken
};
Debug.WriteLine("Refreshing: " + account.BeRealRefreshToken);
Debug.WriteLine(JsonConvert.SerializeObject(payload));
var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json");
var request = new HttpRequestMessage(HttpMethod.Post, "https://auth" + (useL7 ? "-l7" : "") + ".bereal.com/token?grant_type=refresh_token");
request.Content = content;
request.Headers.Add("User-Agent", "BeReal/3.10.1 (com.bereal.ft; build:2348592; Android 14) 4.12.0/OkHttp");
request.Headers.Add("bereal-signature", await FetchSignatureAsync());
request.Headers.Add("bereal-platform", "android");
request.Headers.Add("bereal-os-version", "14");
request.Headers.Add("bereal-device-id", "2312889cb6b5f15f");
request.Headers.Add("bereal-app-version-code", "2348592");
request.Headers.Add("bereal-app-version", "3.10.1");
request.Headers.Add("Accept-Encoding", "gzip");
request.Headers.Add("bereal-timezone", "Europe/Paris");
var response = await _httpClient.SendAsync(request);
if (!response.IsSuccessStatusCode) {
Debug.WriteLine(await response.Content.ReadAsStringAsync());
throw new Exception("Internal server error while refreshing bereal type account otp: " + response.StatusCode);
}
var responseContent = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync());
account.BeRealRefreshToken = responseContent.refresh_token;
account.BeRealAccessToken = responseContent.access_token;
long expiresIn = responseContent.expires_in;
account.Expires = GetCurrentDate() + expiresIn;
Login and token refresh is now working, thanks @NOctu1412!
P.S.: that arkose bda
token is b64 encoded json data, that has a ct
, iv
and s
field, so I imagine is AES encrypted data (i'll probably have to update that key once in a while, hopefully i'll find a way to generate that, maybe looking at https://client-api.arkoselabs.com/v2/api.js?)
@macedonga Okay nice, I am now analysing the new endpoints for the vonage api. The problem is that your signature generator (sig.beunblurred.co) is not working properly and I have no idea why.
In fact, there are still two ways to auth I believe. They way I gave you and another that still uses vonage. Here is the schema it follows:
https://auth-l7.bereal.com/api/vonage/data-exchange:
{
"phoneNumber": ""
}
Then it returns some encrypted data which is passed in the arkose publicKey request in the data[blob] field, which will return an token to login using vonage. But I can't manage to replay the data exchange request using your sig.beunblurred.co generator but with the signature that I am getting in the http interceptor it works. I can't find how bereal is generating these. Could you explain me how are they doing ? Or at least where is it located in the apk ?
Login still doesn't work with +380
It still doesn't Work for a German number (+49) either. I get the same error as privious.
Doesn't work for +1 either.
Same for me, German number
Should be working now
Still doesn't work for +33 (french 🥖) phone numbers
Regarding the captcha, do you have any idea on the future possibilities of bypassing this, is it a matter of time ? Thanks
For the last two days whenever I try to log in it says "An error occurred. Please try again later. (500). Is something wrong with otp?