Open coolnickname opened 7 years ago
I don't think so. I'm sure the app has security measures to prevent that.
It is possible to make a Proxy/MITM thing, that will forward the requests from Niantic's servers to your POGOserver.
The only problem is the certificate-pinning in Pokemon Go, so would require people you want to join, to install an APK of Pokemon Go 0.35 without certificate-pinning.
That's what I meant actually, and I think it's possible to modify the APK in that way, but it would disable Google login
Its pretty easy to disable certificate pinning actually. But the problem is that disabling it also prevents you from logging in with google accounts.
Currently I dont know any way of decoding PTC auth tokens that could be implemented here. So its a dead point until we find out how to decode PTC auth tokens.
Check this also: https://github.com/rastapasta/pokemon-go-xposed/issues/16 I am trying to hardcode an endpoint in the pogo apk
Can't you also emulate the PTC auth servers and make all request go there (like logging in)? That way you also have a custom authentication system. If you're modifying the APK anyway you could also intercept the PTC login details before they are encrypted.
If the requests to PTC oauth are made through the same function (doSyncRequest) it should not be hard.
Isn't it possible to use an app that doesn't require root to start a local VPN service that would change all requests to the Niantic servers to my custom one?