signed error request

[rayanke]

is this even still working. i tried updating to the newest ios key but it aint working .

latest key starts with ? cPR72

[marbink]

Sorry for the delay, i'm quite busy lately. According to my research, actual key starts with kVCBYj. I didn't test if api are still working though. Just managed to extract the key.

EDIT: Oh, i'm checking on iOS. I don't know if android apis are using the same key. I guess so, but never checked.

[rayanke]

thanks fam is their anyway to extract the ios key without jailbreaking the device. i tried using mitmproxy but an error pops up "Client TLS Hanshake failed" not sure if i could get the ios key using mitmproxy

[rayanke]

Hey dude I don’t wanna bother but could you tell me how you got the key off of the iOS ipa.

I have injected the app with Frida gadget and ran the sslpinning disable on objection explore but I’m still not sure what to do next literally took me the whole day but still haven’t figured out how to get the api key after hooking the app

[marbink]

API key (give a look at api impl. on github) is used to generate HMAC in every request. That's why sniffing network traffic will not lead directly to api key. Dig into HMAC generation and once you discover where it is generated, you will see the key in clear. On the other side, it must be possibile to extract key directly from binary (I know there are people doing it on android) but I don't know how to do it. Btw, what you did is not completely useless: network traffic is useful to confirm you are hooking the right function, checking if retval == HMAC in request.

[rayanke]

im totally noob when it comes to pentesting i could get the api key for android with ease but the ios way is waaay to complicated for me as im using a non jailbroken iphone with zero knowledge at how to generate hmac key and there aint no tutorial for that. (u should make one)