Created Documentation folder

Signed-off-by: Domenico Iezzi <domenico.iezzi.201@gmail.com>
This commit is contained in:
Domenico Iezzi 2017-09-06 21:45:52 +02:00
parent f21a7e97d3
commit 91ec07ed77
6 changed files with 118 additions and 78 deletions

View File

@ -0,0 +1,49 @@
## Auth (with token)
### Details
**URL**
```
POST https://android.clients.google.com/auth HTTP/1.1
```
**HEADERS**
```
device: 320d104c4dc6eaa4
app: com.google.android.gms
Accept-Encoding: gzip
User-Agent: GoogleAuth/1.4 (A0001 NJH47F); gzip
content-length: 638
content-type: application/x-www-form-urlencoded
Host: android.clients.google.com
Connection: Keep-Alive
```
**URLEncoded query string**
```
androidId=<hidden>&lang=en_US&google_play_services_version=11509438&sdk_version=25&device_country=it&request_visible_actions=&client_sig=38918a453d07199354f8b19af05ec6562ced5788&callerSig=38918a453d07199354f8b19af05ec6562ced5788&Email=<hidden>&service=oauth2%3Ahttps%3A%2F%2Fwww.googleapis.com%2Fauth%2Fplacesserver&app=com.google.android.gms&check_email=1&token_request_options=CAA4AQ%3D%3D&system_partition=1&callerPkg=com.google.android.gms&Token=<hidden>
```
**URLEncoded parsed**
```
androidId: <hidden>
lang: en_US
google_play_services_version: 11509438
sdk_version: 25
device_country: it
request_visible_actions:
client_sig: 38918a453d07199354f8b19af05ec6562ced5788
callerSig: 38918a453d07199354f8b19af05ec6562ced5788
Email: <hidden>
service: oauth2:https://www.googleapis.com/auth/placesserver
app: com.google.android.gms
check_email: 1
token_request_options: CAA4AQ==
system_partition: 1
callerPkg: com.google.android.gms
Token: <hidden>
```
### Notes
Token in the URLEncoded query is the Master Token, not the Auth Token.
Some info on Master Token [here](https://sbktech.blogspot.it/2014/01/inside-android-play-services-magic.html)

View File

@ -0,0 +1,36 @@
## Download ( /fdfe/delivery )
### Details
**URL**
```
GET https://android.clients.google.com/fdfe/delivery?doc=com.termux.api&ot=1&st=EP6Gwc0FGc3MvN8QbNZBIhcI35bT8qSL1gIQAxABEAQQAhAGEAoYAg%3D%3D&vc=15&fdcf=1&fdcf=2
```
**PARSED GET PARAMETERS**
```
doc: com.termux.api
ot: 1
st: EP6Gwc0FGc3MvN8QbNZBIhcI35bT8qSL1gIQAxABEAQQAhAGEAoYAg==
vc: 15
fdcf: 1
```
**HEADERS**
```
X-DFE-MCCMNC: 22201
X-DFE-Device-Id: <hidden>
X-DFE-Content-Filters:
X-DFE-Network-Type: 4
X-DFE-Request-Params: timeoutMs=4000
User-Agent: Android-Finsky/8.1.72.S-all%20%5B6%5D%20%5BPR%5D%20165478484 (api=3,versionCode=80817206,sdk=25,device=A0001,hardware=bacon,product=bacon,platformVersionRelease=7.1.2,model=A0001,buildId=NJH47F,isWideScreen=0,supportedAbis=armeabi-v7a;armeabi)
X-DFE-Client-Id: am-android-oneplus
Authorization: GoogleLogin auth=<hidden>
Accept-Language: en-US
Host: android.clients.google.com
Connection: Keep-Alive
Accept-Encoding: gzip
```
### Notes
Protobuf response is `download-delivery-byte`

Binary file not shown.

View File

@ -0,0 +1,31 @@
## Search
### Details
**URL**
```
GET https://android.clients.google.com/fdfe/search?c=3&q=termux HTTP/1.1
```
**HEADERS**
```
X-Ad-Id: 70417864-0f86-4451-b5aa-103de27a6af5
X-DFE-Content-Filters:
X-DFE-Network-Type: 4
X-DFE-Encoded-Targets: CAESqwGzlYEGDsgF3gTRAkIC2AMCFJIHgAIWjgi1AVhAmQGOA4ICb+kKmAHgAQyGAS9o8gLzAe0BFvsLuAMBAsADjwLDFYUBNS2lCJYStgEBfgegAm2xAgEoAQYo4wvDAtAFqwIB+APWArYDwgHhBf0BjAICU+MGmgGRAZsC0AFMmgPkAuUBKyHOAVIC5QECrwEYAQYBowFLYgGpBYgDhQEBY0o2SqEDggJpYYgDtAMa9gQTAg7OATu1AaABCFoCAwRrN4DTzwKCu7EDAQEDAgQJCAgBAQIIAwEBAgEBAQICAgYBBhQKAQcCAwMEAhABAQHKAQETAwQCDecBfQolAhYFAgEKG3UMMxcBIQoUDwYHIjeEAQ4MFk0JUwV/EREYAQMNfgRfHhQQIwsOcGQEDQ9qowHAAoQBBIQBAgEBfA4ZGDYVARgBCwEoZQICJShzFCehBQYRGg43GBxpjQG0AVnQAR4nCzQmL1vUAWV3CQEK3gF2A30tDAMsZJ4BBIEBdFAfcogBigHMAgUFCc0BBUWgATk4jQIaYDUuzgENcqoBASCLA5IBqAImlwNhrQKEBnbjBfgBXaEBAQ8GAQEChwQEc5YBBlVtAUUB3AUyDnuzAZIBA4YGKxihAQcwASEBBwIgCBIdB6YDOAEaRoQBAfsBQHWnARkiAqMCLBYPvAsDAoABIocBO8kBygG2AQENAyeIAx7bAVKoBIMEqgETKQSLAbIDOhAndFdEOBWjAQGNAfUBGguZAUUMCwgvWwFpGrkBDhEgP3wLuAEhBgIUAb4DFG8TIa4BjgFFBgQCAQECWUKdAmIVBAEUxwESASQLWgoeJQIChAXCAQYjFTISxwFoBSFHEAEBWcsBMU5KkgEW0wGeAQceCDtk6AEGU44CpAHRAZIBC88BegEiTV0HSgQBBLgBDSYIMB0VCwIBed8BLW4DATaWAT0odAwCXztnERRVDSoDCkM/IwfKAgIHXQwCP1Y2bgQM+QICBgcUBREEWCZMAwwUGCRVKlNjHAMGGET/AQwBCwUHBJMBAn8RBx8eTwUqAgsJCw8HFAYECgoWBFoK0wIWMwY
X-DFE-Cookie: <hidden>
User-Agent: Android-Finsky/8.1.72.S-all%20%5B6%5D%20%5BPR%5D%20165478484 (api=3,versionCode=80817206,sdk=25,device=A0001,hardware=bacon,product=bacon,platformVersionRelease=7.1.2,model=A0001,buildId=NJH47F,isWideScreen=0,supportedAbis=armeabi-v7a;armeabi)
X-DFE-Client-Id: am-android-oneplus
X-Limit-Ad-Tracking-Enabled: false
X-DFE-MCCMNC: 22201
X-DFE-Device-Id: <hidden>
X-DFE-Request-Params: timeoutMs=4000
Accept-Language: en-US
Authorization: GoogleLogin auth=<hidden>
Host: android.clients.google.com
Connection: Keep-Alive
Accept-Encoding: gzip
```
### Notes
Need to investigate `X-DFE-Cookie`.
Protobuf response is `search-response-bytes`

Binary file not shown.

View File

@ -10,81 +10,5 @@ This project is released under the BSD license.
# API reversing
Here are some example request reversed from LineageOS 14.1 (Android 7.1) with lastest play services (as of 06/09/2017):
### Search
**URL:** GET https://android.clients.google.com/fdfe/search?c=4&q=zodiac
```
X-Ad-Id: <hidden>
X-DFE-Device-Id: <hidden>
X-DFE-Content-Filters:
X-DFE-Network-Type: 4
X-DFE-Request-Params: timeoutMs=4000
X-DFE-Cookie: <hidden>
X-DFE-Encoded-Targets: CAESqQGzlYEGDsgF3gTRAkIC2AMCFJIHgAIWjgi1AVhAmQGOA4ICb+kKmAHgAQyGAS9o8gLzAe0BFvsLuAMBAsADjwLDFYUBNS2lCJYStgEBfgegAm2xAgEoAQYo4wvDAtAFqwIB+APWArYDwgHhBf0BjAICU+MGmgGRAZsC0AFM/gXlASshzgFSAuUBAq8BGAEGAaMBS2IBqQWIA4UBAWNKNkqhA4ICaWGIA7QDGv4EEwIOzgE7tQGgAQhaAgMEazeA088CgruxAwEBAwIECQgIAQECCAMBAQIBAQECAgIGAQYUCgEHAgMDBAIQAQEBygEBEwMEAg3nAX0KJQIWBQIBCht1DDMXASEKFA8GByI3hAEODBZNCVMFfxERGAEDDX4EXx4UECMLDnBkBA0PaqMBwAKEAQSEAQIBAXwOGRg2FQEYAQsBKGUCAiUocxQnoQUGERoONxgcaY0BtAFZ0AEeJws0Ji9b1AFldwkBCt4BdgN9LQwDLGSeAQSBAXRQH3KIAYoBzAIFBQnNAQVFoAE5OI0CGmA1Ls4BDXKqAQEgiwOSAagCJpcDYa0ChAZ24wX4AV2hAQEPBgEBAocEBHOWAQZVbQFFAdwFMg57swGSAQOGBisYoQEHMAEhAQcCIAgSHQemAzgBGkaEAQH7AUB1pwEZIgKjAiwWD7wLAwKAASKHATvJAcoBtgEBDQMniAMe2wFSqASDBKoBEykEiwGyAzoQJ3RXRDgVowEBjQH1ARoLmQFFDAsIL1sBaRq5AQ4RX3wLuAEhBgIUAb4DFG8TIa4BjgFFBgQCAQECWUKdAmIVBAEUxwESASQLWgoeJQICBf8EwgEGIxUyEscBaAUhRxABAVnLATFOSpIBFtMBngEHHgg7ZOgBBlOOAqQB0QGSAQvPAXoBIk1dB0oEAQQ6BQcEAgVnDSYIMB0VCwIBed8BLW4DARUFBgcGnwE9KDY+DAJfO2cRFFUNKgMKQz8jB8oCAgddDAI/VjZuBAz5AgIGBxQFEQRYJkwDDBQYJFUqU2McAwYYRP8BDAELBQcEkwECfxEHHx5PBSoCCwkLDwcUBgQKChYEWgrTAhY
User-Agent: Android-Finsky/8.1.72.S-all%20%5B6%5D%20%5BPR%5D%20165478484 (api=3,versionCode=80817206,sdk=25,device=A0001,hardware=bacon,product=bacon,platformVersionRelease=7.1.2,model=A0001,buildId=NJH47F,isWideScreen=0,supportedAbis=armeabi-v7a;armeabi)
X-DFE-Client-Id: am-android-oneplus
X-Limit-Ad-Tracking-Enabled: false
Authorization: GoogleLogin auth=<hidden>
Accept-Language: en-US
If-None-Match: 1903308838
Host: android.clients.google.com
Connection: Keep-Alive
Accept-Encoding: gzip
```
### Details (single)
**URL:** GET https://android.clients.google.com/fdfe/details?doc=com.google.android.apps.photos
```
X-Ad-Id: <hidden>
X-DFE-Device-Id: <hidden>
X-DFE-Content-Filters:
X-DFE-Network-Type: 4
X-DFE-Request-Params: timeoutMs=4000
X-DFE-Cookie: <hidden>
X-DFE-Encoded-Targets: CAESqQGzlYEGDsgF3gTRAkIC2AMCFJIHgAIWjgi1AVhAmQGOA4ICb+kKmAHgAQyGAS9o8gLzAe0BFvsLuAMBAsADjwLDFYUBNS2lCJYStgEBfgegAm2xAgEoAQYo4wvDAtAFqwIB+APWArYDwgHhBf0BjAICU+MGmgGRAZsC0AFM/gXlASshzgFSAuUBAq8BGAEGAaMBS2IBqQWIA4UBAWNKNkqhA4ICaWGIA7QDGv4EEwIOzgE7tQGgAQhaAgMEazeA088CgruxAwEBAwIECQgIAQECCAMBAQIBAQECAgIGAQYUCgEHAgMDBAIQAQEBygEBEwMEAg3nAX0KJQIWBQIBCht1DDMXASEKFA8GByI3hAEODBZNCVMFfxERGAEDDX4EXx4UECMLDnBkBA0PaqMBwAKEAQSEAQIBAXwOGRg2FQEYAQsBKGUCAiUocxQnoQUGERoONxgcaY0BtAFZ0AEeJws0Ji9b1AFldwkBCt4BdgN9LQwDLGSeAQSBAXRQH3KIAYoBzAIFBQnNAQVFoAE5OI0CGmA1Ls4BDXKqAQEgiwOSAagCJpcDYa0ChAZ24wX4AV2hAQEPBgEBAocEBHOWAQZVbQFFAdwFMg57swGSAQOGBisYoQEHMAEhAQcCIAgSHQemAzgBGkaEAQH7AUB1pwEZIgKjAiwWD7wLAwKAASKHATvJAcoBtgEBDQMniAMe2wFSqASDBKoBEykEiwGyAzoQJ3RXRDgVowEBjQH1ARoLmQFFDAsIL1sBaRq5AQ4RX3wLuAEhBgIUAb4DFG8TIa4BjgFFBgQCAQECWUKdAmIVBAEUxwESASQLWgoeJQICBf8EwgEGIxUyEscBaAUhRxABAVnLATFOSpIBFtMBngEHHgg7ZOgBBlOOAqQB0QGSAQvPAXoBIk1dB0oEAQQ6BQcEAgVnDSYIMB0VCwIBed8BLW4DARUFBgcGnwE9KDY+DAJfO2cRFFUNKgMKQz8jB8oCAgddDAI/VjZuBAz5AgIGBxQFEQRYJkwDDBQYJFUqU2McAwYYRP8BDAELBQcEkwECfxEHHx5PBSoCCwkLDwcUBgQKChYEWgrTAhY
User-Agent: Android-Finsky/8.1.72.S-all%20%5B6%5D%20%5BPR%5D%20165478484 (api=3,versionCode=80817206,sdk=25,device=A0001,hardware=bacon,product=bacon,platformVersionRelease=7.1.2,model=A0001,buildId=NJH47F,isWideScreen=0,supportedAbis=armeabi-v7a;armeabi)
X-DFE-Client-Id: am-android-oneplus
X-Limit-Ad-Tracking-Enabled: false
Authorization: GoogleLogin auth=<hidden>
Accept-Language: en-US
Host: android.clients.google.com
Connection: Keep-Alive
Accept-Encoding: gzip
```
### BulkDetails
**URL:** POST https://android.clients.google.com/fdfe/bulkDetails?au=1
```
X-DFE-Device-Id: <hidden>
X-DFE-Content-Filters:
X-DFE-Network-Type: 4
X-DFE-Request-Params: timeoutMs=30000
X-DFE-Cookie: <hidden>
X-DFE-Encoded-Targets: CAESqQGzlYEGDsgF3gTRAkIC2AMCFJIHgAIWjgi1AVhAmQGOA4ICb+kKmAHgAQyGAS9o8gLzAe0BFvsLuAMBAsADjwLDFYUBNS2lCJYStgEBfgegAm2xAgEoAQYo4wvDAtAFqwIB+APWArYDwgHhBf0BjAICU+MGmgGRAZsC0AFM/gXlASshzgFSAuUBAq8BGAEGAaMBS2IBqQWIA4UBAWNKNkqhA4ICaWGIA7QDGv4EEwIOzgE7tQGgAQhaAgMEazeA088CgruxAwEBAwIECQgIAQECCAMBAQIBAQECAgIGAQYUCgEHAgMDBAIQAQEBygEBEwMEAg3nAX0KJQIWBQIBCht1DDMXASEKFA8GByI3hAEODBZNCVMFfxERGAEDDX4EXx4UECMLDnBkBA0PaqMBwAKEAQSEAQIBAXwOGRg2FQEYAQsBKGUCAiUocxQnoQUGERoONxgcaY0BtAFZ0AEeJws0Ji9b1AFldwkBCt4BdgN9LQwDLGSeAQSBAXRQH3KIAYoBzAIFBQnNAQVFoAE5OI0CGmA1Ls4BDXKqAQEgiwOSAagCJpcDYa0ChAZ24wX4AV2hAQEPBgEBAocEBHOWAQZVbQFFAdwFMg57swGSAQOGBisYoQEHMAEhAQcCIAgSHQemAzgBGkaEAQH7AUB1pwEZIgKjAiwWD7wLAwKAASKHATvJAcoBtgEBDQMniAMe2wFSqASDBKoBEykEiwGyAzoQJ3RXRDgVowEBjQH1ARoLmQFFDAsIL1sBaRq5AQ4RX3wLuAEhBgIUAb4DFG8TIa4BjgFFBgQCAQECWUKdAmIVBAEUxwESASQLWgoeJQICBf8EwgEGIxUyEscBaAUhRxABAVnLATFOSpIBFtMBngEHHgg7ZOgBBlOOAqQB0QGSAQvPAXoBIk1dB0oEAQQ6BQcEAgVnDSYIMB0VCwIBed8BLW4DARUFBgcGnwE9KDY+DAJfO2cRFFUNKgMKQz8jB8oCAgddDAI/VjZuBAz5AgIGBxQFEQRYJkwDDBQYJFUqU2McAwYYRP8BDAELBQcEkwECfxEHHx5PBSoCCwkLDwcUBgQKChYEWgrTAhY
User-Agent: Android-Finsky/8.1.72.S-all%20%5B6%5D%20%5BPR%5D%20165478484 (api=3,versionCode=80817206,sdk=25,device=A0001,hardware=bacon,product=bacon,platformVersionRelease=7.1.2,model=A0001,buildId=NJH47F,isWideScreen=0,supportedAbis=armeabi-v7a;armeabi)
X-DFE-Client-Id: am-android-oneplus
Authorization: GoogleLogin auth=<hidden>
Accept-Language: en-US
Content-Type: application/x-protobuf
Content-Length: 345
Host: android.clients.google.com
Connection: Keep-Alive
Accept-Encoding: gzip
```
### Download (with DownloadManager)
**URL:** GET https://android.clients.google.com/market/download/Download?packageName=com.blizzard.bma&versionCode=37&ssl=1&token=AOTCm0RaA2KnsS7TNkToZHQ-HFvfoFcKVl8cEtfceae9R_D1AM7NUnBmYUQ94qbR7KE_WzE-ujoJ7zjyBPjxFXTycEPO2D3PEcEeEKRnRkT-lQnWBX0zBTVyxl3cl_SHNrsD4mU89DOlhd7MxFyjHXYy8Z0sjCEKoEkxN_sEI1Yc76cRvpfhhsD6Hp41B9qizcCWpYF40XXRVbbO75zsAA7Bx4tdyR-7xG5Fu8tVcTU1m9Apj3QyFrQYDmVCz642avKBW2FaZGup8Eg4ixX3LPGnV2t7sL2-kjFrKsnSg8pZ9McN9bqAwNi2jzuotwsrGPsB_YHeiC-mad44p4h7HrDrDojnclKVAGzvt2dVSpV83w&cf=2&did=0&cpn=mizUmddBG6L0EGEh
```
User-Agent: AndroidDownloadManager/7.1.2 (Linux; U; Android 7.1.2; A0001 Build/NJH47F)
Accept-Encoding: identity
Connection: close
Host: android.clients.google.com
```
Currently I'm trying to reverse a more recent version of the GooglePlay API on LineageOS 14.1 (Android 7.1) using [mitmproxy](https://mitmproxy.org/).
Checkout the Documentation folder for more details on single API endpoints.