Shulou(Shulou.com)05/31 Report--

Today, I would like to share with you the relevant knowledge about the method of activating github devices. The content is detailed and the logic is clear. I believe most people still know too much about this, so share this article for your reference. I hope you can get something after reading this article. Let's take a look at it.

Device registration

Access to information, the device ID registration is mainly device_id and install_id (iid). Registered URL: [http://log.******.com/service/2/device_register/](http://log.******.com/service/2/device_register/).

First do the search based on device_id and install_id. If a tone is not reinforced, open it directly with Jadx, and search device_id and install_id at the same time, you can find that the main code snippet is in the com.**.android.common.applog.AppLog package.

Cdn.nlark.com/yuque/0/2020/png/97322/1609167730788-236be7c6-ff07-4091-93d6-56ca77011438.png ">

It's really suspicious, there are a lot of device ID and device-related parameters and methods, but there is no code related to device registration, so forget about it.

Then directly search device_register, the results are not many, found that Jadx can not be parsed normally, although you can see the instructions can also see probably, here is the specific logic of device registration.

This is what happens when you open it with JEB.

The overall information is the same as that on the Internet, collecting all kinds of device information, and compressing and encrypting. We can see that it is not difficult to obtain the ID of the device.

This project device_register is recommended here, which can generate device_id directly, in which unidbg is used to call the encryption function.

Device activation

However, the author of the above project also mentioned in README that the device_id and iid obtained in this way to access the interface will get an empty response. The original author guessed that there was a relevant activation request, which was indeed the case after testing. Therefore, the focus of this paper is to share a kind of deceptive management log to realize the reactivation of device ID.

Going back to the AppLog class I saw at the beginning, there are a lot of cases in which user behavior is recorded and managed logs are uploaded, and these logs will contain device_id and iid. So I speculated whether these management logs affected the effectiveness of device_id. If we inject the generated device_id into the real mobile phone App, then opening the App will manage according to the device_id we injected, won't it be washed out?

Referring to the data, it is found that if there is another method in the AppLog class to control whether the management log body needs to be encrypted, find that the name corresponds to getLogEncryptSwitch, and first change it to false. After that, I found that all the bags were indeed shown in plain text.

You can find that the header field in the body carries the device information, which is actually the mheader field, so you need to inject device_id and iid into the mheader first.

After the injection is completed, it is found that the device_id and iid in URL have not changed, but it is easy to modify the parameters in it. Just find a class com.**.android.d.e with request parameters and throw device_id and iid into it.

Finally, take a look at the storage location of device_id. Going back to the getServerDeviceId and getInstallId methods of AppLog, you can see that they actually end up pulling data from SharedPreferences. So in addition to injecting relevant methods to get device_id and iid, it's safer to remove SharedPreferences (/ data/data//shared_prefs) to remove the original device_id and iid.

After all the above operations, re-open the App grab package to find that all the management logs use our newly injected device_id, and the device_register API returns a new install_id, which can be used on all APIs after testing.

These are all the contents of this article entitled "methods for activating github devices". Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.