apple-corelocation-experiments icon indicating copy to clipboard operation
apple-corelocation-experiments copied to clipboard
verified publisher icon acheong08

Need a little clarification on spoofing

Open terryjools opened this issue 10 months ago • 1 comments

I configured mitmproxy with the wloc.py script and after that the problems started. There seems to be a mistake in the description, you point to /cmd/fakeloc/main.go, I configured the server in /cmd/spoofed/main.go. The problem is that it receives a request and gives a response, which is swapped in mitmproxy, but the location doesn't change, it just says it couldn't get the location, although everything is fine according to the log.

Here is spoofed log: 2025/03/10 11:36:16 Recieved request 2025/03/10 11:36:16 000100000001000000190a1134323a37353a63333a66393a61313a3339f80101800202 2025/03/10 11:36:20 Recieved request 2025/03/10 11:36:20 aa:d5:9d:58:e9:9d 2025/03/10 11:36:20 3c:7c:3f:e4:72:48 2025/03/10 11:36:20 8a:d5:9d:58:e9:9d 2025/03/10 11:36:20 000100000001000000be12350a1161613a64353a39643a35383a65393a396412200880d4dae60e10d8c7c3f6d8ffffffff011827200328920430e807583f60d30312350a1133633a37633a33663a65343a37323a343812200880d4dae60e10d8c7c3f6d8ffffffff011827200328920430e807583f60d30312350a1138613a64353a39643a35383a65393a396412200880d4dae60e10d8c7c3f6d8ffffffff011827200328920430e807583f60d3030a1137613a64353a39643a35383a65393a3964f80101800202 2025/03/10 11:36:28 Recieved request 2025/03/10 11:36:28 7a:d5:9d:57:c3:cd 2025/03/10 11:36:28 aa:d5:9d:57:c3:cd 2025/03/10 11:36:28 0001000000010000008712350a1137613a64353a39643a35373a63333a636412200880d4dae60e10d8c7c3f6d8ffffffff011827200328920430e807583f60d30312350a1161613a64353a39643a35373a63333a636412200880d4dae60e10d8c7c3f6d8ffffffff011827200328920430e807583f60d3030a1133633a37633a33663a65343a37323a3463f80102800202

And mitm log: [11:36:11.154] Loading script wloc.py [11:36:11.183] HTTP(S) proxy listening at *:8080. [11:36:13.307][192.168.8.247:61359] client connect [11:36:13.347][192.168.8.247:61359] server connect cl4.apple.com:443 (17.253.23.205:443) [11:36:13.475][192.168.8.247:49408] client connect [11:36:13.488][192.168.8.247:49408] server connect guzzoni.apple.com:443 (54.71.177.201:443) [11:36:14.059][192.168.8.247:61360] client connect [11:36:14.109][192.168.8.247:61360] server connect gs-loc.apple.com:443 (17.36.206.5:443) [11:36:16.036][192.168.8.247:61360] server disconnect gs-loc.apple.com:443 (17.36.206.5:443) https://gs-loc.apple.com/clls/wloc b'\x00\x01\x00\x00\x00\x01\x00\x00\x00\x19\n\x1142:75:c3:f9:a1:39\xf8\x01\x01\x80\x02\x02' Overwritten 192.168.8.247:61360: POST https://gs-loc.apple.com/clls/wloc HTTP/2.0 << HTTP/1.1 200 OK 52b [11:36:16.135][192.168.8.247:61360] client disconnect [11:36:16.871][192.168.8.247:61361] client connect [11:36:16.902][192.168.8.247:61361] server connect stocks-data-service.apple.com:443 (23.220.251.209:443) https://stocks-data-service.apple.com/sparklines?ticker=AAPL&ticker=BA&ticker=BRK-B&ticker=DIS&ticker=GE&ticker=HD&ticker=NKE&ticker=SBUX&ticker=%5EDJI&ticker=%5EGSPC 192.168.8.247:61361: GET https://stocks-data-service.apple.com/sparklines?ticker=AAPL&ticker=BA&ticker=BRK-B&ticker=DIS&… HTTP/2.0 << HTTP/2.0 200 OK 6.9k https://stocks-data-service.apple.com/api/v1/quote?language=en&region=US&dataSet=quote&symbol=AAPL%2CBA%2CBRK%2DB%2CDIS%2CGE%2CHD%2CNKE%2CSBUX%2C%5EDJI%2C%5EGSPC&treatmentIDs=&accessKey=1743248583_2643442793594709252_Vb6TGAv6Dl7cBvH1buo7jXlpdw3RkdmOKpZVdkC%2BxJJTGhwE%2BNd0YlFfLTDqQCZM 192.168.8.247:61361: GET https://stocks-data-service.apple.com/api/v1/quote?language=en&region=US&dataSet=quote&symbol=A… HTTP/2.0 << HTTP/2.0 200 OK 2.2k [11:36:19.076][192.168.8.247:61362] client connect [11:36:19.110][192.168.8.247:61362] server connect gs-loc.apple.com:443 (17.242.179.27:443) [11:36:19.978][192.168.8.247:61361] client disconnect [11:36:19.980][192.168.8.247:61361] server disconnect stocks-data-service.apple.com:443 (23.220.251.209:443) [11:36:20.781][192.168.8.247:61362] server disconnect gs-loc.apple.com:443 (17.242.179.27:443) https://gs-loc.apple.com/clls/wloc b"\x00\x01\x00\x00\x00\x01\x00\x00\x00\xbe\x125\n\x11aa:d5:9d:58:e9:9d\x12 \x08\x80\xd4\xda\xe6\x0e\x10\xd8\xc7\xc3\xf6\xd8\xff\xff\xff\xff\x01\x18' \x03(\x92\x040\xe8\x07X?\xd3\x03\x125\n\x113c:7c:3f:e4:72:48\x12 \x08\x80\xd4\xda\xe6\x0e\x10\xd8\xc7\xc3\xf6\xd8\xff\xff\xff\xff\x01\x18' \x03(\x92\x040\xe8\x07X?\xd3\x03\x125\n\x118a:d5:9d:58:e9:9d\x12 \x08\x80\xd4\xda\xe6\x0e\x10\xd8\xc7\xc3\xf6\xd8\xff\xff\xff\xff\x01\x18' \x03(\x92\x040\xe8\x07X?`\xd3\x03\n\x117a:d5:9d:58:e9:9d\xf8\x01\x01\x80\x02\x02" Overwritten 192.168.8.247:61362: POST https://gs-loc.apple.com/clls/wloc HTTP/2.0 << HTTP/1.1 200 OK 117b [11:36:20.847][192.168.8.247:61362] client disconnect

terryjools avatar Mar 10 '25 17:03 terryjools

I'll take a look later. Something may have changed such as the initial bytes

acheong08 avatar Mar 10 '25 20:03 acheong08

fixed

acheong08 avatar Aug 28 '25 09:08 acheong08

Also remember to turn on and off location services

acheong08 avatar Aug 28 '25 09:08 acheong08