tuya-sign-hacking
tuya-sign-hacking copied to clipboard
nalajcie
fixed_key.bmp
Great work reverse engineering the bitmap embedded key, I've been working at this too with small gains.
I was successfully able to use your code to extract the t_s.bmp key from com.tuya.smartlife version 3.8.5, app secret ekmnwp9f5pnh3trdtpgy, extracted key jfg5rs5kkmrj5mxahugvucrsvw43t48x.
Do you have any ideas about what fixed_key.bmp might be?
Hey, sorry for not responding earlier, I was busy with pushing the necessary changes to TuyaAPI/cloud.
Right now you should be able to use the new version (v0.4.0) to access Your devices from the cloud, so You can test the extracted credentials. It would be great if You could create a PR to add credentials for com.tuya.smartlife to the README.md later :).
Regarding the fixed_key.bmp - I haven't researched that, but Tuya app is a mess - there is a separate set of clientId/appSecret in the code which is never used (the code looks like some "sample" implementation) - maybe then the fixed_key.bmp is used? Or maybe it's/will be used in new MQTT sign algorithm?
As I wanted only to gain cloud access to my devices, I didn't look at the code not directly linked with it.
I'll keep this issue open, maybe somebody else will be able solve this mystery in the future :).
hey @kueblc , can you share the secret2 and certsign for the smart life app ?
thnx
ok, found them , maybe usefull for in the readme, these are for smartlife:
{
"key": "ekmnwp9f5pnh3trdtpgy",
"secret": "r3me7ghmxjevrvnpemwmhw3fxtacphyg",
"secret2": "jfg5rs5kkmrj5mxahugvucrsvw43t48x",
"certSign": "0F:C3:61:99:9C:C0:C3:5B:A8:AC:A5:7D:AA:55:93:A2:0C:F5:57:27:70:2E:A8:5A:D7:B3:22:89:49:F8:88:FE"
}