Sander van Vliet
Sander van Vliet
I’ve put together a PR that is a step in supporting this (See PR #367), would love to hear some feedback
I’ve been banging my head against this with recompiling the APK after attempting to stub out the pinning in the okhttp client but so far no luck. I did find...
Once I have them I'll share them. As far as MTIM'ing goes, I've tried with Fiddler but it seems to be doing HTTP `CONNECT`s and I haven't been able to...
I've got a gist ready that can decrypt the values out of `smali\de\audi\onetouch\backend\Secrets.smali.smali` (after unpacking with apktool), you can find it here: https://gist.github.com/sandermvanvliet/1e5c0143d5a7272105030139e927811f
Nope that's from the decompiled sources.
Supposedly the client id for the IDK endpoint should be `NdeSOLIavPcLo520L1mg` but doing a `/token` POST doesn't work yet...
Ok it turns out that this is a key to a keychain in the app. Digging further
Ok so I’ve finally gotten past the certificate pinning. I’ll trace the logon stuff tomorrow, I’m getting there 👍
I've created a postman collection that has the full authentication flow working. You can find it [here](https://gist.github.com/sandermvanvliet/f97a916ba43b676948d27574373a2c86) One thing I noticed is that at step 7 it sometimes already returns...
I've just found this issue after some googling and wanted to add some additional details. When you set `Name` in your `App.xaml` but package your app in a bundle you'll...