New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New Version #89

Open
gidbot opened this Issue Jan 29, 2015 · 188 comments

Comments

Projects
None yet
@gidbot

gidbot commented Jan 29, 2015

In snapchat_agent the version needs to be changed to '9.0.1'

Additionally, has anyone been able to post stories since the update?

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 29, 2015

I'm on the 9.0.2.1 beta and a lot has changed, though posting stories shouldn't give any issues.
how are you uploading stories?

Snowlav commented Jan 29, 2015

I'm on the 9.0.2.1 beta and a lot has changed, though posting stories shouldn't give any issues.
how are you uploading stories?

@gidbot

This comment has been minimized.

Show comment
Hide comment
@gidbot

gidbot Jan 30, 2015

$snapchat = new Snapchat('uname', 'password');
$id = $snapchat->upload(
Snapchat::MEDIA_IMAGE,
file_get_contents('/path/to/image.png')
);
$snapchat->send($id, array('uname'));

gidbot commented Jan 30, 2015

$snapchat = new Snapchat('uname', 'password');
$id = $snapchat->upload(
Snapchat::MEDIA_IMAGE,
file_get_contents('/path/to/image.png')
);
$snapchat->send($id, array('uname'));

@liamcottle

This comment has been minimized.

Show comment
Hide comment
@liamcottle

liamcottle Jan 30, 2015

If you are using the 9.0+ user agent, you need to make sure you have
implemented the new Login parameters.

Check out my working 9.0.2.0 login request here:

http://github.com/liamcottle/snaplib
On 30/01/2015 1:07 pm, "gbrosenthal" notifications@github.com wrote:

In snapchat_agent the version needs to be changed to '9.0.1'

Additionally, has anyone been able to post stories since the update?


Reply to this email directly or view it on GitHub
#89.

liamcottle commented Jan 30, 2015

If you are using the 9.0+ user agent, you need to make sure you have
implemented the new Login parameters.

Check out my working 9.0.2.0 login request here:

http://github.com/liamcottle/snaplib
On 30/01/2015 1:07 pm, "gbrosenthal" notifications@github.com wrote:

In snapchat_agent the version needs to be changed to '9.0.1'

Additionally, has anyone been able to post stories since the update?


Reply to this email directly or view it on GitHub
#89.

@gidbot

This comment has been minimized.

Show comment
Hide comment
@gidbot

gidbot Jan 30, 2015

Logging in isnt the issue. Im able to get users etc... so i know im authenticated

gidbot commented Jan 30, 2015

Logging in isnt the issue. Im able to get users etc... so i know im authenticated

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Jan 30, 2015

Make sure you send all the following data correctly. This hasn't changed at all compared to 8.1.1

User-Agent: Snapchat/9.0.2.0 (Nexus 4; Android 17; gzip)

/bq/retry_post_story

Description

Used to post a story

Request

  • my_story - (Boolean)
  • time - Time to display the snap (Float)
  • group_ids- (Array)
  • media_id - [USERNAME]~[RANDOM UUID] (String)
  • story_timestamp - (Timestamp)
  • zipped - 0 or 1 (Int)
  • caption_text_display - (String)
  • client_id - Same as media_id (String)
  • type - Media type (Int)
  • data - Encoded snap data
  • req_token
  • timestamp
  • username

Response

  • json - (Array)
    • story - (Array)
      • caption_text_display - (String)
      • client_id : Same as media_id (String)
      • id - [USERNAME]~[TIMESTAMP] (String)
      • mature_content - (Boolean)
      • media_id - [USERNAME]~[RANDOM UUID] (String)
      • media_iv - Base64 encoded encryption IV for the snap data (String)
      • media_key - Base64 encoded decryption key for the snap data (String)
      • media_type - Media type (Int)
      • media_url - A URL to fetch the story data, generally https://feelinsonice-hrd.appspot.com/bq/story_blob?story_id=[media_id] (String)
      • thumbnail_iv - Base64 encoded encryption IV for the thumbnail image (String)
      • thumbnail_url - A URL to fetch the thumbnail image, generally https://feelinsonice-hrd.appspot.com/bq/story_thumbnail?story_id=[media_id] (String)
      • time - Number of seconds to display snap (Float)
      • time_left - Time left before expiration of the story (Timestamp)
      • timestamp - Time posted (Timestamp)
      • username - Username of the user who posted the story (String)
      • zipped - (Boolean)

liamjack commented Jan 30, 2015

Make sure you send all the following data correctly. This hasn't changed at all compared to 8.1.1

User-Agent: Snapchat/9.0.2.0 (Nexus 4; Android 17; gzip)

/bq/retry_post_story

Description

Used to post a story

Request

  • my_story - (Boolean)
  • time - Time to display the snap (Float)
  • group_ids- (Array)
  • media_id - [USERNAME]~[RANDOM UUID] (String)
  • story_timestamp - (Timestamp)
  • zipped - 0 or 1 (Int)
  • caption_text_display - (String)
  • client_id - Same as media_id (String)
  • type - Media type (Int)
  • data - Encoded snap data
  • req_token
  • timestamp
  • username

Response

  • json - (Array)
    • story - (Array)
      • caption_text_display - (String)
      • client_id : Same as media_id (String)
      • id - [USERNAME]~[TIMESTAMP] (String)
      • mature_content - (Boolean)
      • media_id - [USERNAME]~[RANDOM UUID] (String)
      • media_iv - Base64 encoded encryption IV for the snap data (String)
      • media_key - Base64 encoded decryption key for the snap data (String)
      • media_type - Media type (Int)
      • media_url - A URL to fetch the story data, generally https://feelinsonice-hrd.appspot.com/bq/story_blob?story_id=[media_id] (String)
      • thumbnail_iv - Base64 encoded encryption IV for the thumbnail image (String)
      • thumbnail_url - A URL to fetch the thumbnail image, generally https://feelinsonice-hrd.appspot.com/bq/story_thumbnail?story_id=[media_id] (String)
      • time - Number of seconds to display snap (Float)
      • time_left - Time left before expiration of the story (Timestamp)
      • timestamp - Time posted (Timestamp)
      • username - Username of the user who posted the story (String)
      • zipped - (Boolean)
@gidbot

This comment has been minimized.

Show comment
Hide comment
@gidbot

gidbot Jan 30, 2015

Sorry, just realized that my example was sending to single users. But i havent been able to do that either haha.

gidbot commented Jan 30, 2015

Sorry, just realized that my example was sending to single users. But i havent been able to do that either haha.

@gidbot

This comment has been minimized.

Show comment
Hide comment
@gidbot

gidbot Jan 30, 2015

But it also looks like a lot of those variables are not set by this library. Ie not in 'function setStory' in the snapchat class, nor 'function post' in the snapchat_agent one

gidbot commented Jan 30, 2015

But it also looks like a lot of those variables are not set by this library. Ie not in 'function setStory' in the snapchat class, nor 'function post' in the snapchat_agent one

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Jan 30, 2015

The library is not exactly up to date, if you want it to work you need to know what the actual application sends to the API, and then you have to add / remove parameters to each request in the library.

Here is some API documentation : https://github.com/JorgenPhi/php-snapchat/wiki/API-v2-Research

liamjack commented Jan 30, 2015

The library is not exactly up to date, if you want it to work you need to know what the actual application sends to the API, and then you have to add / remove parameters to each request in the library.

Here is some API documentation : https://github.com/JorgenPhi/php-snapchat/wiki/API-v2-Research

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 30, 2015

I'm getting real tired of snapchat and their api updates, I'll tell you that much

Snowlav commented Jan 30, 2015

I'm getting real tired of snapchat and their api updates, I'll tell you that much

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Jan 30, 2015

Well the API updates are a good thing, it brings new features to the application for us to use and abuse. We just need to keep up with constantly analyzing the application's API calls.

liamjack commented Jan 30, 2015

Well the API updates are a good thing, it brings new features to the application for us to use and abuse. We just need to keep up with constantly analyzing the application's API calls.

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 30, 2015

The latter is hard though, I do not mind it actually, but snapchat is not only adding user features but I have the feeling they are also making it harder for us to abuse every update.

Snowlav commented Jan 30, 2015

The latter is hard though, I do not mind it actually, but snapchat is not only adding user features but I have the feeling they are also making it harder for us to abuse every update.

@Scape373

This comment has been minimized.

Show comment
Hide comment
@Scape373

Scape373 Jan 30, 2015

Any fix for this yet?
I can login and update snaps and save snaps, but cannot upload or set a story. It just uploads a blank gray thumbnail and disappears when i try to click on it
This literally worked yesterday with no change. I tried updating my user agent to 9.0.2, and 9.0.1 and still doesn't work.. What am i missing?

$final1 = "http://-snip-watermark.php?filename=$value";
$id = $snapchat->upload(
Snapchat::MEDIA_IMAGE,
file_get_contents($final1));
$snapchat->setStory($id,5);

const VERSION = 'Snapchat/9.0.1.0';
CURLOPT_USERAGENT => 'Snapchat/9.0.1.0 (Nexus 4; Android 17; gzip)',

Scape373 commented Jan 30, 2015

Any fix for this yet?
I can login and update snaps and save snaps, but cannot upload or set a story. It just uploads a blank gray thumbnail and disappears when i try to click on it
This literally worked yesterday with no change. I tried updating my user agent to 9.0.2, and 9.0.1 and still doesn't work.. What am i missing?

$final1 = "http://-snip-watermark.php?filename=$value";
$id = $snapchat->upload(
Snapchat::MEDIA_IMAGE,
file_get_contents($final1));
$snapchat->setStory($id,5);

const VERSION = 'Snapchat/9.0.1.0';
CURLOPT_USERAGENT => 'Snapchat/9.0.1.0 (Nexus 4; Android 17; gzip)',

@gidbot

This comment has been minimized.

Show comment
Hide comment
@gidbot

gidbot Jan 30, 2015

I've been able to upload (get a 200 Response), but I havent been able to send single snaps or set my story. If anyone has been able to get this library working in the last couple days, please share.

gidbot commented Jan 30, 2015

I've been able to upload (get a 200 Response), but I havent been able to send single snaps or set my story. If anyone has been able to get this library working in the last couple days, please share.

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 30, 2015

Are you uploading a JPG image ?
What responses do you get?

Can you elaborate "I can login and update snaps and save snaps, but cannot upload or set a story. It just uploads a blank gray thumbnail and disappears when i try to click on it"
Do you mean on the application?

Snowlav commented Jan 30, 2015

Are you uploading a JPG image ?
What responses do you get?

Can you elaborate "I can login and update snaps and save snaps, but cannot upload or set a story. It just uploads a blank gray thumbnail and disappears when i try to click on it"
Do you mean on the application?

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 30, 2015

Remember this lib is outdated guys, if you are mixing new headers with old endpoints, or old endpoints with new endpoints etc, it will not work.
Which endpoint are you guys using to login and which are you using to set story.

In the new versions of snapchat you no longer need to use upload and send but simply post to story.

We need more information than that is given right now.

Snowlav commented Jan 30, 2015

Remember this lib is outdated guys, if you are mixing new headers with old endpoints, or old endpoints with new endpoints etc, it will not work.
Which endpoint are you guys using to login and which are you using to set story.

In the new versions of snapchat you no longer need to use upload and send but simply post to story.

We need more information than that is given right now.

@JorgenPhi

This comment has been minimized.

Show comment
Hide comment
@JorgenPhi

JorgenPhi Jan 30, 2015

Owner

Speaking of outdated, if anyone wants access to accept pull changes and
write to the repo directly, let me know. I don't have the time to keep this
relevant.
On Jan 30, 2015 2:14 PM, "Snowlav" notifications@github.com wrote:

Remember this lib is outdated guys, if you are mixing new headers with old
endpoints, or old endpoints with new endpoints etc, it will not work.
Which endpoint are you guys using to login and which are you using to set
story.

In the new versions of snapchat you no longer need to use upload and send
but simply post to story.

We need more information than that is given right now.


Reply to this email directly or view it on GitHub
#89 (comment)
.

Owner

JorgenPhi commented Jan 30, 2015

Speaking of outdated, if anyone wants access to accept pull changes and
write to the repo directly, let me know. I don't have the time to keep this
relevant.
On Jan 30, 2015 2:14 PM, "Snowlav" notifications@github.com wrote:

Remember this lib is outdated guys, if you are mixing new headers with old
endpoints, or old endpoints with new endpoints etc, it will not work.
Which endpoint are you guys using to login and which are you using to set
story.

In the new versions of snapchat you no longer need to use upload and send
but simply post to story.

We need more information than that is given right now.


Reply to this email directly or view it on GitHub
#89 (comment)
.

@Scape373

This comment has been minimized.

Show comment
Hide comment
@Scape373

Scape373 Jan 30, 2015

So what you are saying is my code should look more like this now?:

It's still not working.. :(

Gets contents of folder
uploads the images in the folder

$directory = 'saved';
$scanned = array_diff(scandir($directory), array('..', '.'));
foreach($scanned as $value){
//Watermark
$snapchat->setStory($value,5);
var_dump($value);
}

$value comes out as a string:
string '6.jpg' (length=5)

Scape373 commented Jan 30, 2015

So what you are saying is my code should look more like this now?:

It's still not working.. :(

Gets contents of folder
uploads the images in the folder

$directory = 'saved';
$scanned = array_diff(scandir($directory), array('..', '.'));
foreach($scanned as $value){
//Watermark
$snapchat->setStory($value,5);
var_dump($value);
}

$value comes out as a string:
string '6.jpg' (length=5)

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Jan 31, 2015

Logging in with 9.0.2.0's API is pratically impossible for the Android version. They have started checking device tokens, so you need to fetch a valid device token before logging in, and there is a new "Authorization" header containing a Google OAuth2 token....

liamjack commented Jan 31, 2015

Logging in with 9.0.2.0's API is pratically impossible for the Android version. They have started checking device tokens, so you need to fetch a valid device token before logging in, and there is a new "Authorization" header containing a Google OAuth2 token....

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 31, 2015

@cuonic isn't the google oath2 token optional, and by device token do you mean a device ID ?
These can be generated pretty easy right ?

Snowlav commented Jan 31, 2015

@cuonic isn't the google oath2 token optional, and by device token do you mean a device ID ?
These can be generated pretty easy right ?

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Jan 31, 2015

It's no longer option, if you don't provide the "ptoken" on login you
get "401 UNAUTHORIZED", if you create one randomly you get "Oh no! Your
login temporarily failed, so please try again later. If your login
continues to fail, please visit
https://support.snapchat.com/a/failed-login :)"

The message doesn't change when adding or removing the Authorization header

On 31/01/2015 18:49, Snowlav wrote:

@cuonic https://github.com/cuonic isn't the google oath2 token
optional, and by device token do you mean a device ID ?
These can be generated pretty easy right ?


Reply to this email directly or view it on GitHub
#89 (comment).

liamjack commented Jan 31, 2015

It's no longer option, if you don't provide the "ptoken" on login you
get "401 UNAUTHORIZED", if you create one randomly you get "Oh no! Your
login temporarily failed, so please try again later. If your login
continues to fail, please visit
https://support.snapchat.com/a/failed-login :)"

The message doesn't change when adding or removing the Authorization header

On 31/01/2015 18:49, Snowlav wrote:

@cuonic https://github.com/cuonic isn't the google oath2 token
optional, and by device token do you mean a device ID ?
These can be generated pretty easy right ?


Reply to this email directly or view it on GitHub
#89 (comment).

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 31, 2015

hmm so we would need to fetch valid info first using fiddlr or something alike, and once logged in store auth token, that is if we are using the 9.0.2.0 api.
Is this correct, or not possible?

Snowlav commented Jan 31, 2015

hmm so we would need to fetch valid info first using fiddlr or something alike, and once logged in store auth token, that is if we are using the 9.0.2.0 api.
Is this correct, or not possible?

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Jan 31, 2015

Yeah, but that's not really a solution, you shouldn't have to run the
official application along side just to get tokens, we need to emulate this.

On 31/01/2015 18:56, Snowlav wrote:

hmm so we would need to fetch valid info first using fiddlr or
something alike, and once logged in store auth token, that is if we
are using the 9.0.2.0 api.
Is this correct, or not possible?


Reply to this email directly or view it on GitHub
#89 (comment).

liamjack commented Jan 31, 2015

Yeah, but that's not really a solution, you shouldn't have to run the
official application along side just to get tokens, we need to emulate this.

On 31/01/2015 18:56, Snowlav wrote:

hmm so we would need to fetch valid info first using fiddlr or
something alike, and once logged in store auth token, that is if we
are using the 9.0.2.0 api.
Is this correct, or not possible?


Reply to this email directly or view it on GitHub
#89 (comment).

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 31, 2015

I like this challenge

Snowlav commented Jan 31, 2015

I like this challenge

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 31, 2015

But I question if it's feasible

Snowlav commented Jan 31, 2015

But I question if it's feasible

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 31, 2015

is it possible to bring out an api lib for a previous no longer supported by snapchat version, without getting our accounts banned?

Snowlav commented Jan 31, 2015

is it possible to bring out an api lib for a previous no longer supported by snapchat version, without getting our accounts banned?

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Jan 31, 2015

Well using 8.1.1's API for the moment will probably work for a while,
but then they will kill it.

On 31/01/2015 19:05, Snowlav wrote:

is it possible to bring out an api for a previous no longer supported
by snapchat version, without getting our accounts banned?


Reply to this email directly or view it on GitHub
#89 (comment).

liamjack commented Jan 31, 2015

Well using 8.1.1's API for the moment will probably work for a while,
but then they will kill it.

On 31/01/2015 19:05, Snowlav wrote:

is it possible to bring out an api for a previous no longer supported
by snapchat version, without getting our accounts banned?


Reply to this email directly or view it on GitHub
#89 (comment).

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 31, 2015

Any other options? Long term solutions?

Snowlav commented Jan 31, 2015

Any other options? Long term solutions?

@hako

This comment has been minimized.

Show comment
Hide comment
@hako

hako Jan 31, 2015

Collaborator

I've seen the OAuth thing before it became mandatory in the beta, AFAIK it looks like signing up does not have to use OAuth though. And the ptoken is new to me.

@Snowlav We can only look inside the APK I guess, unless there are other solutions.

Collaborator

hako commented Jan 31, 2015

I've seen the OAuth thing before it became mandatory in the beta, AFAIK it looks like signing up does not have to use OAuth though. And the ptoken is new to me.

@Snowlav We can only look inside the APK I guess, unless there are other solutions.

@Snowlav

This comment has been minimized.

Show comment
Hide comment
@Snowlav

Snowlav Jan 31, 2015

@hako inside the APK you mean modding the apk or reverse engineering it in the hopes of finding a solution?

Snowlav commented Jan 31, 2015

@hako inside the APK you mean modding the apk or reverse engineering it in the hopes of finding a solution?

@liamcottle

This comment has been minimized.

Show comment
Hide comment
@liamcottle

liamcottle Jan 31, 2015

ptoken is the Google Cloud Messaging Registration ID, it's the same value that you post to /ph/device in the device_token param. It's used by the snapchat server to send notifications to your device via GCM.

As for logging in, I have noticed they have made the header Authorization mandatory. Also, it must be a valid one...

If you pass a blank value in the Authorization header, you'll get a 401, the snapchat server checks the Google servers (I guess) to check if the Bearer value is legit, if not 401...

I have made a successful login by using an already created bearer for the Authorization header from a snapchat app login request.

So, if we can make valid value for the Authorization header, we can get in.

liamcottle commented Jan 31, 2015

ptoken is the Google Cloud Messaging Registration ID, it's the same value that you post to /ph/device in the device_token param. It's used by the snapchat server to send notifications to your device via GCM.

As for logging in, I have noticed they have made the header Authorization mandatory. Also, it must be a valid one...

If you pass a blank value in the Authorization header, you'll get a 401, the snapchat server checks the Google servers (I guess) to check if the Bearer value is legit, if not 401...

I have made a successful login by using an already created bearer for the Authorization header from a snapchat app login request.

So, if we can make valid value for the Authorization header, we can get in.

@liamcottle

This comment has been minimized.

Show comment
Hide comment
@liamcottle

liamcottle Feb 12, 2015

I don't think story blobs are unencrypted, though I highly doubt they'd unencrypt those...

However, I just checked the old user agent, and that returns unencrypted blobs as well...

So they must be working on the API right now or something, because they were all encrypted about 20 minutes ago, and now they're not, so the server must pre-decrypt them all now..

... and I guess the new update to the snapchat app will stop encrypting them.

liamcottle commented Feb 12, 2015

I don't think story blobs are unencrypted, though I highly doubt they'd unencrypt those...

However, I just checked the old user agent, and that returns unencrypted blobs as well...

So they must be working on the API right now or something, because they were all encrypted about 20 minutes ago, and now they're not, so the server must pre-decrypt them all now..

... and I guess the new update to the snapchat app will stop encrypting them.

@liamcottle

This comment has been minimized.

Show comment
Hide comment
@liamcottle

liamcottle Feb 12, 2015

I was working on some things, and all of a sudden decryption was failing... so looked at blob data, not even encrypted...

liamcottle commented Feb 12, 2015

I was working on some things, and all of a sudden decryption was failing... so looked at blob data, not even encrypted...

@LinoSuarez

This comment has been minimized.

Show comment
Hide comment
@LinoSuarez

LinoSuarez Feb 12, 2015

Contributor

Some time ago they says they where going to release an API maybe something
of that is going on

On Thursday, February 12, 2015, Liam Cottle notifications@github.com
wrote:

I don't think story blobs are unencrypted, though I highly doubt they'd
unencrypt those...

However, I just checked the old user agent, and that returns unencrypted
blobs as well...

So they must be working on the API right now or something, because they
were all encrypted about 20 minutes ago, and now they're not, so the server
must pre-decrypt them all now..

... and I guess the new update to the snapchat app will stop encrypting
them.


Reply to this email directly or view it on GitHub
#89 (comment)
.

Contributor

LinoSuarez commented Feb 12, 2015

Some time ago they says they where going to release an API maybe something
of that is going on

On Thursday, February 12, 2015, Liam Cottle notifications@github.com
wrote:

I don't think story blobs are unencrypted, though I highly doubt they'd
unencrypt those...

However, I just checked the old user agent, and that returns unencrypted
blobs as well...

So they must be working on the API right now or something, because they
were all encrypted about 20 minutes ago, and now they're not, so the server
must pre-decrypt them all now..

... and I guess the new update to the snapchat app will stop encrypting
them.


Reply to this email directly or view it on GitHub
#89 (comment)
.

@liamcottle

This comment has been minimized.

Show comment
Hide comment
@liamcottle

liamcottle Feb 12, 2015

Could be... But I highly doubt they're going to even release an API...

Just all talk to keep us waiting... Because the whole point of snapchat is to send media that will be gone shortly after, and if they released a public API to download snaps, then it would make their whole system pointless.

liamcottle commented Feb 12, 2015

Could be... But I highly doubt they're going to even release an API...

Just all talk to keep us waiting... Because the whole point of snapchat is to send media that will be gone shortly after, and if they released a public API to download snaps, then it would make their whole system pointless.

@liamcottle

This comment has been minimized.

Show comment
Hide comment
@liamcottle

liamcottle Feb 14, 2015

Looking into it a bit more, I reckon snapchat is sending ping requests to their server via their chat socket... and flagging accounts that's don't ping... Could be something to look into?

liamcottle commented Feb 14, 2015

Looking into it a bit more, I reckon snapchat is sending ping requests to their server via their chat socket... and flagging accounts that's don't ping... Could be something to look into?

@KyleBoyer

This comment has been minimized.

Show comment
Hide comment
@KyleBoyer

KyleBoyer Feb 14, 2015

Also when sending data, through charles proxy it looks like there is an extra parameter under data as seen here: http://s10.postimg.org/66bhe8ovd/namedata.png
Notice: filename="data"

---Edit:
Just found a way to do this, however I get back an UNAUTHORIZED header...
Code:

if (!$multipart) {
            $data = http_build_query($data);
        }else{
            $datas = "--".$boundary."\r\n" . 'Content-Disposition: form-data; name="req_token"' . "\r\n\r\n" . self::hash($params[0], $params[1]) . "\r\n";
            foreach ($data as $key => $value){
                if($key == "req_token") continue;
                if($key != 'data'){
                    $datas .= "--".$boundary."\r\n" . 'Content-Disposition: form-data; name="' . $key . '"' . "\r\n\r\n" . $value . "\r\n";
                }else{
                    $datas .= "--".$boundary."\r\n" . 'Content-Disposition: form-data; name="data"; filename="data"'."\r\n" . 'Content-Type: application/octet-stream'."\r\n\r\n" . $value . "\r\n";
                }
            }
            $data = $datas . "--".$boundary."--";
        }

KyleBoyer commented Feb 14, 2015

Also when sending data, through charles proxy it looks like there is an extra parameter under data as seen here: http://s10.postimg.org/66bhe8ovd/namedata.png
Notice: filename="data"

---Edit:
Just found a way to do this, however I get back an UNAUTHORIZED header...
Code:

if (!$multipart) {
            $data = http_build_query($data);
        }else{
            $datas = "--".$boundary."\r\n" . 'Content-Disposition: form-data; name="req_token"' . "\r\n\r\n" . self::hash($params[0], $params[1]) . "\r\n";
            foreach ($data as $key => $value){
                if($key == "req_token") continue;
                if($key != 'data'){
                    $datas .= "--".$boundary."\r\n" . 'Content-Disposition: form-data; name="' . $key . '"' . "\r\n\r\n" . $value . "\r\n";
                }else{
                    $datas .= "--".$boundary."\r\n" . 'Content-Disposition: form-data; name="data"; filename="data"'."\r\n" . 'Content-Type: application/octet-stream'."\r\n\r\n" . $value . "\r\n";
                }
            }
            $data = $datas . "--".$boundary."--";
        }
@realmuster

This comment has been minimized.

Show comment
Hide comment
@realmuster

realmuster Feb 26, 2015

@LinoSuarez can you please accept my friend request on skype? ;)

realmuster commented Feb 26, 2015

@LinoSuarez can you please accept my friend request on skype? ;)

@jvkassi

This comment has been minimized.

Show comment
Hide comment
@jvkassi

jvkassi Mar 6, 2015

@JorgenPhi add me too. bellamy-fan

jvkassi commented Mar 6, 2015

@JorgenPhi add me too. bellamy-fan

@iguanaman

This comment has been minimized.

Show comment
Hide comment
@iguanaman

iguanaman Mar 18, 2015

@LinoSuarez sent you a skype request with details, thanks

iguanaman commented Mar 18, 2015

@LinoSuarez sent you a skype request with details, thanks

@andresarocho

This comment has been minimized.

Show comment
Hide comment
@andresarocho

andresarocho Mar 22, 2015

@LinoSuarez Can you please add volcom526

andresarocho commented Mar 22, 2015

@LinoSuarez Can you please add volcom526

@adriancooney

This comment has been minimized.

Show comment
Hide comment
@adriancooney

adriancooney Mar 28, 2015

@LinoSuarez add me too? cooney.adrian. Cheers for the good work guys!

btw, http://slack.com is where it's at nowadays for chat! A group for this would go down a treat.

adriancooney commented Mar 28, 2015

@LinoSuarez add me too? cooney.adrian. Cheers for the good work guys!

btw, http://slack.com is where it's at nowadays for chat! A group for this would go down a treat.

@hako hako referenced this issue Apr 8, 2015

Closed

Private group chat? #72

@jalandro

This comment has been minimized.

Show comment
Hide comment
@jalandro

jalandro Apr 10, 2015

See Gitter for chat group at github. https://gitter.im/

@JorgenPhi
Please consider making a team with @cuonic and @mgp25 (They have great forks).

jalandro commented Apr 10, 2015

See Gitter for chat group at github. https://gitter.im/

@JorgenPhi
Please consider making a team with @cuonic and @mgp25 (They have great forks).

@niober

This comment has been minimized.

Show comment
Hide comment
@niober

niober Jul 22, 2015

Okey I think you will be really interested in what I have to say here. I have ALMOST solved the whole snapchat downgrade problem. I can tell you all about how but first in need someone's help here. Now I have successfully installed snapchat 6.1.1 on my jailbroken iPhone 4 ios 7.1.2. When I open snapchat 6.1.1 there is no crash and I can successfully watch my friends story's and also load story's. The problem is that I can't upload story's, I can't load snaps that I got and I can't send snaps either. So If someone know how to fix that problem then I think we have solved the whole problem;)

niober commented Jul 22, 2015

Okey I think you will be really interested in what I have to say here. I have ALMOST solved the whole snapchat downgrade problem. I can tell you all about how but first in need someone's help here. Now I have successfully installed snapchat 6.1.1 on my jailbroken iPhone 4 ios 7.1.2. When I open snapchat 6.1.1 there is no crash and I can successfully watch my friends story's and also load story's. The problem is that I can't upload story's, I can't load snaps that I got and I can't send snaps either. So If someone know how to fix that problem then I think we have solved the whole problem;)

@KiranPanesar

This comment has been minimized.

Show comment
Hide comment
@KiranPanesar

KiranPanesar Jul 22, 2015

@niober This is using the Android API?

KiranPanesar commented Jul 22, 2015

@niober This is using the Android API?

@vivijimmy

This comment has been minimized.

Show comment
Hide comment
@vivijimmy

vivijimmy Sep 1, 2015

@cuonic Hey, in your code 'Authorization: AidLogin 3976909495270287464:285036945524349568', I know the 3976909495270287464 should be the Android_id, but what is that 285036945524349568? Thanks!

vivijimmy commented Sep 1, 2015

@cuonic Hey, in your code 'Authorization: AidLogin 3976909495270287464:285036945524349568', I know the 3976909495270287464 should be the Android_id, but what is that 285036945524349568? Thanks!

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Sep 1, 2015

I obtained it by sniffing the GCM registration request, but according to this document (Page 4) the format is android-id:device-token.

liamjack commented Sep 1, 2015

I obtained it by sniffing the GCM registration request, but according to this document (Page 4) the format is android-id:device-token.

@vivijimmy

This comment has been minimized.

Show comment
Hide comment
@vivijimmy

vivijimmy Sep 1, 2015

@cuonic Hmm, I used uploadDeviceConfig and got the device token something like 1440513696098*����blahblah, which seems not the number after the android_id. I read the same document too and I knew it said that number was device token. Were you using uploadDeviceConfig? Or "checkin" API?

vivijimmy commented Sep 1, 2015

@cuonic Hmm, I used uploadDeviceConfig and got the device token something like 1440513696098*����blahblah, which seems not the number after the android_id. I read the same document too and I knew it said that number was device token. Were you using uploadDeviceConfig? Or "checkin" API?

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Sep 1, 2015

That's more a timestamp than a device token. I didn't use either of them endpoints, where is uploadDeviceConfig from ?

liamjack commented Sep 1, 2015

That's more a timestamp than a device token. I didn't use either of them endpoints, where is uploadDeviceConfig from ?

@vivijimmy

This comment has been minimized.

Show comment
Hide comment
@vivijimmy

vivijimmy Sep 1, 2015

@cuonic I tried to sniff all the data out and in for Google Play application and I found it could only send this Authorization: AidLogin android_id:unknown_number. In all the data comes back from Google Play I can not find out the same number as the unknown_number after android_id here. I think it should be something Google Play application generated but really curious about what that is... Tried to search all over the Internet but it is very little mentioned.

vivijimmy commented Sep 1, 2015

@cuonic I tried to sniff all the data out and in for Google Play application and I found it could only send this Authorization: AidLogin android_id:unknown_number. In all the data comes back from Google Play I can not find out the same number as the unknown_number after android_id here. I think it should be something Google Play application generated but really curious about what that is... Tried to search all over the Internet but it is very little mentioned.

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Sep 1, 2015

I'm looking into it now, the second item is actually called CheckinTask_securityToken

liamjack commented Sep 1, 2015

I'm looking into it now, the second item is actually called CheckinTask_securityToken

@vivijimmy

This comment has been minimized.

Show comment
Hide comment
@vivijimmy

vivijimmy Sep 1, 2015

@cuonic Great! Many thanks bro! Wow. This CheckinTask_securityToken seems to be written into the CheckinService.xml by Google Play Service. I will find out which writes this and keep you updated.

vivijimmy commented Sep 1, 2015

@cuonic Great! Many thanks bro! Wow. This CheckinTask_securityToken seems to be written into the CheckinService.xml by Google Play Service. I will find out which writes this and keep you updated.

@liamjack

This comment has been minimized.

Show comment
Hide comment
@liamjack

liamjack Sep 1, 2015

the android_id and security_token are provided to the device on their first checkin request (https://android.clients.google.com/checkin). Here is an example of what is sent to the endpoint: https://github.com/nviennot/android-checkin. I'm creating a tool that performs all the required requests in Python at the moment, but this is unrelated to Snapchat so contact me via email.

liamjack commented Sep 1, 2015

the android_id and security_token are provided to the device on their first checkin request (https://android.clients.google.com/checkin). Here is an example of what is sent to the endpoint: https://github.com/nviennot/android-checkin. I'm creating a tool that performs all the required requests in Python at the moment, but this is unrelated to Snapchat so contact me via email.

@whats0n0

This comment has been minimized.

Show comment
Hide comment
@whats0n0

whats0n0 Sep 21, 2015

Has anyone figured out how the iOS authentication works yet or is it being discussed anywhere?

whats0n0 commented Sep 21, 2015

Has anyone figured out how the iOS authentication works yet or is it being discussed anywhere?

@mgp25

This comment has been minimized.

Show comment
Hide comment
@mgp25

mgp25 Sep 21, 2015

@DevHex use this: https://github.com/mgp25/SC-API

Wiki available with all documentation

Regards

mgp25 commented Sep 21, 2015

@DevHex use this: https://github.com/mgp25/SC-API

Wiki available with all documentation

Regards

@whats0n0

This comment has been minimized.

Show comment
Hide comment
@whats0n0

whats0n0 Sep 21, 2015

Yeah I've seen it and it's great, but I want to find out how the X-Snapchat-Client-Auth-Token is generated on iOS without the need of a Google account.

whats0n0 commented Sep 21, 2015

Yeah I've seen it and it's great, but I want to find out how the X-Snapchat-Client-Auth-Token is generated on iOS without the need of a Google account.

@mgp25

This comment has been minimized.

Show comment
Hide comment
@mgp25

mgp25 Sep 21, 2015

@DevHex you will need to reverse iOS app, use IDA or hopper

mgp25 commented Sep 21, 2015

@DevHex you will need to reverse iOS app, use IDA or hopper

@nguyenngoccuong

This comment has been minimized.

Show comment
Hide comment
@nguyenngoccuong

nguyenngoccuong Dec 17, 2015

Is there any solution to generate X-Snapchat-Client-Auth-Token and X-Snapchat-Client-Token, please help me, thanks, my skype: siverrally

nguyenngoccuong commented Dec 17, 2015

Is there any solution to generate X-Snapchat-Client-Auth-Token and X-Snapchat-Client-Token, please help me, thanks, my skype: siverrally

@filfat

This comment has been minimized.

Show comment
Hide comment
@filfat

filfat Jan 13, 2016

Bump the above comment

filfat commented Jan 13, 2016

Bump the above comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment