Skip to content
/ testflight-sniper Public
forked from marioparaschiv/testflight-watcher

Snipes Test Flight apps. Configurable & has the ability to use a burner account for checking the status to avoid bans.

0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

myrayuoo/testflight-sniper

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
config.json
config.json
 
 
package.json
package.json
 
 

Repository files navigation

TestFlight Sniper

Snipes TestFlight beta apps. Configurable & has the ability to use a burner account for checking the status to avoid bans.

Features

  • Independent accounts for both redeeming and checking the status of an app
  • Configurable interval
  • Discord webhook support

Setting Up - Getting Headers & Account IDs

  • We will start off by setting up Fiddler Classic on our iDevice. You may begin by following the steps here.

  • Please make sure you follow this section of the guide in order to decrypt HTTPS traffic successfully:

Image

  • Assuming you have Fiddler Classic successfully set up with HTTPS decryption, you will proceed by grabbing the account id of the request through the network sniffer (Fiddler).

  • An example of an account ID: e1e54b3a-a56c-4c5d-b6t3-08ef3e647de7

  • To obtain the account id you must grab it from the web request that testflight makes when opening the app from the web, you may reproduce this by searching up the desired testflight app you would like to target, then opening it in Safari. The request will look like the following:

  • Once you open that URL, Safari should redirect you to the TestFlight app on your phone, which will initiate the request we are looking to sniff.

  • The request you will have to look for will look similar if not the same as: /v3/accounts/${accountId}/ru/{code}.

Image

  • After selecting the request, proceed to the Headers panel.

  • We can now see the needed headers to apply in our config.json. If you'd like to use the same account for both checking the status of the app and redeeming, fill both of headers.checker and headers.redeemer sections of the config with the same headers.

    Image

  • You may easily copy a header's value by using the right click context menu like so:

Image

  • Once you're done with the headers and still haven't grabbed the account id, you may do so by copying this part of the URL:

Image

  • As said before, if you'd like to use the same account for both checking the status of the app and redeeming, please fill out accountId.checker and accountId.redeemer with the same value in config.json

  • That's all! You may now remove the Certificate Profile from your device by heading to General -> VPN & Device Management and deleting the DO_NOT_TRUST_FiddlerRoot profile.

  • You may also want to remove the proxy we had set earlier by going into WiFi -> Your Network -> (i) icon -> Configure Proxy and setting it to Off

  • Once done, you may proceed to launch the sniper by making sure you have dependencies installed (npm i) and using node . to start the sniper.

About

Snipes Test Flight apps. Configurable & has the ability to use a burner account for checking the status to avoid bans.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 100.0%