Duplicate of #10: New User ID Issues #11
Comments
|
I think posts might not be working. After a "successful" post, I check my own yaks and get an error message |
|
Hey, I got the code working, the problem is that the user ID's your program On Thu, Nov 20, 2014 at 2:13 AM, Dean Dunbar [email protected]
Very Respectfully, |
|
Heres the test ID I have been using: On Thu, Nov 20, 2014 at 7:10 AM, Dennis Devey [email protected] wrote:
Very Respectfully, |
|
Test ID is now banned... damnit. On Thu, Nov 20, 2014 at 7:11 AM, Dennis Devey [email protected] wrote:
Very Respectfully, |
|
I think a cookie needs to be implemented for the API now, so I will look into it. Here is a test ID that works: B6C52E0EA41CBD9D4A1FA7D65C60AA4D |
|
If you could add that to the program, that would be awesome. |
|
B6C52E0EA41CBD9D4A1FA7D65C60AA4D These test ID's do not seem to work anymore. |
|
Is there anyway to generate new ID's? Sent from my iPhone On Nov 24, 2014, at 8:34 PM, "Trevor Hutto" <[email protected]mailto:[email protected]> wrote: B6C52E0EA41CBD9D4A1FA7D65C60AA4D These test ID's do not seem to work anymore, how can I find another? Reply to this email directly or view it on GitHubhttps://github.com//issues/11#issuecomment-64296548. |
|
You can generate ID's, and register them using the API.py, but I have not found a good way of finding IDs that work. |
|
It requires a cookie to be generated now. I need to add it to the API. Sorry, I haven't had much time to work on it. I will work on it tomorrow. B6C52E0EA41CBD9D4A1FA7D65C60AA4D must have gotten banned at some point. |
|
46C8E8491692F83A9D229CA586EE1B52 this key works sometimes. Yik Yak may have some flags in place to stop multiple people using it at the same time. Like geographical restrictions saying that you can't yak somewhere, and then yak somewhere else 100 miles away in less than 5 minutes. |
|
I added the cookie, but it still isn't working with new IDs. |
djtech42
changed the title
|
Don't know if this helps, But if I use my jailbroken iPhone (root access) and remove all APP data and reinstall it of course generates a new "USER ID". If I use this newly generated ID with YikYakTerminal any actions will fail, However if I proceed with some actions such as Upvoting, Commenting through the app itself then try again with the same "USER ID" all actions work perfectly. |
|
Yes, that helps. Is it possible for you to try to generate and register a user_id with YikYakTerminal and try it in the app? |
|
With my limited knowledge in programming, (I just tinker with stuff) I would have to figure out where the "plist" file is located to swap out the ID - This should be easy though. Would it help if I sniff out the requests the app makes when I do actions in the app? |
|
Yes, that would be helpful also, let us know if you get anywhere. |
|
Found the plist, lets see if it's as simple as swapping the ID's |
|
If you could sniff the request when the app is performing registerUser, that would be extremely helpful. |
|
Okay, I am doing that now... So far no luck with swapping IDS as it makes the app unstable and crash. Under Private Documents file named "currentInstallation". - Perhaps a permissions issue I gotta look into. {"classname":"_Installation","data":{"updatedAt":"2014-11-27T15:38:58.797Z","parseVersion":"1.4.2","deviceToken":"4859da5668ff9e40153275848e7c8465e8514124ea1889dffb02c805ecf4dcbc","badge":0,"deviceType":"ios","installationId":"6ddd9774-c606-462f-978e-ded22d3b36bc","channels":["c3C64F319-7515-4749-AE7C-00346E816D51 the above ID 3C64F319-7515-4749-AE7C-00346E816D51 is valid and works |
|
I just noticed that the user ID had leading and trailing c's in that response. I don't know if that would change anything. |
|
Can you find the url for registerUser? |
|
GET /api/registerUser?userID=067542B7-9155-4D4F-80F1-5A72D3C1FDDC&userLat=34.057076&userLong=-117.824496&version=2.1.2&horizontalAccuracy=65.000000&verticalAccuracy=10.000000&altitude=76.308350&floorLevel=0&speed=-1.000000&course=-1.000000&salt=1417103872&hash=%2BY96PUGB2vB6HQD8Y5LeTOBlL0U%3D HTTP/1.1 |
|
After the above you get https://api.parse.com/2/create - POST /2/create HTTP/1.1 THEN https://content.yikyakapi.net/refreshers/locate?latitude=34.057077&longitude=-117.824494 - GET /refreshers/locate?latitude=34.057077&longitude=-117.824494 HTTP/1.1 and finally it uses the east coast URL for the remaining requests..... - perhaps this is the reason?? |
|
Perfect! I'll try it out next time I get the chance. Happy Thanksgiving! |
|
I decompiled the yik yak android apk. Is it illegal for me to post it? I don't have any money, so as long as I don't go to jail I'm cool with it. -------- Original message -------- @brain-murphyhttps://github.com/brain-murphy What source code are you looking at? Reply to this email directly or view it on GitHubhttps://github.com//issues/11#issuecomment-67795370. |
|
@brain-murphy I am not sure if you should post it directly on here, but go ahead and put relevant code into a Pastebin and send a few of us in this thread a PM with the link. |
|
I'd be interested if there's any relevant pastes as well, please -- there's nothing out there for yik yak right now; this is our last, best hope. |
|
If anyone needs valid ID's, I generated ~400 Id's for people to use. |
|
Thank you so much, I was down to two working accounts. How'd you do that? On Sun, Jan 25, 2015 at 10:45 PM, lay295 [email protected] wrote:
Very Respectfully, |
|
Thank you for posting valid IDs. Are these using the old format or new format used by Yik Yak? |
|
@Ankerman I've just set up an android emulator to open the app, grab the userID, upvote a comment, then close and clear app data. For some reason on my Android emulator when I clear app data, it gives me a whole new ID. This is not true on my phone though and gives me the same ID everytime @djtech42 They should all be in the new format, just made them yesterday |
|
@lay295 I will see if I can figure out the format and update the ID generation |
|
Hi all, I have successfully written a working UserID generator. Hopefully I will be able to port it from Java to Python relatively soon. |
|
@richraid21 mind posting the Java? I'm sure there are people here who could help port it. (myself included, possibly) |
|
New version coming out soon to fix the API for the new update |
|
I was able to post with a 200 response after updating the user agent, however posts made via randomly generated user ids seem to be shadowbanned. After posting, it is returned to me in the list of recent yaks, but no one else will be able to see them. In general, it seems the POST request signing still works as long as the user id was generated via the client, but GET request signing for upvoting/downvoting appears to be broken. That is, even with a valid user id, I will get a 401 response when trying to upvote a yak. |
|
I don't currently have the time or the right dev environment to properly reverse engineer this, but maybe someone in this thread is up to the challenge. First get the APK from http://www.apk4fun.com/share/2240/ Request Signing I noticed that the Registration |
|
Hey guys. New here. Been following this issue thread. I haven't been able to figure out the Parse api. It looks like YikYak is using an undocumented v2 api. It uses OAuth and what nots. I just haven't had the time to dig into it further. So it seems that YikYak's servers are communicating with Parse on their end when you send a /registerUser request. It just doesn't seem to error handle correctly. If we could register an ID with Parse, then I think that it would work. |
|
There is some info on the parse creds on a reddit im a part of |
|
if someone would not mind helping me with a php getMessages function that recently stopped working i would not mind getting you the parse info . |
|
Here is the code I have that allows me to pull messages. It seems as though YikYak doesn't authenticate for getMessage. It works for now: http://pastebin.com/Bjzph6BQ Also, I have never done anything on reddit. Would there be a way to get me on that subreddit? |
|
@tutman96 thank you sir! and as promised here is the info on the reddit im a member of , hope it helps! If you would like the info from any specific link just lmk! So I believe to successfully post to YikYak you need to use OAuth authentication (OAuth key possibly derived from Parse?) in the header or you need to register the ID with Parse. Not sure how the parameters for initializing parse are derived (takes some internal values and turns them into the appID and clientKey). Anyway, using Dalvik Debugger in IDA 6.6 (my school provides it :D!) I found the following so far: YikYak_b a.k.a Parse ApplicationID "wMkdjBI4ircsNcRn8mXnBkgH0dwOcrkexrdMY3vY" YikYak_c a.k.a Parse clientKey "GbNFwvFgoUu1wYuwIexNImy8bnSlNhqssG7gd53Y" Once again, I'm not 100% sure how these are derived but I can see the functions in which they are coming from. I will now see how YikYak registers users for their server and Parse (will keep you guys updated if I get anything good). |
|
BUT ...I do have one big issue , we had a system that was making automated requests to getMessages every 10 mins or so, they blocked our ip , we rotated ,blocked , rotated and then they did something that caused even rotating the ip not to work anymore....any idea what they could of done and how to route around it? |
|
@tutman96 things are very slow on the subreddit , the admins are not very responsive but i can see what i can do. Whats ur reddit name? |
|
That subreddit looks like it is on the right track. My reddit username is tutman96. If you could add me, that would be great! I am behind a school's IP so I don't think they would block me as that would block the whole school. About them blocking your ip, what method did you use to rotate it? If it was an "privacy proxy" then they simply could have just blocked the whole pool. |
|
Just changed elastic ips on AWS, whats the solution to get out of this situation, a new instance? and what can we do to avoid it happening again? I tried ur code locally and it works great/super legit , but on my server its just returns nada and ill work on getting you in , its kind of slow lately ,but lots of good info in their from prior threads |
|
They are blocking all AWS IPs. You can look at various HTTPS proxies but the free ones are mostly unreliable and/or blocked. You can also check other cloud providers. |
|
@fresh83 could you add me to this subreddit? My PHP implementation is broken now Edit Fixed my implementation, you need to add an md5 uppercased hash of your user agent (not including the version string) to your GET parameters. However still need to generate new user id's, trying with the pastebin code |
|
@ctrlaltdylan Email me privately [email protected] |
|
@fresh83 , mind if I email you as well?
|
|
Hello everyone , I am first time using parse.com. I am .net developer and want use parse.com with my web api project. I have downloaded one this project from https://codeload.github.com/aldenquimby/parse-csharp/zip/master. i have created parse.com account and i have AppId and RestApiKey but no any idea to completely to set up this project. if any other sample project you have please suggest me example links and videos.. |
|
@fresh83 would you be able to get me into that subreddit? My username is p0wer0n. I have voting working for this project and want to learn more. Thanks. |
For example, typing P goes through the entire process, finishes up and says "Yak Successful :)".
Inputting Y demonstrates that Yakarma has gone up by 2.
However, the post did not go through, nothing changed.
The same thing happens with voting and commenting, the app says the procedure was completed successfully, but nothing happened. The API hasn't been updated that recently, I was wondering if this is a problem for all users or if I am missing something.
Thank you
The text was updated successfully, but these errors were encountered: