Added obfuscated settings extraction capability

2025-12-23 23:38:45 -05:00 · 2019-08-10 15:30:04 -04:00
parent e3bc993411
commit 4dcebba1e8
9 changed files with 64 additions and 21 deletions
--- a/GM.WindowsUI/GM.WindowsUI.csproj
+++ b/GM.WindowsUI/GM.WindowsUI.csproj
@@ -35,6 +35,9 @@
    <WarningLevel>4</WarningLevel>
  </PropertyGroup>
  <ItemGroup>
+    <Reference Include="GM.SettingsReader">
+      <HintPath>..\Assemblies\GM.SettingsReader.dll</HintPath>
+    </Reference>
    <Reference Include="System" />
    <Reference Include="System.Data" />
    <Reference Include="System.Xml" />
@@ -101,11 +104,14 @@
      <Generator>ResXFileCodeGenerator</Generator>
      <LastGenOutput>Resources.Designer.cs</LastGenOutput>
    </EmbeddedResource>
-    <None Include="config\readme.md" />
+    <Content Include="apk\readme.md">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
    <None Include="Properties\Settings.settings">
      <Generator>SettingsSingleFileGenerator</Generator>
      <LastGenOutput>Settings.Designer.cs</LastGenOutput>
    </None>
+    <None Include="Resources\gm" />
  </ItemGroup>
  <ItemGroup>
    <None Include="App.config" />
--- a/GM.WindowsUI/MainWindow.xaml.cs
+++ b/GM.WindowsUI/MainWindow.xaml.cs
@@ -106,7 +106,7 @@ namespace GM.WindowsUI
                if (string.IsNullOrEmpty(bw.SelectedBrand))
                {
                    MessageBox.Show("You must select a brand!");
-                    App.Current.Shutdown();
+                    Environment.Exit(100);
                    return;
                }

@@ -125,23 +125,25 @@ namespace GM.WindowsUI

        void LoadConfiguration()
        {
-            if (!File.Exists("config\\configuration.json"))
+            if (!Directory.Exists("apk")) Directory.CreateDirectory("apk");
+
+            var fn = (from f in Directory.EnumerateFiles("apk") where System.IO.Path.GetExtension(f).Equals(".apk", StringComparison.OrdinalIgnoreCase) select f).FirstOrDefault();
+
+            if (string.IsNullOrEmpty(fn))
            {
-                MessageBox.Show("You must extract the configuration file from the GM Android App's .apk and copy it to the config folder first.", "Missing configuration");
-                //todo: this doesn't work
-                App.Current.Shutdown();
+                MessageBox.Show("You must copy the Android app's .apk file to the apk folder first.", "Missing apk");
+                Environment.Exit(100);
                return;
            }

            try
            {
-                _globalConfig = JsonConvert.DeserializeObject<GmConfiguration>(File.ReadAllText("Config\\configuration.json", Encoding.UTF8));
+                _globalConfig = JsonConvert.DeserializeObject<GmConfiguration>(GM.SettingsReader.ReadUtility.Read(Properties.Resources.a, Properties.Resources.gm, File.OpenRead(fn)));
            }
            catch (Exception ex)
            {
                MessageBox.Show("Error reading config file: " + ex.ToString(), "Config read error");
-                //todo: this doesn't work
-                App.Current.Shutdown();
+                Environment.Exit(100);
                return;
            }
        }
--- a/GM.WindowsUI/Properties/Resources.Designer.cs
+++ b/GM.WindowsUI/Properties/Resources.Designer.cs
@@ -59,5 +59,24 @@ namespace GM.WindowsUI.Properties {
                resourceCulture = value;
            }
        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to S2myrsCTbJ+EIEvPxwhK0MdUg7BDQgVxmeeAmo/N1FAROjxKFGdeHX/e3euUTRWHYE+H5GC/QZ6B+Jx/UtExhvXPqV1erPLooUxfZ8F8NjCweMrYU9GHWednygG6SMt/l6OwN6+Dz3Llb9DYmPGl0M4ZDOGptLhHGdB633HXssCpU3vLxpK8WWYPwy1Z8m007cNUxxxKUSWDUnh9j29IMmGUDOziDM/A+4NT+7WTtc4GqKURuBJ9b6F4OsMbdKJXU58BLIfqAEZdLMCQAMCIHisvLu3y8qLUrsgoN5S0dUfvpeT1Diy448+3LbRFb8np6iuA4SP8Y/Xh1B/KZGJi3d+DLeZoC+S6CaQSA+bcTmlOSxr6+kwshRNgZl8Jb5bxTsrCb2Iq9OA+74Ofw64vFZgqZZWpkK4jf2eqRGyOayFENEf2hkGOmOJHgKWav/wGEkEoQZu4Cfe3cY+QPlmjglRaRBgjbDJiO8fTm4nACcdOXIP1K+ozK7lfjY/Xn69e [rest of string was truncated]&quot;;.
+        /// </summary>
+        internal static string a {
+            get {
+                return ResourceManager.GetString("a", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized resource of type System.Byte[].
+        /// </summary>
+        internal static byte[] gm {
+            get {
+                object obj = ResourceManager.GetObject("gm", resourceCulture);
+                return ((byte[])(obj));
+            }
+        }
    }
 }
--- a/GM.WindowsUI/Properties/Resources.resx
+++ b/GM.WindowsUI/Properties/Resources.resx
--- a/GM.WindowsUI/Resources/gm
+++ b/GM.WindowsUI/Resources/gm
--- a/GM.WindowsUI/apk/readme.md
+++ b/GM.WindowsUI/apk/readme.md
@@ -0,0 +1 @@
+Place the Android app .apk file in this folder
--- a/GM.WindowsUI/config/readme.md
+++ b/GM.WindowsUI/config/readme.md
@@ -1,5 +0,0 @@
-Extract the decrypted contents of the connection settings file from the Android app's .apk and save in this folder as "configuration.json"
-
-IMPORTANT: If you are able to extract it, DO NOT DISCLOSE the contents of this file. GM went to lengths to keep the contents secret.
-
-I would also advise against sharing the decryption algorithm should you figure it out.
--- a/GM.sln
+++ b/GM.sln
@@ -9,6 +9,7 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "GM.WindowsUI", "GM.WindowsU
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{8DADF6E3-2511-4EE4-849C-CC71C89CBD7E}"
 	ProjectSection(SolutionItems) = preProject
+		Assemblies\GM.SettingsReader.dll = Assemblies\GM.SettingsReader.dll
 		readme.md = readme.md
 	EndProjectSection
 EndProject
--- a/README.md
+++ b/README.md
@@ -9,10 +9,19 @@ Obviously this is unsanctioned. Use at your own risk.
 GM announced that they would be releasing the API in 2013. 6 years later they still refuse to respond to developer requests.
 The API has been reverse engineered via decompilation and protocol interception in order to facilitate interoperability. No copywritten works have been duplicated.

-To use this API you will require a valid client id and client secret. You may email developer@gm.com to request credentials but they have yet to provide any.
-Alternatively you can extract and decrypt them from the Android .apk file.
+You are accepting all responsibility and liability for the use of this content.
+
+# Client Credentials
+To use this API you will require a valid client id and client secret. The correct approach would be to request access from GM at https://developer.gm.com/ or by emailing them at developer.gm.com.
+
+Alternatively (and because GM refuses to respond to developer requests) you can extract the credentials from the Android app's .apk file.
+I am _NOT_ including the source code for this process, but I have included the capability. GM.SettingsReader.dll can do this. I have obfuscated the process.
+
+IMPORTANT: The demo app requires a copy of the Android app's .apk file to be copied to the "apk" folder. It has been tested with the myChevrolet app, version 3.21.0.
+VERY IMPORTANT: Unless you want an international incident on your hands DO NOT SHARE ANY OF THE CONTENTS OF THE SETTINGS FILE ANYWHERE _EVER_!!!!


+# TODO
 This is very early, unpolished, incomplete code. No judgement please.
				`@@ -0,0 +1 @@`
				`Place the Android app .apk file in this folder`