>> Pokémon GO - REVISITING THE "HACKING" SCENE (PART 1)
If you haven't played Pokémon GO - where have you been the last
In July this year; a relative small mobile games company partnered up
with one of the most popular franchises in the gaming work - to release
the augmented reality game we all known as
Niantic, the publisher behind the game built a lot of the game on its
existing augmented reality game, Ingress, that was released in 2012 -
almost exactly the same in concept but with a more sci-fi feel to it.
Grossing $600 million USD in
within ninety days of its launch; it is no wonder it has
become the interest of hackers worldwide.
In days of the launch;
took the liberty of reverse engineering the android APK and
decompiling the application to reveal a tonne of secrets about the game
and more importantly - that the company forgot to take the necessary
steps to prevent hackers from abusing the companies TOS (terms of service)
and allow the development of tools ranging from Pokémon maps to
bots that would play the game for you.
All eventually frowned upon by the creators. Some API changes were
introduced; then almost immediately broken - the cat and mouse game
between the company and hackers starts. Earlier this month; the company
did a forced update for the application effectively shutting down a
number of these websites that were
on the 0.35 API
to access the likes of Pokedex overviews, live Pokémon spawns
and gym information such as the team in control and level.
If, as a player, you have noticed the game starts a little slower
and crashed more often - you are not being misguided. With the
take down of the 0.35 API, the developer to one of the popular tracking
websites wrote an
open letter to Niantic
expressing their concern as a result of trying to curb third party
websites helping trainers fill their pokedex and see important statistics
about their Pokémon (such as individual values).
It was time to go into the scene and see the next steps from one side we
A community was already setup on a
channel - so, I joined. It didn't take long to see that there was a
complete community working on tracking down the changes and how to
get around them to get the trackers and tools back online. A bunch of
friendly developers willing to share anything they could figure out
to get one step closer to putting the ball back in Niantics court.
The company took the liberty to work on a much closer level with one
of its major stake holders, Google, to help deter the use of hacking
tools community available with "rooted" android devices and GPS spoofing.
At the same time; they brought in a code obfuscation company to make
the process of reverse engineering the code much more difficult. To a
degree; it worked.
In a week or two; the community figured out how things changed and
were seeking the golden hash function that was introduced and also
quite difficult to profile and follow - coupled with the lack of ARM
assembly experience and tools being blocked for use on the device;
progress was slow. However, one of the tracking
(FastPokeMap) is back online - at limited capacity.
So; how did they do it? Probably not the way the company would have
expected them to.
In the next post; I will go into the details of the secret sauce that
brought the site back online. One could definitely argue that it is a
serious violation of the DMCA - but it wont be long before the hash
function is fully reversed; if anything it is definitely intriguing to
know how it has been done.