mentos1386
/
reverse-engineering-slovenian-railways-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1 Commit 1 Branch 0 Tags 29 KiB
JavaScript 100%
Go to file
Tine Jozelj cfe4a96970
initial commit 		2023-09-25 01:47:25 +02:00
.gitignore initial commit 2023-09-25 01:47:25 +02:00
README.md initial commit 2023-09-25 01:47:25 +02:00
client.js initial commit 2023-09-25 01:47:25 +02:00
frida-script.js initial commit 2023-09-25 01:47:25 +02:00

README.md

Reverse engineering Slovenian Railways API

Endpoints

Base URL: https://eshop.sz.si/SZMobile/

/* renamed from: n2 */
/* loaded from: classes.dex */
public interface SZEshopService {
    @POST("authenticate_enc/")
    ta1<C2980uv> authenticateDevice(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("GetCard_enc/")
    ta1<C2980uv> getCard(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("GetCatalogs/")
    ta1<C2980uv> getCatalogs(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("get_messages_enc/")
    ta1<C2980uv> getMessages(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("GetOvire_enc/")
    ta1<C2980uv> getObstacles(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @Headers({"CONNECT_TIMEOUT:60000", "READ_TIMEOUT:60000", "WRITE_TIMEOUT:60000"})
    @GET("https://eshop.sz.si/Purchase/DownloadReceiptAsPdf")
    Call<ResponseBody> getPdfTicketFile(@Query("receiptNumber") String str);

    @POST("GetProducts_enc/")
    ta1<C2980uv> getProducts(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("GetReceipt_enc/")
    ta1<C2980uv> getReceipt(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("GetRoutesSz_enc/")
    ta1<C2980uv> getRoutes(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("GetStations_enc/")
    ta1<C2980uv> getStations(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("GetSzCardProducts_enc/")
    ta1<C2980uv> getSzCardProducts(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("SetReceipt_enc/")
    ta1<C2980uv> setReceipt(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("SetReceiptSz_enc/")
    ta1<C2980uv> setReceiptNew(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);

    @POST("update_message_enc/")
    ta1<C2980uv> updateMessage(@Body SZEshopEncryptedRequestBody sZEshopEncryptedRequestBody);
}

SZEshopEncryptedRequestBody

{
    "req": "encrypted contents",
    "auth_token": "plain text token, looks like uuid"
}

How to get token?

    @Override // p000.InterfaceSZEshopClient
    public void authenticateDevice(SZResponse<SZResponseAuthnticateDeviceResult> sZResponse, String serial) {
        CryptoUtil.configurePublicAndPrivateKeys(this.sharedPreferences);
        SZAuthenticateDeviceRequest sZAuthenticateDeviceRequest = new SZAuthenticateDeviceRequest();
        sZAuthenticateDeviceRequest.setDevice_serial(serial); // can be anything?
        sZAuthenticateDeviceRequest.setDevice_description(C1954lk.f7875a); // "Android " + Build.VERSION.SDK_INT + "/" + Build.MANUFACTURER + " " + Build.MODEL
        sZAuthenticateDeviceRequest.setApp_version("1.0.26");
        sZAuthenticateDeviceRequest.setPlatform_id(C2407pb.f9245a.intValue()); // 1
        sZAuthenticateDeviceRequest.setKey(CryptoUtil.encryptPartAES());
        sZAuthenticateDeviceRequest.setPublic_key(CryptoUtil.getShortPublicKey());
        getData(this.service.authenticateDevice(getRequest(sZAuthenticateDeviceRequest)), sZResponse, SZResponseAuthnticateDeviceResult.class, true);
    }

How to perform encryption and decryption?

    /* renamed from: a */
    public static byte[] AESDecryptResponse(byte[] response, Context context) {
        if (deviceAuthenticationKey != null) {
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                cipher.init(2, new SecretKeySpec(deviceAuthenticationKey, "AES"), new IvParameterSpec(m9812g()));
                return cipher.doFinal(response);
            } catch (Exception e) {
                String str = className;
                Logger.verbose(str, "AESDecryptResponse: " + e.getMessage());
                e.printStackTrace();
                return null;
            }
        }
        return m9802p(m9799v(response, context));
    }

    /* renamed from: b */
    public static String AESEncryptRequest(String request, Context context) {
        if (deviceAuthenticationKey != null) {
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                cipher.init(1, new SecretKeySpec(deviceAuthenticationKey, "AES"), new IvParameterSpec(m9812g()));
                return Base64.encodeToString(cipher.doFinal(request.getBytes()), 2);
            } catch (Exception e) {
                String str = className;
                Logger.verbose(str, "AESEncryptRequest: " + e.getMessage());
                e.printStackTrace();
                return null;
            }
        }
        return Base64.encodeToString(m9798w(m9814e(request.getBytes()), context), 2);
    }