Submit custom nickname about whatsapi HOT 11 CLOSED

According to logging in on the Android app, only Windows Phone and iOS WA apps use that field. But, yeah, I was going to try to figure out which byte that was. Nice to leave your signature in, Ahmed, but it is visible to iOS and WP users :)

from whatsapi.

I'm curriently working to "decompile" the whole stuff which is transmitted. If I guess right than it is this here:
<presence name="Nickname" />
It seems that everything is transmitted in a kind of package which begins with a 0x00 folowed with the package sizeshort (2 bytes) which contains the package length. The next relevent part is the 0xfc which is some kind of identifier for a custom string which is not in the dictionary, however the next byte is the size of that string so this one also needs to be touched.

from whatsapi.

Yeah, I've done some figuring out of a lot of the stuff on the incoming side, coming to the conclusion that a few others have, that the comm is done via some kind of binary-coded-tokenized-XMPP.

It looks like 0xfc == 252, assuming incoming and outgoing use the same tokenization, 0xfc should be followed by an 8-bit length indicator, then a string.

0x74 = presence, 0xa2 = type, 0xa3 = unavailable, 0x61 = name, 0xfc = start-of-string-length-<-255, length-byte=0x0a, followed by the next ten bytes should decode to "Ahmed Mohd". In xml, this would read something like

presence type="unavailable" name="Ahmed Mohd" /

from whatsapi.

You are right WhatsAPI send out two bytes more which are the type and its value.
Did you try to translate the message send bytes? There are two bytes which confuses me.

<message to="[fa=250]xxxxx" [8a=138=s.whatsapp.net] type="chat"> 8a a2 1b
Right before the numer is a byte 0xFA. I cannot figger out what this mean also after that there is a 0x8A which makes no sense IMHO. Do you have an idea?

Update: I figgered that out. The 250 means here comes a jabber id so it can be translated to "[email protected]" so that makes sense. (Hint: xxxxx is a phonenumber)

from whatsapi.

The name is in this line:
$next = "\x00\x12\xf8\x05\x74\xa2\xa3\x61\xfc\x0a\x41\x68\x6d\x65\x64\x20\x4d\x6f\x68\x64\x00\x15\xf8\x06\x48\x43\x05\xa2\x3a\xf8\x01\xf8\x04\x7b\xbd\x4d\xf8\x01\xf8\x03\x55\x61\x24\x00\x12\xf8\x08\x48\x43\xfc\x01\x32\xa2\x3a\xa0\x8a\xf8\x01\xf8\x03\x1f\xbd\xb1";

Ahmed Mohd: \x41\x68\x6d\x65\x64\x20\x4d\x6f\x68\x64 (Hex-->String will give ahmed mohd)

from whatsapi.

Is there a solution for this issue? E.g. can it be easily changed into another (nick)name?

from whatsapi.

Sure. You just need to modify the "package size" (first two bytes), the length of the nickname and the nickname itself.

from whatsapi.

Wouldn't it just be easier to add a function to the class that generates the correct $next string, based upon for example on a given (nick)name?

From what I understand, based upon the $next string given by xTraXx that I have to change the first two bytes (e.g.\x00\x12), the hex string itself (e.g. \x41...\x64) and some byte that handles the length as well. I'm in no way familiar with hex, nor the allowed possibilities so a function (or some more information) is appreciated.

from whatsapi.

I can't seem to get it to work, anyone have any clue how to change the (nick)name easily?

from whatsapi.

If you split our beloved $next chunk using \x00 as delimiter you get these three strings:

• \x00\x12\xf8\x05\x74\xa2\xa3\x61\xfc\x0a\x41\x68\x6d\x65\x64\x20\x4d\x6f\x68\x64
• \x00\x15\xf8\x06\x48\x43\x05\xa2\x3a\xf8\x01\xf8\x04\x7b\xbd\x4d\xf8\x01\xf8\x03\x55\x61\x24
• \x00\x12\xf8\x08\x48\x43\xfc\x01\x32\xa2\x3a\xa0\x8a\xf8\x01\xf8\x03\x1f\xbd\xb1

As you can see, there is a format for it:
\x00[length]\xf8[content]

Of course, you can continue splitting each string. For example, first one:

• \x05\x74\xa2\xa3\x61\xfc
• \x0a\x41\x68\x6d\x65\x64\x20\x4d\x6f\x68\x64

This last one contains the nickname preceded by its length (\x0a = 10).

Many of us have tried to change the nickname by replacing corresponding bytes and then changing nickname length and total length to suit the new one. Although completely logical, it simply does not work for unknown reasons.

Another unexplainable fact is found when splitting the third string above:

• \x08\x48\x43\xfc\x01\x32\xa2\x3a\xa0\x8a\xf8
• \x01\xf8
• \x03\x1f\xbd\xb1

As you may noticed, first string is said to have length 8 but it actually has 10 bytes :O

I'll continue my research on this.

from whatsapi.

I have to retract from what I said previously:

Changing the nickname by replacing corresponding bytes and then changing nickname length and total length to suit the new one DOES WORK.

from whatsapi.