Either they have not figured out the latest protection or may be catching up with Niantic is getting boring or no that profitable. For a while, there was a group that runs a hashing-as-a-service with a paid subscription but since a few months ago they haven’t reopened their service. Since the obfuscated version came out, only a few people worked on cracking the new algorithms. Starting from version 0.37 on around second week of September 2016 (which is the first version that supports PGP), Niantic added a very complex obfuscation to the native code, and since then they have changed the hashing method several times, and lately also added encryption. Then things changed when Niantic implemented a complex hashing algorithm for the requests to their servers, but this too was quickly defeated with collaboration from many hackers. In a short amount of time people were making bots and maps. The first few versions of Pokemon GO were not protected at all. I am writing this to clear up some confusion that people have on the current state of Pokemon GO Game/App and PGP reverse engineering. A short history of past reverse engineering attempts
#Codejunkies gotcha code
I am providing a reference implementation for ESP32 so you can test this yourself, the source code DOES NOT INCLUDE the BLOB and DEVICE KEY.īefore I begin, let me start with the current state of Pokemon GO Reverse and PGP reverse engineering. I will explain the complete certification algorithm that I obtain from reverse engineering a PGP clone, and then I will explain how I did the reverse engineering and how you can extract your own blob and key if you want to clone your own device. There have been many attempts to clone this device, but only Datel seems to figure out the algorithm, while the other clones are cloning the exact hardware and firmware.
#Codejunkies gotcha for android
Pokemon GO Plus, (which I will refer from now on as PGP) is a wearable Bluetooth Low Energy (BLE) device to be used with the Pokemon GO game for Android or iOS. Using other’s people blob may be blacklisted in the future (or Niantic may ban your account). I have not figured out how you can generate your own blob and key. However, there is a per device blob used (specific to a Bluetooth Mac Address) for key generation. I have managed to get the certification algorithm. TL DR You can clone a Pokemon GO Plus device that you own.