question #1
Comments
|
@WladyX thanks for reaching out! I am glad you found this useful. I've updated the README as I got similar question by email lately.
Unfortunately, I did not have time to figure out how the communication with the server is done with respect to authentication. But I think after a while you could easily find the login request so you can query JWT on your own, without needing the original app. JWT is valid maybe for a month or so. |
|
@ph4r05 Hello, you helped me with bluetooth packets very well, for this moment I found almost everything request types and responses. This is what I've done for now :) doc.mp4 |
|
@rewhex did you also find the API & JWT? I see you also have a R1 PRO. But not a clue about the API. |
No, because I don't want to use all the API from official app, the only reason to use it is firmware updates, but I think they will release updates not very often, so I will not implement this. If you really need this, you can patch official APK file network config file to support user proxy certificates, and sniff for network traffic on your phone through mitm proxy, read more about it here: mitm.it |
|
@WladyX I've just checked the logs. In the app I am using the JWT token is easy to find, just look for base64-url encoded blob, usually in the cookies. Maybe try looking around logs I usually do adb logcat | tee android.logWhen I see an interesting log I get back to the line in the |
In comment you just published you have your personal JWT, delete it here and/or logout in the app, because someone could use it to make requests |
|
@rewhex thanks for letting me know, I appreciate security-wise thinking :) Birthday format is: "YYYY-MM" |
|
I've just captured a login request. It is a simple HTTPS POST, the password is a simple Response: |
|
Hey, thank you, i saw the api in the code, so i already grepped for walkingpad.com, i suspect it's a different API for R1 PRO. |
|
And i use this one: I'll try the one you are using, i suspect they are compatible. |
WalkingPad app doesn't work for r1 pro, afaik |
|
Did not take your word for it, so i tested, turns out you are correct, it doesn't work for R1 PRO :)) |
|
Recently I purchased R2 (non pro version; CN local version) for example, the app sent |
It's not encrypted, my app handles the same. It's just your phone logging base64 packet as is. My app just not accept R2 at all, and I'm not planning to support it, 'encryption' is not the case. |
|
Well.. I just tested your app during investing packet reference. Maybe China version devices have different packet protocol. |
Do you have another variants of packets? |
|
I got a progress after the message. |
Oh, I just noticed that you have a cn version, I don't know how r1 cn version works, but r1 pro packets seems very different, for example you have readable prop names etc. R1 pro have only bytes with command type: 178, 2, 1 (for example) means "props ControlMode 1". |
|
Can confirm that this works with the Lifespan Fitness - WalkingPad™ M2 Treadmill branded version of this walking pad. Had some issues with getting it going on Windows (probably some issues on my end), although worked perfectly fine on a Raspberry PI with Bluez installed. |
|
Just want to show some progress about creating an emulator R1 (and R2) Pro for my Android client app, as I want to sell my treadmill, on video from left to right: My client app, Telegram bot with the UI, Emulator which works like R1 Pro :) Screen.Recording.2023-04-20.at.9.26.43.PM.mov |
|
Hello, I really appreciate your library. may I ask, does the change_speed works on you guys? |
Hello,
First of all thank you very much for sharing this, it seems to be working with my R1 PRO walkingpad.
Have a few question if you have the time to address them.
Thanks again!
Vlad
The text was updated successfully, but these errors were encountered: