>> Pokémon GO - REVISITING THE "HACKING" SCENE (PART 1)

If you haven't played Pokémon GO - where have you been the last few months?

In July this year; a relative small mobile games company partnered up with one of the most popular franchises in the gaming work - to release the augmented reality game we all known as Pokémon GO. Niantic, the publisher behind the game built a lot of the game on its existing augmented reality game, Ingress, that was released in 2012 - almost exactly the same in concept but with a more sci-fi feel to it. Grossing $600 million USD in revenue within ninety days of its launch; it is no wonder it has become the interest of hackers worldwide.

In days of the launch; Applidium took the liberty of reverse engineering the android APK and decompiling the application to reveal a tonne of secrets about the game and more importantly - that the company forgot to take the necessary steps to prevent hackers from abusing the companies TOS (terms of service) and allow the development of tools ranging from Pokémon maps to bots that would play the game for you.

All eventually frowned upon by the creators. Some API changes were introduced; then almost immediately broken - the cat and mouse game between the company and hackers starts. Earlier this month; the company did a forced update for the application effectively shutting down a number of these websites that were relying on the 0.35 API to access the likes of Pokedex overviews, live Pokémon spawns and gym information such as the team in control and level.

If, as a player, you have noticed the game starts a little slower and crashed more often - you are not being misguided. With the take down of the 0.35 API, the developer to one of the popular tracking websites wrote an open letter to Niantic expressing their concern as a result of trying to curb third party websites helping trainers fill their pokedex and see important statistics about their Pokémon (such as individual values).

It was time to go into the scene and see the next steps from one side we could explore.

A community was already setup on a Discord channel - so, I joined. It didn't take long to see that there was a complete community working on tracking down the changes and how to get around them to get the trackers and tools back online. A bunch of friendly developers willing to share anything they could figure out to get one step closer to putting the ball back in Niantics court.

The company took the liberty to work on a much closer level with one of its major stake holders, Google, to help deter the use of hacking tools community available with "rooted" android devices and GPS spoofing. At the same time; they brought in a code obfuscation company to make the process of reverse engineering the code much more difficult. To a degree; it worked.

In a week or two; the community figured out how things changed and were seeking the golden hash function that was introduced and also quite difficult to profile and follow - coupled with the lack of ARM assembly experience and tools being blocked for use on the device; progress was slow. However, one of the tracking websites (FastPokeMap) is back online - at limited capacity.

So; how did they do it? Probably not the way the company would have expected them to.

In the next post; I will go into the details of the secret sauce that brought the site back online. One could definitely argue that it is a serious violation of the DMCA - but it wont be long before the hash function is fully reversed; if anything it is definitely intriguing to know how it has been done.