Read on Twitter
It’s time to have fun!
It's a trap! #douyin
The same way TikTok uploads "app_log", Douyin uploads "app_logs". Yes, it's an HTTP request. It's very common when you analyse Chinese apps.
Another HTTP request to http://beacon-api.aliyuncs.com (Alibaba cloud communication system) with your deviceId in clear text
When you start the app, #Douyin sends your location, bssid, deviceId and other stuff with a HTTP request to http://amdcopen.m.taobao.com
Yes, this is what a privacy nightmare looks like
Yes, this is what a privacy nightmare looks like
These puppies falls are offered by #Douyin
Douyin send your MAC address as a parameter in one of their app_log requests... 
Worth saying, it's a violation of the Google Play Store rules but they don't care, they are not on the Play Store
Worth saying, it's a violation of the Google Play Store rules but they don't care, they are not on the Play Store
If someone from TikTok read this tweet: I know that the nasty stuff are in this encrypted content 
2 apps, same requests: on the left you have TikTok, on the right Douyin. Can you spot the differences?
=> mac_address
=> mac_address
Few weeks ago I decrypted the content of the app_log requests made by TikTok, it's time to do the same thing for Douyin https://medium.com/@fs0c131y/tiktok-logs-logs-logs-e93e8162647a
I need a coffee, meanwhile enjoy this pig 
I'm back. Douyin and TikTok use the same library for the app logs but not the same version
It means the Frida function I made last time for my article is working with Douyin. I get the logs but Douyin shows me a no connection screen
I can bet the version of the "app_log library" in Douyin is the most recent version. Then, they will probably update TikTok.
My last tweet was probably not accurate, I deleted it. If you search Covid19 on #douyin you will get a lot of (old?) videos mocking US politicians/celebrities because they don't know the meaning of Covid19.
If you are a Chinese native speaker, can you tell me what he is saying?
If you are a Chinese native speaker, can you tell me what he is saying?
I understand he is talking about Covid19 and the independance of Taiwan but I don't see the relation between the two...
I'm French, so I searched "sex" on #douyin . This is top video for this keyword. I'm a little bit disappointing 
Joke aside, China is a very different world and it's always interesting to see how they handle "sex videos" on a giant network like douyin
. This is top video for this keyword. I'm a little bit disappointing Joke aside, China is a very different world and it's always interesting to see how they handle "sex videos" on a giant network like douyin
Before closing this thread, let's give a look at the MAC address retrieval methods. First thing, I'm pretty sure they use different ways to get it.
In the a class of the http://com.ss.android .deviceregister package you can find this code.
1) Call e.i method with the Context as a parameter to get the mac
2) Check the shared preferences to see if the MAC address is already saved
1) Call e.i method with the Context as a parameter to get the mac
2) Check the shared preferences to see if the MAC address is already saved
You can cool stuff? Check the http://com.ss.android .deviceregister.d class. The previous i method, which can be renamed getMacAddress, is working like this:
1) Call getMacAddress() from the WifiInfo class
Since Android Marshmallow it returns a default value 02:00:00:00:00:00
1) Call getMacAddress() from the WifiInfo class
Since Android Marshmallow it returns a default value 02:00:00:00:00:00
2) If you get the default value, enumerate the network interfaces as explained in this stackoverflow answer https://stackoverflow.com/questions/33103798/how-to-get-wi-fi-mac-address-in-Android-Marshmallow
Someone asked: yes douyin is also taking the IMEI
Remember the 2nd tweet of this thread? This is why, probably not the only reason, they wanted the phone permission. They take the voicemail number of the user...
They check the running apps...
