Re: Dump analysis

  • From: Samuel Thurston <samuel-thurston@xxxxxxxxx>
  • To: <galileo@xxxxxxxxxxxxx>
  • Date: Thu, 19 Jun 2014 11:22:53 -0500


On 06/19/2014 10:39 AM, Benoît Allard wrote:
Hi Samuel !

Hello Ben!

On 18 Jun 2014, at 19:26, Samuel Thurston <samuel-thurston@xxxxxxxxx> wrote:

I'm working on analysis of the dump files presently.  Is there any known 
information about the format other that what's currently contained in the 
analyzedump.py?  It's certainly more than is on the wiki but still not much...
There is that java project on GitHub that progressed a bit further than we did: 
https://github.com/hiptopjones/fitbit
This is a helpful resource.  Thank you for pointing it out.

However, that is about the previous version of the dumps, the "unencrypted" 
one. Newer firmware/trackers are not using it any more. For the rest, beside the wiki and 
the code, everything is there. Feel free to update the wiki with informations from other 
sources, that's why it's a wiki !
Now, I am a little unclear on this. The zip tracker appears to still be unencrypted. Also if I understand right the other models are unencrypted "out-of-the-box" until you do a firmware update. Is this a correct understanding?

Has anyone managed to successfully capture the firmware or extract a key for the encrypted versions? Is any part of the communications other than the dumps themselves encrypted?
Also, how certain are you about the device identifiers?  I have a Zip that (I 
believe) is reporting as 0x28.

The values there have been read from dumps, so they are quite accurate, 
however, it could be that the first byte of the dump is not meaning what we 
believe it means ! Which would discard their meaning.
I didn't realize until after I sent this that I was looking at the dumps from my office-neighbor's flex tracker. For some reason even though my zip was closer it wasn't saving dumps/being synced.

My zip did sync however and the identifier is indeed F4. (No reason to panic yet)


Keep us informed about your progresses !
I will contribute what I can. My short-term goal is to create a means of communicating directly with the trackers, bypassing the server sync. I'm only just getting started on this, I still have much to learn. Is "analysedump.py" meant to be stand-alone or are there plans to incorporate analysis into the dump output in future releases?


Regards
Sam

Other related posts: