Primer paso de la investigacion. Se aportan el .apk, las carpetas con el apk extraido y el apk descompilado. El archivo API_DOCUMENTATION.md es un archivo donde se anotaran los descubrimientos del funcionamiento de la API, y los .py son scripts para probar la funcionalidad de la API con los métodos que vayamos encontrando. Finalmente, los archivos .js son scripts de Frida para extraer informacion de la APP durante la ejecucion.

2025-12-04 13:59:54 +01:00
parent f2fd1c3bf5
commit e0133d2ca2
10432 changed files with 1019085 additions and 1 deletions
--- a/apk_decompiled/sources/com/google/firebase/storage/GetDownloadUrlTask.java
+++ b/apk_decompiled/sources/com/google/firebase/storage/GetDownloadUrlTask.java
@@ -0,0 +1,53 @@
+package com.google.firebase.storage;
+
+import android.net.Uri;
+import android.text.TextUtils;
+import com.google.android.gms.common.internal.Preconditions;
+import com.google.android.gms.tasks.TaskCompletionSource;
+import com.google.firebase.storage.internal.ExponentialBackoffSender;
+import com.google.firebase.storage.network.GetMetadataNetworkRequest;
+import org.json.JSONObject;
+
+/* loaded from: classes3.dex */
+class GetDownloadUrlTask implements Runnable {
+    private static final String DOWNLOAD_TOKENS_KEY = "downloadTokens";
+    private static final String TAG = "GetMetadataTask";
+    private TaskCompletionSource<Uri> pendingResult;
+    private ExponentialBackoffSender sender;
+    private StorageReference storageRef;
+
+    public GetDownloadUrlTask(StorageReference storageReference, TaskCompletionSource<Uri> taskCompletionSource) {
+        Preconditions.checkNotNull(storageReference);
+        Preconditions.checkNotNull(taskCompletionSource);
+        this.storageRef = storageReference;
+        this.pendingResult = taskCompletionSource;
+        if (storageReference.getRoot().getName().equals(storageReference.getName())) {
+            throw new IllegalArgumentException("getDownloadUrl() is not supported at the root of the bucket.");
+        }
+        FirebaseStorage storage = this.storageRef.getStorage();
+        this.sender = new ExponentialBackoffSender(storage.getApp().getApplicationContext(), storage.getAuthProvider(), storage.getAppCheckProvider(), storage.getMaxOperationRetryTimeMillis());
+    }
+
+    private Uri extractDownloadUrl(JSONObject jSONObject) {
+        String optString = jSONObject.optString(DOWNLOAD_TOKENS_KEY);
+        if (TextUtils.isEmpty(optString)) {
+            return null;
+        }
+        String str = optString.split(",", -1)[0];
+        Uri.Builder buildUpon = this.storageRef.getStorageReferenceUri().getHttpUri().buildUpon();
+        buildUpon.appendQueryParameter("alt", "media");
+        buildUpon.appendQueryParameter("token", str);
+        return buildUpon.build();
+    }
+
+    @Override // java.lang.Runnable
+    public void run() {
+        GetMetadataNetworkRequest getMetadataNetworkRequest = new GetMetadataNetworkRequest(this.storageRef.getStorageReferenceUri(), this.storageRef.getApp());
+        this.sender.sendWithExponentialBackoff(getMetadataNetworkRequest);
+        Uri extractDownloadUrl = getMetadataNetworkRequest.isResultSuccess() ? extractDownloadUrl(getMetadataNetworkRequest.getResultBody()) : null;
+        TaskCompletionSource<Uri> taskCompletionSource = this.pendingResult;
+        if (taskCompletionSource != null) {
+            getMetadataNetworkRequest.completeTask(taskCompletionSource, extractDownloadUrl);
+        }
+    }
+}