1
0
mirror of https://github.com/mbirth/wiki.git synced 2024-12-27 23:24:06 +00:00
wiki.mbirth.de/know-how/hacking/windows-mobile/_posts/2008-09-12-oggsync.md

75 lines
2.3 KiB
Markdown

---
title: OggSync for Windows Mobile
language: en
layout: default
created: 2008-09-12 22:19:31 +0200
updated: 2008-09-12 22:19:31 +0200
toc: false
tags:
- know-how
- hacking
- hardware
- microsoft
- windowsmobile
---
**Tested Version:** 4.19
OggSync connects to `https://oggsync.com/r/r` or `https://oggsync.com/r/e` and sends the entered info (PayPal eMail or
Registration Code) along with some other info. You can find these URLs in cleartext Unicode inside the `ogsync.exe`.
The relevant fields of a `$_SERVER` dump are those:
**PayPal:** (I entered `anon@anon.com` as eMail address.)
~~~
[CONTENT_TYPE] => application/x-www-form-urlencoded
[HTTP_A] => 2008-09-10 3:58 PM
[HTTP_B] => 419
[HTTP_C] => 9465c02d-d768-4892-bc4d-45ea13c042dc
[HTTP_D] => your-gmail@gmail.com
[HTTP_E] =>
[HTTP_F] => 9/12/2008 8:03 PM
[HTTP_G] => 49e744a1-ff3b-40f7-baf0-a96239fa0830
[HTTP_H] => PayPal
[HTTP_I] => anon@anon.com
[HTTP_K] => W. Europe Daylight Time
[HTTP_L] =>
[HTTP_M] => mobile
[CONTENT_LENGTH] => 22
[HTTP_CONNECTION] => Close
[HTTP_EXPECT] => 100-continue
~~~
**Registration Code:** (The `12345` is the code I entered.)
~~~
[CONTENT_TYPE] => application/x-www-form-urlencoded
[HTTP_A] => 2008-09-10 3:58 PM
[HTTP_B] => 419
[HTTP_C] => 9465c02d-d768-4892-bc4d-45ea13c042dc
[HTTP_D] => your-gmail@gmail.com
[HTTP_E] =>
[HTTP_F] => 9/12/2008 8:01 PM
[HTTP_G] => c4781924-a538-41e8-8cb6-624e02b8d271
[HTTP_H] => Registration
[HTTP_I] => 12345
[HTTP_K] => W. Europe Daylight Time
[HTTP_L] =>
[HTTP_M] => mobile
[CONTENT_LENGTH] => 22
[HTTP_CONNECTION] => Close
[HTTP_EXPECT] => 100-continue
~~~
The first UUID in `HTTP_C` might be a unique code to identify your device. The second one changes with every try to
register. There was a post in the [PPCWarez-Forum](http://forum.ppcwarez.org/) that *OggSync* expects the server to
answer with "Pro" if the registration data is correct. Any other answer will be interpreted as failure.
Knowing this, you might wonder what happens if you use your favourite hex-editor, change the URLs to point to a server
you own and put this totally complicated PHP script onto it:
{% highlight php %}
<?php
echo 'Pro';
?>
{% endhighlight %}