Hongera Tigo kwa tiGo pesa App

[pinno]

Wandugu nimetoka Ku install tigo pesa app via android play store.

Naona inafanya kazi vyema , na imesolve tatzo la jinsi ya kuaccess account yangu ya tigo pesa ambapo saiv naweza kuipata hata kama Nipo mbali na line yangu. Just Kwa kutumia Wi-Fi au kifurushi .

Hope na watani wa jadi wataiga hii, sababu me ni mteja wa Mpesa zaid naomba Voda walete hii hata kesho.

 

[SangaweJr]

Kitu ambacho kina bore watu wengi ni hapo kwenye wi-fi na data, ukiwa huna hivyo haifanyi kazi sasa hapo ingekuwa bora zaidi kama ingekuwa ni offline App, it means kama huna kifurushi unarudi kwenye *150*01#

 

[Singida ndio home]

i hope dis app haitakuwa reversed engineered na hackers just imagine unaeza kuacess hata kwa wifi

 

[SangaweJr]

Mi naisubiri sana ya M-pesa.

 

[Cannabis]

i hope dis app haitakuwa reversed engineered na hackers just imagine unaeza kuacess hata kwa wifi

Hapo sasa ndio patamu...huu mzigo hawajaulinda kabisa...wajanja wameshaufungua.

My advice to tigo try to make it hard kwa wajanja wajanja wasiweze kuona source code kirahisi.
This thing took me a few mins kucheki ni nini wameweka ndani, I could play with it and see how I can make requests kwao nione their responses and find out where the loopholes are,

I hope huko kwenye server kutakuwa kumebanwa zaidi


Kwa wale developers watanielewa manifest ya hii kitu kuna permission hizi:

<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.CALL_PHONE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<uses-permission android:name="android.permission.GET_ACCOUNTS" />


Just a snippet ya code ya kupata balance yako ya tigoPesa account

public class GetBalanceInfoRequest extends BaseTigoHttpRequest
{


private static final String PATH = "GetBalanceInfo/";
private static final Boolean useApigee = Boolean.valueOf(false);
private static final Boolean useApigeeProxy = Boolean.valueOf(true);
private String clientType;
private String msisdn;


public GetBalanceInfoRequest(String s, String s1)
{
super(Actions.GET_BALANCE_INFO, useApigee.booleanValue(), useApigeeProxy.booleanValue());
msisdn = "";
clientType = "";
msisdn = s;
clientType = s1;
}


protected com.tigo.tigoapp.websync.AbstractHttpRequest.ContentType getContentType()
{
return com.tigo.tigoapp.websync.AbstractHttpRequest.ContentType.JSON;
}


protected com.tigo.tigoapp.websync.AbstractHttpRequest.HttpMethod getMethod()
{
return com.tigo.tigoapp.websync.AbstractHttpRequest.HttpMethod.GET;
}


public String getPath()
{
return (new StringBuilder("GetBalanceInfo/")).append(msisdn).append("/").append(clientType).toString();
}


protected void operateWithContent(Response response)
{
Logger.info((new StringBuilder(String.valueOf(getClass().getSimpleName()))).append(response.toString()).toString());
TigoApplication.getInstance().setBalanceController((BalanceInfoResponse)response);
}


protected volatile void operateWithContent(Object obj)
{
operateWithContent((Response)obj);
}


protected Response processContents(String s, Params params)
throws RequestException
{
GsonBuilder gsonbuilder = new GsonBuilder();
gsonbuilder.registerTypeHierarchyAdapter(com/tigo/tigoapp/domain/Response, new JsonDeserializer() {


final GetBalanceInfoRequest this$0;


public Response deserialize(JsonElement jsonelement, Type type, JsonDeserializationContext jsondeserializationcontext)
throws JsonParseException
{
Gson gson1 = new Gson();
Object obj1;
if (!(gson1 instanceof Gson))
{
obj1 = gson1.fromJson(jsonelement, com/tigo/tigoapp/domain/billingInfo/BalanceInfoResponse);
} else
{
obj1 = GsonInstrumentation.fromJson((Gson)gson1, jsonelement, com/tigo/tigoapp/domain/billingInfo/BalanceInfoResponse);
}
return (Response)obj1;
}


public volatile Object deserialize(JsonElement jsonelement, Type type, JsonDeserializationContext jsondeserializationcontext)
throws JsonParseException
{
return deserialize(jsonelement, type, jsondeserializationcontext);
}



{
this$0 = GetBalanceInfoRequest.this;
super();
}
});
Gson gson = gsonbuilder.create();
Object obj;
if (!(gson instanceof Gson))
{
obj = gson.fromJson(s, com/tigo/tigoapp/domain/BaseResponse);
} else
{
obj = GsonInstrumentation.fromJson((Gson)gson, s, com/tigo/tigoapp/domain/BaseResponse);
}
return ((BaseResponse)obj).getResponse();
}


protected volatile Object processContents(String s, Params params)
throws RequestException
{
return processContents(s, params);
}


protected ErrorResponse processErrorContents(int i, Header aheader[], String s, Params params)
throws RequestException
{
TigoApplication.getInstance().getBalanceController().setBalanceResponseError();
return super.processErrorContents(i, aheader, s, params);
}


}

 

[124 Ali]

Yew! acheni kunitisha nimei uninstall faster!

 

[Eshy m.s]

Mi naisubiri sana ya M-pesa.

mi nangoja ya airtel money