Skip to main content

Getting Hidden App Data From Your Google Drive

Some Android applications use space on your Google Drive to store data.  You can't see this data by browsing drive the normal way.  You can get access to it if you get the access token from the app and do a few other things.

I use an app to keep some notes and other things.  They require getting the paid version of the app to backup your data.  I wanted to see if I could get it myself without paying for the app.  I found out how to do this from this Stackoverflow post http://stackoverflow.com/questions/22832104/see-hidden-app-data-in-google-drive.  The example there uses php. Since I have been learning Python recently, I decided to see if I could do the same thing with Python.

 There is a pretty good explanation of why you need to go through all the steps you need to go through to get your data in the accepted answer for that post, so I won't go into too much detail about that here.





The first thing I did was get the apk for the app that I wanted the data from.  I tried a couple sites that let you download the apk for an app, but they didn't seem to work.  I ended up using ES File Explorer to create a backup of the app. Then I copied it over to my PC using an SD card.  Then I followed the instructions in the Stackoverflow post to get the access token.

The next thing that you need is a master token using your google username and password.


Just remember to replace YOURUSERNAME and YOURPASSWORD with your google account credentials.

Then you need to get an access token for the services you want to access.  [Edit 8/11/2017 This script was missing from the article]

Replace YOURMASTERTOKEN with the value from the first script.  Replace YOURAPPIDENTIFIER with the identifier for the app you are getting data for.  Replace YOURAPPSIGNATURE with the SHA-1 value using the instructions in the Stackoverflow post.  I removed all the colon characters and changed all the letters to lowercase to get this to work.

Before the next part you will need to install the Google python library like this.

pip install --upgrade google-api-python-client
Then you can run the following script to download files stored by the app.


This script comes mainly from this page https://developers.google.com/drive/v3/web/quickstart/python I just modified it a bit to download the files and skip getting the credentials because I have that already from the other 2 scripts above.

This script requires creating the following json file in the same folder as the script.  It needs to be named credentials.json.


In the json file just fill in YOURACCESSTOKEN and YOURAPPSIGNATURE.  The other values can be left alone.  You might also have to update the token_expiry, depending on when you are reading this.

I'm going to try to wrap all this up into a single script, but we'll see if I end up having time for that.

Comments

Popular posts from this blog

Using The Coldfusion XMLValidate Function To Validate User Content

Sometimes you want to allow a limited set of HTML tags in user generated content.  This can be done with the XMLValidate function in Coldfusion as long as the content is valid XHTML.

Several years ago I read an article about escaping form values posted by Ben Nadel on his site www.bennadel.com. Some discussion came up in the comments about allowing a limited set of html tags for paragraphs, bold text, and so on.  I had a need to do this for forum comments on a site that I was working on. This site was written in Coldfusion so I was looking at some of the same options mentioned in Ben's article. I ended up doing something a little different though.

We were using TinyMCE for the forum comments. TinyMCE produces XHTML code so I was able to use Coldfusion's abilities to handle XML to accomplish this task. Using the XMLValidate function and an XML schema that was modified to accept a small list of tags and attributes the comments were correctly limited. Here is the relevant po…

Using IR codes from Broadlink backup file

This is a continuation of yesterdays post about the Broadlink RM2 wifi remote.  I was able to test out using the codes to control my remote today.  They are stored in JSON format in the broadlink backup file.  The backup file is a zip file.  After you extract it there is a folder named SharedData.  There are several files in the folder.  The one that seems to have all the codes is named jsonIrCode.  The data looks like an array of objects, each with a code and some other information.