❄️ White Out Survival
Mobile Investigation Guide
For non-rooted Android phones without a computer
📊 What We Found So Far
Working API - Giftcode Player Lookup
Returns: nickname, furnace level, state ID, avatar
Player 250893802 → FADL2, State 2007, Furnace Lv.31
209 Protocol Messages Discovered
Key messages for your task:
| Message | Direction | What It Does |
NOTIFY_PLAYER_POWER_UPDATE | Server→Client | 🔥 Player power changes |
NOTIFY_PLAYER_ACTIVITY_POWER_UPDATE | Server→Client | 🔥 Activity power changes |
NOTIFY_STOVE_INFO | Server→Client | Furnace/stove data |
REQ_PLAYER | Client→Server | Request player data |
REQ_CENTER_RANK | Client→Server | Center ranking |
🎯 How to Get Player Power Data
Player power is NOT in any public API. It's sent via the sproto binary protocol over encrypted WebSocket. Here are your options:
Option 1: PCAPdroid BEST FOR YOU
- Install PCAPdroid from Google Play Store
- Start PCAPdroid capture
- Open White Out Survival and play normally
- Stop capture and export PCAP file
- The traffic is TLS-encrypted but you'll see server IPs and connection patterns
- With root (install CA as system cert): PCAPdroid can decrypt HTTPS
Limitation: Game uses certificate pinning, so even with CA cert, HTTPS decryption may fail. You'll see connection metadata but not decrypted sproto content.
Option 2: Termux + Frida GOOD
- Install Termux from F-Droid (NOT Play Store version)
- Run in Termux:
pkg install python
pip install frida-tools
frida -U -f com.gof.global -l wos_hook.js
- This will hook sproto_decode/sproto_encode functions in libtolua.so
- All protocol messages will be logged to console
Limitation: Frida requires either root or a modified APK. Without root, you need the Frida Gadget approach (Option 3).
Option 3: Frida Gadget Modified APK ADVANCED
- Install SAI (Split APK Installer) from Play Store
- On a computer (or using Termux), merge the XAPK into a single APK
- Inject libfrida-gadget.so into the APK's lib/arm64-v8a/
- Add gadget config to assets/
- Sign with apksigner or uber-apk-signer
- Install the modified APK
- When the game starts, Frida connects and logs everything
# In Termux:
wget https://github.com/frida/frida/releases/latest/download/frida-gadget-16.5.9-android-arm64.so.xz
xz -d frida-gadget.so.xz
mv frida-gadget.so libfrida-gadget.so
# Then use apktool to inject it
Option 4: Official API Access RECOMMENDED
- Contact Century Game for developer API access
- Explain you need: player power, hero power, state age data
- They have internal REST/gRPC APIs for this data
- Likely requires business partnership or licensing
🔧 Ready-to-Use Tools
Python Player Lookup (works now!)
import hashlib, time, requests
fid = '250893802' # Any player ID
ts = str(int(time.time() * 1000))
sign = hashlib.md5(f'fid={fid}&time={ts}tB87#kPtkxqOS2'.encode()).hexdigest()
r = requests.post('https://wos-giftcode-api.centurygame.com/api/player',
data={'fid': fid, 'time': ts, 'sign': sign},
headers={'Origin': 'https://wos-giftcode.centurygame.com'})
print(r.json())
# → {"nickname":"FADL2","kid":2007,"stove_lv":31,...}
sproto Protocol Decoder
File: wos_sproto_decoder_v2.py
Can decode captured sproto binary messages once you have the raw data
python wos_sproto_decoder_v2.py rpc <hex_data>
python wos_sproto_decoder_v2.py unpack <hex_data>
🔐 Encryption Summary
| Layer | Type | Status |
| Web API Sign | MD5(secret:params) | ✅ Cracked |
| Gift Code Sign | MD5(sorted_params + salt) | ✅ Cracked |
| Game Protocol | AES-192 + sproto | ⚠️ Need traffic capture |
| TLS | Certificate pinning | ❌ Blocks MITM |
| Metadata (HTPX) | NetEase YiDun custom | ❌ Per-app encryption |
| Asset Bundles | LZ4 + custom | ❌ Encrypted |
📋 Quick Action Plan
Step 1: Install PCAPdroid and capture WoS traffic
Step 2: Note the FPCS server IPs and connection patterns
Step 3: Try Termux + Frida (if your phone allows it)
Step 4: Or request official API access from Century Game
Step 5: Use the sproto decoder to analyze captured data