Reverse engineered the Attendance app, mark attendance from room

now you can mark attendance from your room

I love IITR, but I believe there are areas in need of improvement.

On March 28 at 6:04 PM, we all received an email instructing us to download a mobile app for marking attendance. However, I see this as a step in the wrong direction.

Rather than focusing on enhancing the curriculum, facilities, and laboratories, the administration is prioritizing the enforcement of attendance in classes. Instead of discussing solutions, they resort to sending CG scores to our parents.

The mindset of the administrators seems more aligned with that of a private college rather than that of IIT Roorkee. Moreover, the quality of technology provided to IIT Roorkee students indicates that our data may not be in safe hands. It appears that they lack the responsibility and qualifications required for this job.

Steps to Reproduce

The steps are pretty straight forward, it is just about finding the right tools and files

1. Download the wrapper and jar file of APKTool. Give appropriate permissions.
2. Decompile the apk, browse the files.
3. Keep checking out the files
4. Scream!! and continue the search for correct files
5. The error message you get when you have developer tools enabled is written on all the UIs (They are soo smart). Use that message to match the UIs and their corresponding files.
6. Removed the Developer tool restriction error. (All android developer happy!)

getcheckdeveloperMode() {
  he.m
    .isDevelopmentSettingsEnabled()
    .then((i) => {
      this.DeveloperMode = false; // set it to false
    })
    .catch((i) => {});
}

7. Remove the location tracking and hardcode LHC locations

getCurrentLocation() {
  var i = this;
  return (0, z.Z)(function* () {
    //   try {
    //     "granted" != (yield ut.b.checkPermissions())?.location &&
    //       "granted" !=
    //         (yield ut.b.requestPermissions())?.location &&
    //       (yield i.openSettings(!0));
    //     const s = yield ut.b.getCurrentPosition();
    //     return {
    //       latitude: 29.865775,
    //       longitude: 77.893974,
    //     };
    //   } catch (n) {
    //     "Location services are not enabled" == n?.message &&
    //       (yield i.openSettings());
    //   }
    //   return { latitude: null, longitude: null };
    return {
      latitude: 29.865775, // yes LHC coordinates
      longitude: 77.893974,
    };
  })();
}

8. Added some Easter Eggs

9. Signed your compiled apk using this.

and seriously (For developer of this cool app)

let username: any = CryptoJS.DES.decrypt( localStorage.getItem('username') ?? 'no-value', 'user@123').toString(CryptoJS.enc.Utf8);

Please feel free to try it yourself.

Advice for Administration

1. Hire better programmers
2. Focus on improving the quality of education rather than forcing student to come to class.