ysfchn / samfetch Goto Github PK

A web API to download Samsung firmware easily without headers, authorization or anything that you don't want.

License: GNU Affero General Public License v3.0

Python 99.32% Dockerfile 0.52% Procfile 0.16%

samfirm firmware samsung kies samsung-firmwares python sanic

samfetch's Introduction

SamFetch

A simple Web API to download Samsung Stock ROMs from Samsung's own Kies servers, without any restriction, rate-limit, authorization or passwords. Made in Python and built with Sanic.

Caution

Recent changes in Samsung backend causes all firmware downloads require a valid IMEI number, which must match with the model that is requested. Check this link for more information. SamFetch currently didn't adapted this change yet, which makes SamFetch unusable right now.

Warning

Due to a change in Samsung servers, you can only download the latest firmware even if you asked for an older firmware. See discussion here.

Deploy & Use

SamFetch doesn't have any rate-limits to keep it free (as in freedom) as much as I can. However, since this can allow malicious requests (such as spams) I recommend hosting your own instance, as you will have more control over it and you will have own private instance.

SamFetch is currently tested and ready to be hosted on Docker, Heroku (one-click deploy here) and fly.io. As it is just Python, it should run in any Python environment by default.

You can also run in your computer locally if you don't need to host publicly.

Features

It doesn't include any analytics, store cookies or have any rate-limits as it directly calls the Samsung servers without involving any 3rd party.
As Samsung server requests authorization before serving firmwares, it is done automatically by SamFetch itself, so you don't need any authorization or add any headers on your end.
The firmware file will directly stream to you, while decrypting the firmware on-the-fly, so no background-jobs, no queue, and no storing the firmware in disk.
SamFetch supports partial downloads with "Range" header which means it supports pausing and resuming the download. Note that partial downloads are not allowed when decrypting has enabled, due to some problems, see here.
You can configure your SamFetch instance with environment variables and edit allowed origin for CORS headers and chunk size.

Endpoints

Endpoint	Description
`/:region/:model/list`	List the available firmware versions of a specified model and region. The first item in the list represents the latest firmware available.
`/:region/:model/:firmware`	Returns the firmware details, such as Android version, changelog URL, date and filename which is required for downloading firmware.
`/file/:path/:filename`	Starts downloading the firmware with given `path` and `filename` which can be obtained in firmware details endpoint. For decrypting, add the given key as `decrypt` query parameter. Also optionally, `filename` query parameter overwrites the filename of the downloaded file.

Redirects

Endpoint	Description
`/:region/:model/latest`	Gets the latest firmware version for the device and redirects to `/:region/:model/:firmware`.
`/:region/:model/latest/download`	Gets the latest firmware version for the device and redirects to `/:region/:model/:firmware/download`.
`/:region/:model/:firmware/download`	Gets the firmware details for the device and redirects to `/file/:path/:filename` with `decrypt` parameter.

Envrionment Variables

Variable	Description
`SAMFETCH_HIDE_TEXT`	Hides the text shown when visiting the root path.
`SAMFETCH_ALLOW_ORIGIN`	Sets the "Access-Control-Allow-Origin" header value. Settings this to "" (wildcard) allows all domains to access this SamFetch instance. Default is set to "".
`SAMFETCH_CHUNK_SIZE`	Specifies how many bytes must read in a single iteration when downloading the firmware. Default is set to 1485760 (1 megabytes), bigger chunk size means faster but uses more resources.

On-the-fly Decrypting

Samsung stores firmwares as encrypted. This means, in normally you are expected to download the encrypted firmware, and decrpyt it afterwards locally. However with SamFetch, the firmware file will directly stream to you, while decrypting the firmware on-the-fly, so no background-jobs, no queue, and no storing the firmware in disk.

This behavior is opt-in, so if you want SamFetch to decrypt the firmware on-the-fly, you need to insert the decryption key that you can also get it from SamFetch.

# Decrypt key can be found in firmware details.
$ curl http://127.0.0.1:8000/firmware/TUR/SM-N920C/latest -L | jq .decrypt_key
"22992da4a7f887d1c4f5bdc66d116367"

# Join path and filename. Add decryption key as "decrypt" query parameter
# The output is the URL path of the download.
$ curl http://127.0.0.1:8000/firmware/TUR/SM-N920C/latest -L | jq '.path + .filename + "?decrypt=" + .decrypt_key'
"/neofus/9/SM-N920C_1_20220819152351_1eub6wdeqb_fac.zip.enc4?decrypt=22992da4a7f887d1c4f5bdc66d116367"

# SamFetch also returns the full URLs in the response.
$ curl http://127.0.0.1:8000/firmware/TUR/SM-N920C/latest -L | jq '.download_path_decrypt'
"http://127.0.0.1:8000/file/neofus/9/SM-N920C_1_20220819152351_1eub6wdeqb_fac.zip.enc4?decrypt=22992da4a7f887d1c4f5bdc66d116367"

If you prefer to decrypt firmwares manually, sadly you can't do it with SamFetch (as it is an web application not a CLI), but you can use Samloader which has a decrypt command.

Partial downloads

When an encrypted file has decrypted, the file size becomes slightly different from the encrypted file. The thing is, SamFetch reports the firmware size, so you can see a progress bar and ETA in your browser. However, when the decrypted size is not equal with actual size, this will result in a failed download in 99%. To fix failed downloads, SamFetch won't report the firmware size when decrypting has enabled.

Running

Install dependencies with pip install -r requirements.txt and run with:

sanic main.app

Visit the URL you see in the console to get started with SamFetch.

$ curl http://127.0.0.1:8000/firmware/TUR/SM-N920C/latest -L
{
    "display_name": "Galaxy Note5",
    "size": 2530817088,
    "size_readable": "2.36 GB",
    "filename": "SM-N920C_1_20190117104840_n2lqmc6w6w_fac.zip.enc4",
    "path": "/neofus/9/",
    "version": "Nougat (Android 7.0)",
    "encrypt_version": 4,
    "last_modified": 20190117144207,
    "decrypt_key": "0727c304eea8a4d14835a4e6b02c0ce3",
...

$ curl http://127.0.0.1:8000/file/neofus/9/SM-N920C_1_20220819152351_1eub6wdeqb_fac.zip.enc4?decrypt=22992da4a7f887d1c4f5bdc66d116367 -O .
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 27.0M    0 27.0M    0     0  1282k      0 --:--:--  0:00:21 --:--:-- 1499k

$ curl http://127.0.0.1:8000/file/neofus/9/SM-N920C_1_20220819152351_1eub6wdeqb_fac.zip.enc4 -O .
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0 2413M    0 17.1M    0     0  2604k      0  0:15:48  0:00:06  0:15:42 3651k

Resources

If you want to do more with Samsung firmwares, or SamFetch is not enough for you, or just want to learn more stuff, you can check resources.

Credits

This is a Web API variant of Samloader project. I reimplemented the Samloader's functions as Web API routes and simplified the code for end-user to eliminate the authorization request, so SamFetch wouldn't be possible without Samloader.

License

This project is licensed with AGPLv3.

samfetch's People

Contributors

Stargazers

Watchers

Forkers

jcrutchvt10 killbus goofwear ictsolved usamakarim hg9x youssaoui farajelmadhi yimura-forks irfaaan manoedinata yimura titania112 deus73

samfetch's Issues

Warning "There are some data after the end of the payload data."

As SamFetch directly streams the file to the browser, I can't unpad the bytes of the last chunk of the file because Iterator and/or Generator doesn't allow me to know which chunk is the last, but it is normal, because SamFetch doesn't know when the file will finish downloading.

So it appends unnecessary bytes to the end of the file. And 7Zip (or etc) may return this warning. (not an error) when opening the archive.

There are some data after the end of the payload data.

But looks like it is not a critical issue because such programs like 7Zip can handle that as payload data is already stable/safe and file contents are decrypted as expected.

Anyways, if you get any errors while opening the archive because of the above error, use something like 7Zip.

Because of that hash values of the firmware archive also are different than shown on the Kies servers.

Too little data for declared Content-Length

Path: /EUX/SM-F926B

Server Environment:

Docker
python:3.7.12-buster

Client Environment:

Chrome (95.0.4638.69)
curl 7.55.1 (Windows) libcurl/7.55.1 WinSSL

Call Stack:

ERROR:    Exception in ASGI application
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/uvicorn/protocols/http/h11_impl.py", line 373, in run_asgi
    result = await app(self.scope, self.receive, self.send)
  File "/usr/local/lib/python3.7/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__
    return await self.app(scope, receive, send)
  File "/usr/local/lib/python3.7/site-packages/fastapi/applications.py", line 208, in __call__
    await super().__call__(scope, receive, send)
  File "/usr/local/lib/python3.7/site-packages/starlette/applications.py", line 112, in __call__
    await self.middleware_stack(scope, receive, send)
  File "/usr/local/lib/python3.7/site-packages/starlette/middleware/errors.py", line 181, in __call__
    raise exc
  File "/usr/local/lib/python3.7/site-packages/starlette/middleware/errors.py", line 159, in __call__
    await self.app(scope, receive, _send)
  File "/usr/local/lib/python3.7/site-packages/starlette/middleware/cors.py", line 84, in __call__
    await self.app(scope, receive, send)
  File "/usr/local/lib/python3.7/site-packages/starlette/exceptions.py", line 82, in __call__
    raise exc
  File "/usr/local/lib/python3.7/site-packages/starlette/exceptions.py", line 71, in __call__
    await self.app(scope, receive, sender)
  File "/usr/local/lib/python3.7/site-packages/starlette/routing.py", line 656, in __call__
    await route.handle(scope, receive, send)
  File "/usr/local/lib/python3.7/site-packages/starlette/routing.py", line 259, in handle
    await self.app(scope, receive, send)
  File "/usr/local/lib/python3.7/site-packages/starlette/routing.py", line 64, in app
    await response(scope, receive, send)
  File "/usr/local/lib/python3.7/site-packages/starlette/responses.py", line 227, in __call__
    await wrap(partial(self.listen_for_disconnect, receive))
  File "/usr/local/lib/python3.7/site-packages/anyio/_backends/_asyncio.py", line 567, in __aexit__
    raise exceptions[0]
  File "/usr/local/lib/python3.7/site-packages/anyio/_backends/_asyncio.py", line 604, in _run_wrapped_task
    await coro
  File "/usr/local/lib/python3.7/site-packages/starlette/responses.py", line 223, in wrap
    await func()
  File "/usr/local/lib/python3.7/site-packages/starlette/responses.py", line 217, in stream_response
    await send({"type": "http.response.body", "body": b"", "more_body": False})
  File "/usr/local/lib/python3.7/site-packages/starlette/exceptions.py", line 68, in sender
    await send(message)
  File "/usr/local/lib/python3.7/site-packages/starlette/middleware/errors.py", line 156, in _send
    await send(message)
  File "/usr/local/lib/python3.7/site-packages/uvicorn/protocols/http/h11_impl.py", line 477, in send
    output = self.conn.send(event)
  File "/usr/local/lib/python3.7/site-packages/h11/_connection.py", line 468, in send
    data_list = self.send_with_data_passthrough(event)
  File "/usr/local/lib/python3.7/site-packages/h11/_connection.py", line 501, in send_with_data_passthrough
    writer(event, data_list.append)
  File "/usr/local/lib/python3.7/site-packages/h11/_writers.py", line 60, in __call__
    self.send_eom(event.headers, write)
  File "/usr/local/lib/python3.7/site-packages/h11/_writers.py", line 83, in send_eom
    raise LocalProtocolError("Too little data for declared Content-Length")
h11._util.LocalProtocolError: Too little data for declared Content-Length
INFO:     192.168.96.1:32934 - "GET /EUX/SM-F926B HTTP/1.1" 200 OK

/latest returns 500 Server error

I can successufully get details about firmware for my model and region by using:
/DBT/SM-R895F/list
But when trying to fetch details about the latest firmware I get a server error:
/DBT/SM-R895F/latest

{"description":"Internal Server Error","status":500,"message":"The server encountered an internal error and cannot complete your request."}

Downloading does not work aswell:
/DBT/SM-R895F/latest/download

Even when trying to access the firmware using the correct path (got it from my browsing history) i still get Server error 500.

So I guess something changed on Samsungs backend?

[Bug] `/api/binary` endpoint returns the same response body regardless of request params

Not sure if I'm missing something but it seems like the /api/binary endpoint returns the same response body regardless of the params sent with the request.

Request:
/api/binary?region=XAA&model=SM-G986U1&firmware=G986U1UEU1DUB7%2FG986U1OYM1DUB7%2FG986U1UEU1DUB7%2FG986U1UEU1DUB7

Response:

{
  "display_name": "SSP",
  "size": 5991219840,
  "filename": "SM-G986U1_1_20210416234737_q8wahqy67m_fac.zip.enc4",
  "path": "/neofus/910/",
  "version": "R (Android 11)",
  "encrypt_version": 4,
  "size_readable": "5.58 GB",
  "decrypt_key": "60813b9c940b3e286de84bff7baaf403"
}

The 20210416 date of the firmware is what tipped me off because I'm trying to download a firmware from 2-28. So I also tried a couple of other firmwares (all pulled from the /api/list endpoint) and they all returned the same response as above. I'm guessing it's just returning info for the latest firmware every time but I'm not sure.