Hacking the Nike+ FuelBand API

Published

This Christmas I was lucky enough to be given a Nike+ FuelBand by Alice.

My shiney Nike+ FuelBand

If you’re not familiar with the FuelBand, the basic idea is to track your movement throughout the day, and collect ‘Fuel’ (Nike’s own internal currency). You can compete with your friends to see who can collect the most etc (points can also be collected via other means such as the Nike+ running app for iOS).

Nike+ Dashboard

Hacking it!

So having played with the FuelBand for a few hours, I stumbled across this:

Based on the findings of Tom Pohl in this video I was able to put together some simple Ruby code (with the aid of HTTParty):

I’ve also posted the required accompanying files in this repository (also to store any future development).

To get it working you’ll need a config.yml file with the following:

In order to get hold of these values you’ll need to sniff the traffic between the FuelBand app and api.nike.com. To do this I used an intercepting Proxy on my Mac (try Burp Suite).

Once you’ve got everything in place you should be good to go. You can pull out ALL THE DATA :) as well as some nice summary stuff:

I can haz data

As this site currently runs on PHP, I also whipped up the same code in PHP using cURL:

Please feel free to fork and work on this, there are a ton of different method calls that I’m yet to include (see the video ^^).