Check Marks the Spot - Google Tasks from Takeout

Posted by
This post was the outcome of not realizing something simple wasn't being pulled out of a Google Takeout dump with RLEAPP. It occurred when I was playing the virtual Magnet CTF this year and I didn't get an easy 25 point question. Me like a dummy didn't analyze the .zip folder structure so here we are making my (and hopefully others) life easier.

Google Tasks is a small application you can download from the Play Store. The interface is quite simple and can be broken down into a few sections.

Figure 1: Sample tasks (can you tell I was hungry and thirsty?)
  • Task lists - overarching list of tasks
    • these can be given a name
    • default list is called "My Tasks"
  • Task names - the main task name
  • Due dates - can be set for each tasks or subtask
  • Notes - can be added as a descriptor for a main task
  • Sub tasks - nested tasks with a parent/child relationship to a main task
You can use emojis as part of the names as you can see above by the wine glass and the bacon. Once a tasks is checked or completed it gets put into it's own section at the bottom with a strikethrough.

Figure 2: Sample tasks with one completed

Lets generate a Google Takeout and see the results we get. The format will be a JSON file and will look something like this:

Figure 3: Tasks in JSON format from Google Takeout

We can see the following relevant fields in the JSON:
  • title - title of the task or task list
  • created - created timestamp of the task in UTC offset
  • updated - updated timestamp of the task in UTC offset
  • due - due timestamp of the task in UTC offset
  • statues - status of the task
    • needsAction - item still needs to be completed
    • completed - item has been checked off and completed
  • id - ID of the main task or the task list
  • parent - the parent ID of the related main task (found for subtasks)
I haven't seen any different "task_type" entries other than "PERSONAL_TASK". After much trial and error and working through some iteration issues, I was finally able to parse this all out into a nicer, cleaner format via RLEAPP.

Figure 4: Google Tasks from Takeout in RLEAPP

Something of note, these tasks should also show up on the user's Google Calendar as well if it is all synced. I haven't dove into that side yet but it might be featured in a future post.

Hopefully this parsers helps a fellow examiner or even another CTF player in the future.