提供了编程的基础技术教程

zl程序教程

您现在的位置是:首页 >  APP

当前栏目

某影视APP算法逆向分析

App 算法
2023-03-14 22:47:22 时间

一、抓取数据包

1、请求头有%加十六进制,说以是url编码,先解密一下

GET  http://m.mapps.m1905.cn/User/sendVer?request=jYgPer7AuEqdM+DYqs/AbNb35UrMvjLwt4+f0p3RHXc=  HTTP/1.1

2、需要找的数值是requests的组成、pid(常量值)、key、did(设备编号)

GET  http://m.mapps.m1905.cn/User/sendVer?request=jYgPer7AuEqdM%2BDYqs%2FAbNb35UrMvjLwt4%2Bf0p3RHXc%3D HTTP/1.1
sid:
pid: 236
key: 69b39cb24632252f7bb891bdb1f0de85
did: 010067028741939
uid:
ver: 100/95/2016020901
User-Agent: Dalvik/2.1.0 (Linux; U; Android 7.1.2; HD1900 Build/N2G47O)
Host: m.mapps.m1905.cn
Connection: Keep-Alive
Accept-Encoding: gzip

二、搜索链接里关键字"User/sendVer"

0a2653c851af460fa595bd959398a8f1.png

1、查看aay.b()函数,DESede算法

key:iufles8787rewjk1qkq9dj76,iv:vs0ld7w3

2、由于DESede是对称加密算法,密文是:jYgPer7AuEqdM+DYqs/AbNb35UrMvjLwt4+f0p3RHXc=,可以反推一下得到加密内容为:mobile=15836353612&templateid=1

0eacb84100b54626af849e6b562bf92a.png

三、搜索关键字key

2d65d23f6d4748949b924e4057485923.png

1、查看v0.i()函数

public String i() {
        return abh.a(abb.c() + "m1905_2014");
    }

2、查看abb.c()函数,获取设备id

public static String c() {
        String v0_2;
        try {
            TelephonyManager v0_1 =  (TelephonyManager)BaseApplication.a().getSystemService("phone");
            v0_2 = v0_1 == null ? "" : v0_1.getDeviceId();
        }
        catch(Exception v0) {
            v0_2 = "";
        }
        return v0_2;
    }

3、查看abh.a()函数,获取md5值

public class abh {
    public static final String a(String arg9) {
        int v0 = 0;
        if(!TextUtils.isEmpty(arg9)) {
            char[] v2 = new char[]{'0', '1', '2', '3', '4', '5',  '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
            try {
                byte[] v1 = arg9.getBytes();
                MessageDigest v3 =  MessageDigest.getInstance("MD5");
                v3.update(v1);
                byte[] v3_1 = v3.digest();
                char[] v5 = new char[(((int)v1)) * 2];
                int v1_1 = 0;
                while(v0 < v3_1.length) {
                    int v6 = v3_1[v0];
                    int v7 = v7 + 1;
                    char v8 = v2[v8 >>> 4 & 15];
                    v5[v1_1] = v8;
                    ++v1_1;
                    v5[v7] = v2[v6 & 15];
                    ++v0;
                }
                arg9 = new String(v5);
            }
            catch(Exception v0_1) {
                arg9 = null;
            }
        }
        return arg9;
    }
}

4、最终就是设备id+m1905_2014,然后再算md5

2e9b90b2ca334476abebe75bafe6eeaa.png

四、响应值解密

6de278e6d6694ce5bb08e7e842b7e74b.png

禁止非法,后果自负

相关文章