一款直播电视接口分析

一.初步了解

最近对一款网络电视app进行分析,要求是找到其访问直播源的接口,初次打开apk,先做一个简单的了解,并没有加固等处理,只是对代码做了混淆处理
我们目的是找到其访问直播源的接口,初次打开apk,先做一个简单的了解.手指上下滑动可转换频道,这时根据Android正向开发可以搜索下滑动事件点击,看他到底做了什么处理

二.代码反编译逆向分析.

对apk进行反编译,静态分析定位此处发现在此处已经获取DefaultStreamUrl,打印日志可直接获取当前直播源url,可以说已经是稍有眉目了

.method private X()V
    .locals 4

    .prologue
    .line 1174
 
    sget-object v0, Lcom/dianshijia/newlive/home/logic/h;->a:Lcom/dianshijia/newlive/epg/model/Channel;

    if-eqz v0, :cond_0

    .line 1175
    iget-object v0, p0, Lcom/dianshijia/newlive/home/logic/h;->h:Lcom/dianshijia/newlive/core/utils/t;

    const-string v1, "CHANNEL_HASHCODE"

    sget-object v2, Lcom/dianshijia/newlive/home/logic/h;->a:Lcom/dianshijia/newlive/epg/model/Channel;

    .line 1176
    invoke-virtual {v2}, Lcom/dianshijia/newlive/epg/model/Channel;->hashCode()I

    move-result v2

    .line 1175
    invoke-virtual {v0, v1, v2}, Lcom/dianshijia/newlive/core/utils/t;->a(Ljava/lang/String;I)V

    .line 1177
    iget-object v0, p0, Lcom/dianshijia/newlive/home/logic/h;->h:Lcom/dianshijia/newlive/core/utils/t;

    const-string v1, "CHANNEL_ID"

    sget-object v2, Lcom/dianshijia/newlive/home/logic/h;->a:Lcom/dianshijia/newlive/epg/model/Channel;

    .line 1178
    invoke-virtual {v2}, Lcom/dianshijia/newlive/epg/model/Channel;->getId()Ljava/lang/String;

    move-result-object v2

    .line 1177
    invoke-virtual {v0, v1, v2}, Lcom/dianshijia/newlive/core/utils/t;->a(Ljava/lang/String;Ljava/lang/String;)V

    .line 1179
    iget-object v0, p0, Lcom/dianshijia/newlive/home/logic/h;->h:Lcom/dianshijia/newlive/core/utils/t;

    const-string v1, "CHANNEL_NAME"

    sget-object v2, Lcom/dianshijia/newlive/home/logic/h;->a:Lcom/dianshijia/newlive/epg/model/Channel;

    iget-object v3, p0, Lcom/dianshijia/newlive/home/logic/h;->e:Landroid/content/Context;

    .line 1180
    invoke-virtual {v2, v3}, Lcom/dianshijia/newlive/epg/model/Channel;->getName(Landroid/content/Context;)Ljava/lang/String;

    move-result-object v2

    .line 1179
    invoke-virtual {v0, v1, v2}, Lcom/dianshijia/newlive/core/utils/t;->a(Ljava/lang/String;Ljava/lang/String;)V

    .line 1181
    iget-object v0, p0, Lcom/dianshijia/newlive/home/logic/h;->h:Lcom/dianshijia/newlive/core/utils/t;

    const-string v1, "last_channel_url"

    sget-object v2, Lcom/dianshijia/newlive/home/logic/h;->a:Lcom/dianshijia/newlive/epg/model/Channel;

    .line 1182
    invoke-virtual {v2}, Lcom/dianshijia/newlive/epg/model/Channel;->getDefaultStreamUrl()Ljava/lang/String;
Lcom/dianshijia/newlive/epg/model/Channel;为封装的直播源信息,那么何时进行封装的呢,我们知道封装实体类,要么通过构造器传递数据,要么set进入数据,以此为突破口继续分析
.method public constructor <init>(Landroid/os/Parcel;)V
    .locals 2

    .prologue
    
    new-instance v0, Ljava/lang/Exception;
    
    const-string v1, "print trace Channel"
    
    invoke-direct {v0, v1}, Ljava/lang/Exception;-><init>(Ljava/lang/String;)V
    
    invoke-virtual {v0}, Ljava/lang/Exception;->printStackTrace()V
在构造器中打印堆栈,看看有什么收获....

同时对此apk进行抓包分析
GET /api/v1/channels HTTP/1.1
Cache-control: public, max-age=0
Host: api.idianshijia.com


hwBrand: OPPO
cityCode: 610100
routerSsid: %22vqs.com%22
appVerName: 3.0.8
Connection: close
routerMac: 089b4b972fdc
hwModel: R8207
hwDevice: R1C
deviceType: 0
hwHardware: qcom
appVerCode: 309
hwId: null
generation: com.dianshijia.newlive
deviceId: 5456acf1a8154d70cde2bcbfb941da1f
platform: 1
riskId: null
areaCode: 610000
hwImei: 865685028269134
hwMac: A81B5A222B9B
countryCode: CN
ethMac: null
User-Agent: android/client
systemSdkVersion: 19
Accept-Encoding: gzip,deflate
hwSerial: e32824668a84417ba8782425816c59cf
language: zh_CN
uuid: e6766de8186b70e6129c2e7f28d7f7ed
marketChannelName: tvapk
openId: null

HTTP/1.1 302 Found
Server: nginx
Date: Mon, 25 Dec 2017 03:28:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 88
Connection: close
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Origin,Accept,Content-Type,Authorization
Access-Control-Allow-Origin: *
Location: http://cdn.idianshijia.com/api/channel/groupSimplifiedChinese_217
Expires: Mon, 25 Dec 2017 04:28:20 GMT
Cache-Control: max-age=3600

<a href="http://cdn.idianshijia.com/api/channel/groupSimplifiedChinese_217">Found</a>.
这个非常可疑,将其地址提出http://api.idianshijia.com/api/v1/channels,访问是发现并没有数据,用fillder进行访问
运气不错
三.正向角度分析
 public void run(){  
        HttpURLConnection connection = null;  
        BufferedInputStream bis  = null ;  
        RandomAccessFile accessFile = null ;  
        try{  
            URL url = new URL(url_str);  
            connection = (HttpURLConnection)url.openConnection();  
            connection.setConnectTimeout(10000);  
            connection.setReadTimeout(10000);  
            fileSize = connection.getContentLength();  
对于网络请求无外乎那几种格式,openConnection是一个切入口,进行追踪分析发现http://cdn.idianshijia.com/api/channel/groupSimplifiedChinese_217正是我们所需要的,至此分析完成(本文章仅用作分析思考,切勿非法用途)






评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值