15951088268 147852lj
18031529044----18031529044..
随便输了条帐号,分析登陆sig
===========================================
POST https://api.account.meitu.com/oauth/access_token.json HTTP/1.1
Unlogin-Token: acbe72e325cb8aa3162639e59b09c768
Content-Type: application/x-www-form-urlencoded
Content-Length: 503
Host: api.account.meitu.com
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: okhttp/3.10.0
phone_cc=86
&client_channel_id=setup
&client_model=Nexus%205
&zip_version=2.5.0.8
&version=1.5.0
&mac=02%3A00%3A00%3A00%3A00%3A00
&client_id=1089867722
&client_language=zh-Hans
&sid=eedfb03a36f0d7465c62d580abf2cefe
&overseas=0
&sig=9e44cf54e391ac05ab092a3062826dc8
&sigVersion=1.2
&password=a123456
&device_name=google-Nexus%205
&sigTime=1531838910334
&phone=13046676555
&grant_type=phone
&os_type=android
&sdk_version=2.5.0
&client_os=6.0
&client_secret=457f936ee3241da4df4f //固定,根据包名等信息计算出来的
&android_id=1bcbe8011e668a1f
&client_network=WIFI
按下面的顺序组装:
oauth/access_token.json+overseas+mac+version+client_id+phone+android_id+sdk_version+zip_version+client_secret+client_os+phone_cc+client_model+client_network+password+os_type+
sid+device_name+grant_type+client_channel_id+client_language+"qA#QH=M+Ns&q+Z&J"+sigTime
得到下面这一串原文:
oauth/access_token.json002:00:00:00:00:001.5.01089867722130466765551bcbe8011e668a1f2.5.02.5.0.8457f936ee3241da4df4f6.086Nexus 5WIFIa123456androideedfb03a36f0d7465c62d580abf2cefegoogle-Nexus 5phonesetupzh-HansqA#QH=M+Ns&q+Z&J1531838910334
把原文md5后得到:
e944fc453e19ca50ba90a2032628d68c
把md5后的值每两位进行交换顺序,得到的值就是请求出去的sig
9e44cf54e391ac05ab092a3062826dc8
登陆帐号:18031529044----18031529044.
.==================================
POST https://api.account.meitu.com/oauth/access_token.json HTTP/1.1
Unlogin-Token: b21eea5dbe689502b4b503476c3203ec
Content-Type: application/x-www-form-urlencoded
Content-Length: 509
Host: api.account.meitu.com
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: okhttp/3.10.0
phone_cc=86&client_channel_id=setup&client_model=Nexus%205&zip_version=2.5.0.9&version=1.5.0&mac=02%3A00%3A00%3A00%3A00%3A00&client_id=1089867722&client_language=zh-Hans&sid=5ad55bb2400fcdaa3d8c7c18d2e4bc40&overseas=0&sig=ae82de849c78967fb69d631dedfc126e&sigVersion=1.2&password=18031529044..&device_name=google-Nexus%205&sigTime=1531840564991&phone=18031529044&grant_type=phone&os_type=android&sdk_version=2.5.0&client_os=6.0&client_secret=457f936ee3241da4df4f&android_id=1bcbe8011e668a1f&client_network=WIFI
HTTP/1.1 200 OK
Date: Tue, 17 Jul 2018 15:16:19 GMT
Server: Tengine
Content-Type: application/json;charset=utf-8
X-Powered-By: PHP/5.6.30
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Token,Unlogin-Token
Access-Control-Expose-Headers: Unlogin-Token
X-Via: 1.1 PSzqstdxfe27:1 (Cdn Cache Server V2.0)
Connection: keep-alive
X-Dscp-Value: 0
CDN: wangsu
Content-Length: 1614
{"meta":{"code":0,"msg":"","error":"","request_uri":"\/oauth\/access_token.json","request_id":"5b4e0843b8df59.65333405859436697","sid":"5ad55bb2400fcdaa3d8c7c18d2e4bc40"},"response":{"access_token":"_v2NWY5YzQwMzgjMTUzNDQzMjU3OSM1NzYjMzEjMzE0MWQzZjVjOTEyNWM0OTU0YTAwN2RmNmU1ZGVkN2UzOCMjQkpfU0gjNWI0ZTA4NDM=","expires_at":1534432579,"refresh_token":"ce345bf339d0473f94aaf3b97409baeb","refresh_expires_at":1535728579,"uid":1604075576,"client_id":1089867722,"refresh_time":1533136579,"user":{"id":1604075576,"old_account_uid":"578404753","screen_name":"282095fdsf","country":100000,"province":370000,"city":370900,"country_name":"中国","province_name":"山东","city_name":"泰安","location":"中国山东泰安","avatar":"","gender":"m","birthday":"2015-02-01","description":"","created_at":1531817835,"has_assoc_phone":false,"wallet_flag":{"has_recharge":false,"has_income":false},"idcard_status":1,"assoc_phone_cc":null,"assoc_phone":null,"assoc_uid":null,"phone":"18031529044","phone_cc":86,"has_password":true,"has_phone":true,"email":"","email_verified":false,"external_platforms":[],"avatar_https":""},"suggested_info":{"screen_name":"282095fdsf","gender":"m","country":100000,"province":370000,"city":370900,"description":"","avatar":"","country_name":"中国","province_name":"山东","city_name":"泰安","location":"中国山东泰安","birthday":"2015-02-01"},"register_complete":true,"suggested_screen_name":"282095fdsf","suggested_avatar":"","suggested_gender":"m","suggested_country":100000,"suggested_province":370000,"suggested_city":370900,"suggested_description":"","suggested_avatar_https":""}}
md5原文:
oauth/access_token.json002:00:00:00:00:001.5.010898677221803152904418031529044..1bcbe8011e668a1f2.5.02.5.0.9457f936ee3241da4df4f5ad55bb2400fcdaa3d8c7c18d2e4bc406.086Nexus 5WIFIandroidgoogle-Nexus 5phonesetupzh-HansqA#QH=M+Ns&q+Z&J1531840564991
领币的请求
==============================================
GET https://api.bec.com/sign_in/get_award.json?gid=1492038125&app_version=10500&imei=000000000000000&with_multi_wallet=1&os_type=android&language=zh-Hans&os_version=23&app_versionName=1.5.0&emulator_check_result=0&channel=setup&pkg=bec.wallet.app&sig=450d53d007cdf5381843c19024c1e9e8&sigTime=1531840913460&sigVersion=1.3 HTTP/1.1
Charset: UTF-8
Content-Type: application/json
os_version: 23
os_type: android
language: zh-Hans
app_version: 10500
app_versionName: 1.5.0
pkg: bec.wallet.app
channel: setup
access-token: _v2NWY5YzQwMzgjMTUzNDQzMjU3OSM1NzYjMzEjMzE0MWQzZjVjOTEyNWM0OTU0YTAwN2RmNmU1ZGVkN2UzOCMjQkpfU0gjNWI0ZTA4NDM=
Host: api.bec.com
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: okhttp/3.10.0
HTTP/1.1 200 OK
Date: Tue, 17 Jul 2018 15:22:11 GMT
Server: PWS/8.3.1.14
X-Px: nc h0-s2.p7-hkg ( h0-s1093.p1-sin), nc h0-s1093.p1-sin ( origin)
Content-Length: 807
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
CDN: TXCDN
Connection: keep-alive
{"meta":{"code":900302,"message":"奖励已领取","error":"[sign_in - GetAward] signin.GetAward 获取打卡签到奖励错误, error: {\"code\":900302,\"msg_zhhans\":\"奖励已领取\",\"msg_en\":\"Reward is collected\",\"log\":\"奖励已领取\",\"cause\":null}","request_id":"01cjmdba3e8f37n5wn7yzxp368","request_uri":"/sign_in/get_award.json?gid=1492038125&app_version=10500&imei=000000000000000&with_multi_wallet=1&os_type=android&language=zh-Hans&os_version=23&app_versionName=1.5.0&emulator_check_result=0&channel=setup&pkg=bec.wallet.app&sig=450d53d007cdf5381843c19024c1e9e8&sigTime=1531840913460&sigVersion=1.3"},"response":{"period":"1807171800-1807180000","award_name":"","award_num":"","award_pic":"","next_sign_in_time":1531843200,"hint":"每日0点、6点、12点、18点生成新奖励"}}
拼装顺序:
sign_in/get_award.json+imei+emulator_check_result+with_multi_wallet+app_versionName+app_version+gid+os_version+os_type+pkg+channel+language+ "nxr84F4M_!!rmEge" +sigTime+"Tw5AY783H@EU3#XC"
md5原文:
sign_in/get_award.json000000000000000011.5.010500149203812523androidbec.wallet.appsetupzh-Hansnxr84F4M_!!rmEge1531840913460Tw5AY783H@EU3#XC
md5的值:
54d0350d70dc5f8381341c09421c9e8e
交换顺序后得到sig
450d53d007cdf5381843c19024c1e9e8