Linux QQ 协议分析

Qq for linux 协议分析--个人感觉Tencent的LinuxQQ 协议更简单一些貌似

// 1、指令0x0091第一次握手请求(Touch_Request)的发送数据,解密后为

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

// unsigned char instr[]={

0x4b,0x16,0xfe,0x18,0xc0,0x7e,0xe6,0x4c,0xe9,0x1f,0x8a,0xd8,0xcd,0x7f,0x3b,0x97,0xfa,0x29,0xe3,0x41,

0x0c,0xba,0xd2,0x57,0xe6,0x17,0x33,0xdd,0x02,0xbf,0xae,0x2c

};

//指令0x0091第一次握手请求(Touch_Request)的随机密钥RequestKey1

// unsigned char key[]={0xb6,0x70,0xab,0xd6,0x06,0xd3,0x3a,0x30,0x3a,0x01,0xe9,0x09,0xc3,0x15,0xe1,0x3c};

//指令0x0091第一次握手请求失败,服务器返回的数据(Touch_Respond),用RequestKey1解密后为

00 01 01 00 00 00 01 00 00 00 00 db 85 3c 1b(后4字节为新的ip地址)

// unsigned char instr[]={

0x22,0x57,0x70,0x12,0xcf,0x5a,0xeb,0x21,0x0e,0x62,0x1f,0xf2,0xed,0x1f,0x7c,0x57,0x85,0xef,0x13,0xb9,

0x4a,0xe0,0xc0,0xa1,0xb8,0xe6,0xd5,0x02,0x9a,0x32,0x97,0x07

};

// 2、 指令0x0091第二次握手请求(Touch_Request)的发送数据,用RequestKey1解密后为

00 01 01 01 00 00 00 00 00 00 00 1b 3c 85 db(后4字节为新的ip地址的倒置)

// unsigned char instr[]={

0x4b,0x16,0xfe,0x18,0xc0,0x7e,0xe6,0x4c,0xcc,0x9f,0x3b,0xe7,0x02,0x98,0x52,0x49,0xa5,0xf5,0x56,0x52,

0xc1,0x71,0xe0,0x9b,0xb1,0xc8,0x15,0xdc,0x41,0x78,0xd6,0xb3

};

//指令0x0091第二次握手请求成功,服务器返回的数据(Touch_Respond),用RequestKey1解密后为00 00

// unsigned char instr[]={

0x9f,0xf1,0x3e,0x30,0x09,0xab,0x4c,0xb8,0x9d,0x05,0xa4,0xd6,0x20,0xf2,0x18,0xc4

};

// 3、 指令0x0062请求预登陆令牌(PreLT_Request)

// 指令0x0062请求预登陆令牌, 服务器返回数据(PreLT_Respond),这个数据加密后成为请求登陆令牌的一部分

// unsigned char instr[]={

0xe1,0xd5,0x55,0x0e,0xce,0xb6,0xd3,0x0a,0x4c,0xdd,0x7c,0xa8,0x61,0xb0,0x77,0x7f,0x11,0x4d,0xb1,

0x39,0xec,0xf0,0x99,0xd0

};

// 4、 指令0x00ba 请求登陆令牌(LoginToken_Request),把(PreLT_Respond) 18

+{

0xe1,0xd5,0x55,0x0e,0xce,0xb6,0xd3,0x0a,0x4c,0xdd,0x7c,0xa8,0x61,0xb0,0x77,0x7f,0x11,0x4d,0xb1,

0x39,0xec,0xf0,0x99,0xd0

}

+03 00 05 00 00 00 00 00 00 00数据TEA随机密钥RequestKey2(现在发现和密钥1一样)加密后作为请求数据

// unsigned char instr[]={

0xe9,0xb1,0xc7,0x7c,0xb1,0x2d,0x41,0xed,0xf5,0x13,0x6f,0x3e,0xd5,0xf4,0x7f,0x0e,0xc1,0x92,0x89,

0x24,0x4b,0xf3,0xbe,0xf2,0xb5,0x00,0xce,0x63,0xa9,0x3a,0x5b,0xc8,0xab,0xc7,0xe2,0x70,0x6e,0x5b,

0x97,0x3a,0xca,0x79,0x3e,0x1b,0x19,0xbc,0x4a,0x03

};

// 指令0x00ba 请求登陆令牌,服务器返回数据(LoginToken_Respond),

用RequestKey2解密后为03 00 05 00 00 20

+{0x00,0xd0,0xe1,0xa0,0x1a,0x3f,0xb2,0x5d,0x72,0x9d,0x15,0x8c,0x56,0xe4,0x27,0xf3,0xb8,0xae,

0xe2,0x6f,0xd7,0xfe,0x92,0xa7,0x3a,0xa8,0xe8,0xed,0xdd,0xb5,0xb9,0xcc

}(LT)

// unsigned char instr[]={

0x5c,0x1e,0x84,0x95,0x35,0xc4,0xb3,0x02,0x3e,0xd6,0xcb,0x71,0x67,0x40,0x63,0xb9,0x33,0xcd,

0xe7,0x2a,0x66,0x70,0x15,0x10,0xe5,0xa9,0x4c,0x4c,0x8a,0x1b,0x21,0x29,0x9f,0xfd,0xee,0xc6,

0x3a,0x63,0xd6,0xb8,0x93,0x8d,0x8b,0x4f,0x73,0x3f,0xe3,0x33

};

// 5、 指令 0xdd 请求预会话密钥(PreSK_Request)

//随机密钥RequestKey3

// unsigned char key[]={

0x3a,0x30,0x3a,0x01,0xe9,0x09,0xc3,0x15,0xe1,0x3c,0x8f,0xd1,0x7f,0x96,0x95,0x6f

};

//发送数据,用随机密钥RequestKey3解密后为

005f0000080401e0 20 (LoginToken)00d0e1a01a3fb25d729d158c56e427f3b8aee26fd7fe92a73aa

8e8edddb5b9cc 0020

(PasswdValidStr')779fa088da269125a99eeaac355e2ba63e3c21808b95af9729f6d56582b90640

0014 dd30103a8d878990622b1db4c7c67e98bd12faa2 0064 000000000000000000000000

000000000000000000000000000000000000000000000000000000000000000000000000

000000000000000000000000000000000000000000000000000000000000000000000000

00000000000000000000000000000000

// unsigned char instr[]={

0x8f,0x8a,0x21,0x34,0x03,0x45,0xc2,0xf3,0xa9,0x5d,0x3a,0xfd,0x73,0x9f,0x73,0x67,0x95,0xdc,0x21,

0xda,0xf2,0x3e,0x1b,0x62,0x2b,0x9b,0xf6,0xcb,0x2e,0xa4,0x9a,0x77,0xe9,0xed,0xfa,0x60,0x88,0x52,

0x85,0x6f,0x92,0x17,0x85,0x3f,0xb7,0xed,0x74,0x8c,0xea,0xf3,0x95,0x94,0xa3,0x3f,0xee,0xec,0xd7,

0x12,0xa7,0x14,0x5e,0x73,0x52,0xb3,0xbf,0x5a,0x3e,0xf6,0xc0,0xde,0xef,0x46,0x71,0xe6,0xf4,0x43,

0x47,0x05,0x8b,0xfc,0x02,0xd6,0x81,0x11,0x96,0x06,0x6a,0x23,0x2b,0x70,0x2b,0x0d,0xba,0x09,0xe9,

0x68,0x73,0x95,0xb2,0x1a,0x09,0x29,0xfa,0xf2,0x55,0x4e,0x20,0x6c,0xb9,0x55,0xa5,0x44,0xdb,0x5d,

0xd0,0x5b,0x9b,0xd4,0xb2,0x80,0x13,0x70,0x10,0xf9,0x13,0x0a,0xbe,0x8d,0xf1,0x08,0xbd,0x0a,0x24,

0x34,0x2d,0x99,0xe6,0x15,0xaa,0x76,0x4a,0xde,0x72,0x86,0x5a,0xf9,0x45,0x00,0x21,0x87,0xd9,0x5e,

0x2c,0x16,0x3c,0x8d,0xe4,0xee,0xdd,0x29,0x0c,0xd1,0xc7,0x0d,0x3d,0x09,0xb3,0x24,0x67,0x19,0x8f,

0xa5,0xb3,0xa5,0x4b,0xe1,0x19,0x53,0x38,0xbb,0x22,0x25,0x7a,0x37,0x55,0xab,0x09,0x6f,0xae,0x93,

0x99,0x21,0x04,0xb8,0xa9,0x59,0x5e,0xc1,0x3e,0x86,0x27,0x57,0x7b,0x18,0x75,0x3c,0x97,0xfc,0x8c,

0xa5,0xed,0x55,0x05,0x80,0x05,0x31

};

 

//指令 0xdd 请求预会话密钥,服务器返回数据,解密后为

009700684e0000 0020 eb074a42d036d0c03145d7e2075ee7f0701f47a23cdaf05531cbf97fd013152f 0020

05dbeca28e7b7471751cef7b2e9f96f709e8f9ec4562bbf7f1e63affc9dd2341 0038 (TempToken)9eef45116062d5a6fef4e885bf1469fe30211ff5de5703419d9f389ca94a086045b

9476260346de0eec442d0b5132428bd15ccee941e9110 (TempKey)68374638714b4651617655366234367a

000000000000

unsigned char instr[]={

0x60,0xce,0x4a,0x4a,0x70,0xe6,0x77,0x2d,0xc1,0xf9,0xa6,0xd3,0x22,0x2a,0x54,0x84,0x58,0x7f,0x83,

0xa1,0x75,0x2f,0xac,0x09,0x7d,0x76,0x85,0xc9,0xe7,0x37,0xbb,0xb1,0xe7,0xdc,0x5c,0x3b,0xe6,0x86,

0xc4,0xa7,0xe2,0xc7,0xdf,0x61,0x56,0x62,0x06,0x2d,0xde,0x5e,0x22,0x0b,0x2f,0xfa,0x6e,0x05,0x10,

0xfa,0xba,0x7e,0xe0,0x31,0x3f,0x52,0xa6,0x1c,0x33,0x9e,0x0c,0x78,0xa8,0xc2,0xef,0xeb,0x24,0x2d,

0xd9,0x65,0xfe,0x84,0x67,0xa0,0x55,0xe6,0x95,0xba,0x14,0xfe,0x43,0xc8,0xe6,0x09,0x32,0x43,0xd1,

0xb3,0xb7,0x03,0x47,0x4e,0x23,0x03,0x85,0x28,

0x2f,0x4a,0xee,0xe4,0x1e,0x43,0x32,0x6f,0xf8,0xba,0x47,0x60,0x39,0xa0,0x92,0x72,0x29,0x14,0x17,0x54,0xb1,0x3a,0xe0,0x6d,0xf6,0xb4,

0xf9,0xf1,0x23,0xd2,0x86,0x53,0xc9,0x3a,0x01,0x78,0xbf,0x08,0x3e,0xe4,0x32,0x16,0x58,0xe5,0x2e,0xaa,0x0e,0x9c,0xc8,0x86,0x04,0xc7,

0xe8,0xed,0xea,0x3d,0x6b,0x6a,0x3a,0x4c,0xed,0xdb,0xcb,0x7e

};

// 密钥为M2P = 3fa22c81640aa1e75ad01c38f0f18ce8

// unsigned char key[]={0x3f,0xa2,0x2c,0x81,0x64,0x0a,0xa1,0xe7,0x5a,0xd0,0x1c,0x38,0xf0,0xf1,0x8c,0xe8};

// 6、 指令 0x0022请求传话密钥(SessionKey_Request)

//TempKey

// unsigned char key[]={0x68,0x37,0x46,0x38,0x71,0x4b,0x46,0x51,0x61,0x76,0x55,0x36,0x62,0x34,0x36,0x7a};

//发送数据,解密后为(448字节) 0000 0020

(PasswdValidStr')

779fa088da269125a99eeaac355e2ba63e3c21808b95af9729f6d56582b90640 16052d6262467d645e66657ce3339907

00000000000000000000000000000000000000564ec8fb0a4fefb37a5dd8860face51a19 2800000000000000000000000

0000000000000000000000000004dd959f0bceac2005abbc4fd6f2d016f2000d0e1a01a3fb25d729d158c56e427f3b8aee

26fd7fe92a73aa8e8edddb5b9cc00000006000000000000011101bf4687dc001050d5fe4396dbf48750ad961689ad55a90

00000000000000000000000000000000000000000000000000243412db90010f8a87080348f7bba534133ac3a9b4fba00

c8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

0000000000000000000000

//464字节

// unsigned char instr[]={

0xaf,0x54,0xd5,0x0f,0x20,0xb3,0x84,0x18,0xa9,0xdb,0x12,0xfd,0x97,0xfd,0xcb,0x1b,0x30,0x13,0x22,0x65,0x9c,0xc6,0xfa,

0x09,0x76,0xfc,0x96,0x12,0x72,0xbe,0xdf,0xf1,0x77,0xd4,0x22,0x98,0x1c,0x57,0xb0,0x27,0xba,0x41,0x58,0xbb,0x43,0x47,

0x15,0xcd,0x89,0x8a,0x76,0x15,0x3e,0xe2,0x92,0x05,0x93,0x34,0x2d,0x31,0x13,0x5d,0x36,0x2f,0x00,0x69,0x4b,0xc1,

0xbb,0xc4,0xc2,0x8c,0xdc,0xae,0x4e,0x6a,0x4e,0xaa,0x33,0xcd,0x80,0x63,0x51,0x70,0x47,0x77,0x2e,0x76,0x7d,0x26,

0xdb,0xd8,0x65,0x96,0x6f,0xfc,0xd5,0x4e,0x16,0x52,0x99,0xc2,0xa6,0x8d,0x23,0x5d,0x87,0xb3,0x68,0x52,0xd2,0xd3,

0x4d,0xa4,0x7c,0x19,0xd0,0x86,0x54,0x4a,0xcd,0xee,0xd0,0xf3,0x36,0x65,0x05,0x17,0xbf,0xd7,0xb2,0x54,0x67,0xa9,

0x2b,0xcf,0xc2,0x9a,0xbd,0x4e,0x28,0x6f,0xfc,0x26,0xb9,0x8d,0x95,0x75,0x7c,0x2f,0xbb,0xf3,0x37,0xba,0x70,0xb7,0x36,

0x91,0xae,0x5f,0x5f,0x26,0xcd,0x97,0x5f,0x24,0x89,0x75,0xf5,0x6d,0xce,0x91,0xde,0xd7,0x9c,0xf0,0xa5,0xd5,0x23,0xf9,

0xa5,0xc5,0xba,0x9f,0x08,0x1f,0x19,0xb9,0xfd,0x9f,0x55,0x14,0x4c,0xff,0xbd,0x98,0x14,0x11,0x01,0x9a,0x45,0x5d,0x4d,

0xb8,0xf8,0xd4,0x3d,0x54,0x7d,0x43,0xdf,0x88,0x54,0xcb,0xa4,0x05,0xeb,0x9f,0x6a,0x6c,0x70,0xa6,0x43,0x60,0xc0,0x2b,

0x5e,0x36,0x4d,0xa9,0x09,0x78,0x1f,0x3a,0xdc,0x93,0x5f,0x2e,0x22,0xe1,0x1c,0xaa,0x82,0xce,0xa8,0x1c,0x9b,0xbd,0xfe,

0x24,0xf3,0xe3,0xf9,0x87,0x0b,0xe7,0x05,0xbe,0x3a,0x9e,0xf7,0xc1,0x79,0xd4,0x21,0x2c,0x2e,0x6f,0xd9,0x6f,0x8f,0x26,

0xa5,0x4e,0x2d,0x9c,0x3d,0x3b,0x24,0xfa,0x60,0x8f,0x55,0xc8,0xbe,0x8d,0x15,0xaa,0x6d,0xd6,0x9e,0xfc,0x4c,0x81,0x8c,

0xee,0x48,0x16,0x1f,0x60,0xc6,0x62,0xe9,0xf6,0x14,0xc1,0xb3,0xd7,0xa6,0xa8,0xdd,0xb0,0xd5,0x9e,0x98,0xf7,0x52,0x2a,

0x10,0xd1,0xcc,0x2e,0x28,0x61,0x53,0x66,0x58,0x5d,0xff,0x1c,0x5f,0x16,0xdf,0x31,0x4c,0x27,0x0e,0xcd,0x32,0x97,0x15,

0xef,0x98,0xf5,0x90,0x01,0x93,0x58,0x6a,0x4c,0x27,0x51,0x0b,0xb7,0x0a,0x08,0xd0,0xd5,0xa6,0x1d,0x08,0xaa,0x70,0xb3,

0x12,0x22,0x62,0xf0,0xda,0x63,0xaf,0x00,0x9c,0x1a,0xb3,0x75,0xf1,0xf7,0x40,0xf8,0xe3,0x56,0xbc,0x9d,0xb5,0x0b,0xa9,

0x1d,0x66,0x07,0x89,0x8e,0x87,0xc3,0x2a,0xd7,0xee,0x15,0xdd,0x10,0x1f,0x5f,0x6a,0xee,0x32,0xdb,0x88,0xd6,0x07,0x68,

0x88,0xb6,0xf8,0xa7,0x9e,0x7f,0xa4,0x2d,0x4a,0x1c,0x35,0x56,0xb1,0xbd,0xd7,0x9f,0xc0,0xef,0xc8,0x66,0x64,0x36,0xf1,

0x4f,0xc2,0x44,0xcf,0x1b,0xe5,0x33,0xf7,0x13,0x73,0x20,0xc2,0x2a,0x54,0xd0,0xfa,0x1e,0x9d,0x97,0x30,0xe4,0xa8,0x9c,

0x4a,0xcb,0xd2,0x7c,0xe4,0xd2,0xc1,0x10

};

 

//指令 0x0022请求传话密钥,服务器返回数据,解密后为(280字节)

00

(SessionKey)6b7a375a766759334e7a326954475141

(QQ号)09ac1e6b

(cIP)7d55422b

(cPort:)5228

(127.0.0.1)7f000001

(cPort:8000)1f40

491809dd 030a684e0000465824b72e8fd702ce7f76ce3429e415f66d720f754914f73d8dc2cf1f40da558a45

(cPort)1f4000814240008000003ab65aa3e9568a8b99e0f354ab9492a49454c744164d52bbca8a6df3f336fb130000000100

00000000000040f8bb97354918091d49017fe04915c077000a000a0100000e1001148ffe4fbbb663c769c3c0000000000000

00000000080204080808080804020028dd638dd1ca48a6d201a2f5b66836f2460138b05b1b47f0c2c203624796ef046cf34d

9c37e3228f4c0030c613c8fafe981ce4f0eac3c8cec82e24f898dfdd36823b86de7f73961dcb260229e70dc8f7fe376b76b1f45eccbf14fb

// 密钥为M2P = 3fa22c81640aa1e75ad01c38f0f18ce8

unsigned char key[]={0x3f,0xa2,0x2c,0x81,0x64,0x0a,0xa1,0xe7,0x5a,0xd0,0x1c,0x38,0xf0,0xf1,0x8c,0xe8};

//298字节

unsigned char instr[]=

{

0x9b,0x57,0x9f,0xc3,0x23,0xa0,0xba,0x9f,0x54,0x16,0x91,0xb9,0x81,0x58,0xd7,0x88,0x41,0xd4,0x1b,0x67,0x81,0x7f,

0x40,0x67,0x46,0x3d,0x08,0x09,0x72,0x29,0x71,0x4c,0x6c,0x25,0xcf,0x40,0x83,0x5f,0x88,0x7f,0x70,0x72,0xe5,0xf4,

0x57,0xeb,0xb7,0x6e,0x18,0xe1,0x84,0xfc,0xcf,0xa9,0x8d,0x71,0x37,0x62,0x01,0x1a,0x4c,0x05,0x64,0x70,0xe1,0xcb,

0xb5,0xc2,0x5c,0x9a,0x8d,0x26,0x2c,0xc7,0x66,0x67,0x9b,0xba,0x96,0xc0,0x1d,0x3b,0x55,0x83,0xb5,0x48,0x3d,0x8f,

0xdf,0xb1,0xa4,0x2d,0x77,0xc1,0x37,0xc9,0xd1,0x93,0xf3,0x0e,0x6f,0x6a,0x24,0x01,0xeb,0x12,0x8b,0xab,0xdd,0x0b,

0x04,0xc8,0x69,0x76,0x76,0x4b,0xe8,0xc7,0x31,0xfd,0x9d,0xea,0xe3,0x4e,0x29,0x36,0xbf,0x2b,0x71,0x3b,0x27,0x3c,

0x28,0xf2,0xe6,0x4c,0x7a,0xa5,0x63,0x07,0x39,0x98,0xda,0xe3,0x3b,0xea,0x88,0x54,0xae,0xf0,0xe7,0x3b,0x66,0x52,

0xc1,0x87,0xeb,0x26,0xda,0xfe,0x50,0x19,0x37,0xcc,0x9c,0x6a,0xf6,0x46,0x83,0xd9,0x59,0x67,0xa3,0x27,0xd7,0x4c,

0x20,0x50,0xba,0x7c,0x0a,0x87,0x47,0x08,0xd8,0xe5,0x3c,0x8c,0xff,0x29,0xa9,0xcd,0xde,0x5d,0xa4,0xb5,0xd5,0xcc,

0x5f,0x66,0x1b,0xde,0x91,0xab,0x6f,0x0d,0xd7,0x8a,0xb5,0xcc,0x32,0x9e,0xfa,0x71,0x89,0x0b,0x25,0x83,0xb7,0x5e,

0x15,0xc9,0xb0,0xd1,0x56,0x19,0x74,0x93,0xe8,0x6a,0x16,0xcb,0x85,0x2e,0xfc,0x5c,0x3c,0xc5,0x2d,0xbd,0x35,0xa9,

0x74,0x9f,0x18,0x7d,0xd7,0xd7,0x24,0xd3,0x29,0xb0,0x49,0x79,0x69,0xda,0x6e,0xc3,0x37,0xfd,0x33,0x12,0xb7,0x37,

0xfb,0x0d,0xa8,0x35,0xda,0x85,0x24,0xb4,0x7e,0x07,0xb5,0xd9,0x05,0xa6,0x73,0xb4,0x28,0x2a,0x48,0xef,0x1f,0xd1,

0x78,0x2b,0x83,0x9e,0x83,0x04,0xcd,0x0a,0x4b,0x6f

};

 

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值