某生鲜超市加密参数paramsMD5还原

最新推荐文章于 2023-01-14 10:15:00 发布

༒࿈十三༙྇࿈༒

最新推荐文章于 2023-01-14 10:15:00 发布

阅读量467

点赞数 2

分类专栏： Android逆向文章标签： http 安全 https

本文链接：https://blog.csdn.net/weixin_45171937/article/details/124744025

版权

Android逆向专栏收录该内容

10 篇文章 0 订阅

订阅专栏

APP相关信息

版本：1.5.4
包名：Y29tLmZlaW5pdS5hY3RvZ28=

抓包分析

在这里插入图片描述

加密参数

data	{"addrId":"","apiVersion":"ao1.45","appVersion":"1.5.4","body":{"cp_seq":"CC1000000013","gcSeq":"CC1000000013","goodsType":0,"level":2,"one_page_size":10,"page_start_end":"start","parentSiseq":"","si_seq":"C1159827","store_id":"2701","type":21},"businessId":"27010001","channel":"YingYongBao","deliveryCircleType":"2","deviceId":"cde8a99e5f2694d5-a99e-cde8-94d5-5f26","httpsEnable":1,"isSimulator":false,"networkType":"WIFI","osType":1,"reRule":"3","scopeType":1,"source":"yx","time":"20220513015751","token":"75cc5792d86d0cd1c28e686236346965","viewSize":"1080x2029"}
paramsMD5	UEmVDT1+ZQ8w139mcwLwLU5fQjxCp+17JU6DsD/4luk=

壳处理

在这里插入图片描述
脱完壳以后

加密定位

在这里插入图片描述

追进k方法看看

hook一下这个函数瞧瞧

加密定位到这里我们就找到了！！！！
继续跟进找核心加密方法

可以看到就用了sha256然后base64

python翻译加密

import hashlib
import json, base64, hmac

data = {"addrId": "", "apiVersion": "ao1.45", "appVersion": "1.5.4",
        "body": {"cp_seq": "CC1000000013", "gcSeq": "CC1000000013", "goodsType": 0, "level": 2, "one_page_size": 10,
                 "page_start_end": "start", "parentSiseq": "", "si_seq": "C1159827", "store_id": "2701", "type": 21},
        "businessId": "27010001", "channel": "YingYongBao", "deliveryCircleType": "2",
        "deviceId": "cde8a99e5f2694d5-a99e-cde8-94d5-5f26", "httpsEnable": 1, "isSimulator": False,
        "networkType": "WIFI", "osType": 1, "reRule": "3", "scopeType": 1, "source": "yx", "time": "20220513015751",
        "token": "75cc5792d86d0cd1c28e686236346965", "viewSize": "1080x2029"}
dataStr = json.dumps(data, ensure_ascii=False)
isSimulator = False
dataStr = dataStr + (str(isSimulator).lower() + data['viewSize'] + data['networkType'] + data['time'])
data = dataStr.replace(" ", "").encode('utf-8')
appsecret = "@456yx#*^&HrUU99".encode('utf-8')
signature = base64.b64encode(hmac.new(appsecret, data, digestmod=hashlib.sha256).digest())
print(signature.decode())

运行结果
在这里插入图片描述
对比上述抓包结果，发现一模一样

最后补一下hook脚本吧

function FMRequestk() {
    console.log('FMRequestk HOOK Start!!!');
    var Des3Encrypt = Java.use("com.rt.market.fresh.application.FMRequest");
    console.log(Des3Encrypt);
    Des3Encrypt.k.implementation = function (args1) {
        console.log("Encrypt args1:",args1);
        var result1 = this.k(args1);
        console.log("Des3Encrypt.encode result1==>", result1);
        return result1;
    };
};
// com.rt.market.fresh.application.FMEnvironment
function FMEnvironmenth() {
    console.log('FMEnvironmenth HOOK Start!!!');
    var Des3Encrypt = Java.use("com.rt.market.fresh.application.FMEnvironment");
    console.log(Des3Encrypt);
    Des3Encrypt.h.implementation = function () {
        var result1 = this.h();
        console.log("Des3Encrypt.encode result1==>", result1);
        return result1;
    };
};

Java.perform(function() {
    // FMRequestk();
    FMEnvironmenth();
});

༒࿈十三༙྇࿈༒

关注

2
点赞
踩
1

收藏

觉得还不错? 一键收藏
打赏
0
评论
某生鲜超市加密参数paramsMD5还原

APP相关信息版本：1.5.4包名：Y29tLmZlaW5pdS5hY3RvZ28=抓包分析加密参数data {"addrId":"","apiVersion":"ao1.45","appVersion":"1.5.4","body":{"cp_seq":"CC1000000013","gcSeq":"CC1000000013","goodsType":0,"level":2,"one_page_size":10,"page_start_end":"start","parentSiseq":""
复制链接

扫一扫