当前位置:网站首页>米斗APP逆向分析

米斗APP逆向分析

2022-08-09 09:19:00 Codeooo

  1. 该app难点就是个360数字壳 : com.touchtv.midou
    在这里插入图片描述

直接脱壳处理,脱完壳分析dex:

package com.touchtv.internetSDK.network;
在这里插入图片描述

            hashMap.put("X-ITOUCHTV-Ca-Timestamp", currentTimeMillis + "");
            if (str2 == null) {
    
                str4 = str3 + "\n" + str + "\n" + currentTimeMillis + "\n";
            } else if (!"".equals(str2)) {
    
                MessageDigest instance = MessageDigest.getInstance("MD5");
                str4 = str3 + "\n" + str + "\n" + currentTimeMillis + "\n" + new String(Base64.encodeBase64(instance.digest(str2.getBytes())));
            } else {
    
                str4 = str3 + "\n" + str + "\n" + currentTimeMillis + "\n";
            }
            hashMap.put("X-ITOUCHTV-Ca-Signature", r(str, str4));

时间戳 ,md5 ,64se64 , 还有请求的url ,参数等做了一些操作。

我们重点看下:"X-ITOUCHTV-Ca-Signature“

在这里插入图片描述

走了一个r方法:
=======判断x(str)

private static boolean x(String str) {
    
    return str.contains("/baoliaoservice");
}

其除了请求中/baoliaoservice,则秘钥为:bArr = b.c().getBytes();
其余秘钥都为: bArr = b.h().getBytes();
b是导入的:import i.s.b.a.b;、

=============先去找b.c:

在这里插入图片描述

public static String b() {
    
    return new String(Base64.decodeBase64("MDE3MzMyMjk5MzU5OTA0NDEwMTY1MjQ4NTc3NDYzNzI=".getBytes()));
}

==============再去找b.h

在这里插入图片描述

package i.s.b.a;

import android.text.TextUtils;
import com.touchtv.internetSDK.Environment;
import com.touchtv.internetSDK.TouchtvInternet;
import com.touchtv.internetSDK.network.a;
import org.apache.commons.codec.binary.Base64;

public class b {
    
    public static String a() {
    
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_QUZHI.value())) {
    
            return f();
        }
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_QUJIAN.value())) {
    
            return d();
        }
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_TOUCHTV.value())) {
    
            return i();
        }
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_MIDOU.value())) {
    
            return b();
        }
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_GDSPORT.value())) {
    
            return "";
        }
        TouchtvInternet.getInstance().getConfig().a().equals(a.ID_COUNTY.value());
        return "";
    }

    public static String b() {
    
        return new String(Base64.decodeBase64("MDE3MzMyMjk5MzU5OTA0NDEwMTY1MjQ4NTc3NDYzNzI=".getBytes()));
    }

    public static String c() {
    
        return new String(Base64.decodeBase64("T3NpbGdJMFZ6RmNBNGl4MVh4OGNwYU1XM1BWUE9tN1BaWkhMYm1FSjNqUUM5cGs4VTc1T09PdU9NeW14WEtpdA==".getBytes()));
    }

    public static String d() {
    
        return f();
    }

    private static String e() {
    
        return g();
    }

    public static String f() {
    
        return new String(Base64.decodeBase64((TouchtvInternet.getInstance().getConfig().b() == Environment.TEST ? "wNzg0Mzg0ODk4MDc5ODc5MTQ3NDU0Nzk4NzA5NTY0MDY=" : "wNzc1NDMyMjA3NDIxMjM2MzQ0NzA1OTA0MDQwNDMyNzI=").substring(1).getBytes()));
    }

    private static String g() {
    
        String str = TouchtvInternet.getInstance().getConfig().b() == Environment.TEST ? "kajY3TTBXN2hBbWtDNTFORHYyTTVxWmZpRVE5QnhOaFVaTjhpaDJ4QVRSaTNmUnBKZmE0Y3hUbVdBbnlUaUkwVg==" : "hdjU3eEp4NkJxdWVGOGNPekxVZURGVXd5WWd0M1dDZEFUQWhndks3aGtpeVZGY3lybEF4ZGJUejVNaTVpbFVyUw==";
        if (TextUtils.isEmpty(str)) {
    
            return "";
        }
        return new String(Base64.decodeBase64(str.substring(1, str.length()).getBytes()));
    }

    public static String h() {
    
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_QUZHI.value())) {
    
            return g();
        }
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_QUJIAN.value())) {
    
            return e();
        }
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_TOUCHTV.value())) {
    
            return j();
        }
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_MIDOU.value())) {
    
            return c();
        }
        if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_GDSPORT.value())) {
    
            return "";
        }
        TouchtvInternet.getInstance().getConfig().a().equals(a.ID_COUNTY.value());
        return "";
    }

    public static String i() {
    
        return new String(Base64.decodeBase64("MDQwMzkzNjg2NTM1NTQ4NjQxOTQ5MTA2OTEzODk5MjQ=".getBytes()));
    }

    public static String j() {
    
        return new String(Base64.decodeBase64("cW1pSGVCOWJLZ293SHF4UnYwcHJjMmNQTjJFd1hMMUhPWXUzRFBpWUNjYVl4eXhkRkl5VDVtQWZCbXIwVUtQTw==".getBytes()));
    }
}

没啥东西,自己捋一下就都出来了。。。。。。

原网站

版权声明
本文为[Codeooo]所创,转载请带上原文链接,感谢
https://codeooo.blog.csdn.net/article/details/124725944

边栏推荐

猜你喜欢

随机推荐