当前位置:网站首页>米斗APP逆向分析
米斗APP逆向分析
2022-08-09 09:19:00 【Codeooo】
- 该app难点就是个360数字壳 : com.touchtv.midou
直接脱壳处理,脱完壳分析dex:
package com.touchtv.internetSDK.network;
hashMap.put("X-ITOUCHTV-Ca-Timestamp", currentTimeMillis + "");
if (str2 == null) {
str4 = str3 + "\n" + str + "\n" + currentTimeMillis + "\n";
} else if (!"".equals(str2)) {
MessageDigest instance = MessageDigest.getInstance("MD5");
str4 = str3 + "\n" + str + "\n" + currentTimeMillis + "\n" + new String(Base64.encodeBase64(instance.digest(str2.getBytes())));
} else {
str4 = str3 + "\n" + str + "\n" + currentTimeMillis + "\n";
}
hashMap.put("X-ITOUCHTV-Ca-Signature", r(str, str4));
时间戳 ,md5 ,64se64 , 还有请求的url ,参数等做了一些操作。
我们重点看下:"X-ITOUCHTV-Ca-Signature“
走了一个r方法:
=======判断x(str)
private static boolean x(String str) {
return str.contains("/baoliaoservice");
}
其除了请求中/baoliaoservice,则秘钥为:bArr = b.c().getBytes();
其余秘钥都为: bArr = b.h().getBytes();
b是导入的:import i.s.b.a.b;、
=============先去找b.c:
public static String b() {
return new String(Base64.decodeBase64("MDE3MzMyMjk5MzU5OTA0NDEwMTY1MjQ4NTc3NDYzNzI=".getBytes()));
}
==============再去找b.h
package i.s.b.a;
import android.text.TextUtils;
import com.touchtv.internetSDK.Environment;
import com.touchtv.internetSDK.TouchtvInternet;
import com.touchtv.internetSDK.network.a;
import org.apache.commons.codec.binary.Base64;
public class b {
public static String a() {
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_QUZHI.value())) {
return f();
}
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_QUJIAN.value())) {
return d();
}
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_TOUCHTV.value())) {
return i();
}
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_MIDOU.value())) {
return b();
}
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_GDSPORT.value())) {
return "";
}
TouchtvInternet.getInstance().getConfig().a().equals(a.ID_COUNTY.value());
return "";
}
public static String b() {
return new String(Base64.decodeBase64("MDE3MzMyMjk5MzU5OTA0NDEwMTY1MjQ4NTc3NDYzNzI=".getBytes()));
}
public static String c() {
return new String(Base64.decodeBase64("T3NpbGdJMFZ6RmNBNGl4MVh4OGNwYU1XM1BWUE9tN1BaWkhMYm1FSjNqUUM5cGs4VTc1T09PdU9NeW14WEtpdA==".getBytes()));
}
public static String d() {
return f();
}
private static String e() {
return g();
}
public static String f() {
return new String(Base64.decodeBase64((TouchtvInternet.getInstance().getConfig().b() == Environment.TEST ? "wNzg0Mzg0ODk4MDc5ODc5MTQ3NDU0Nzk4NzA5NTY0MDY=" : "wNzc1NDMyMjA3NDIxMjM2MzQ0NzA1OTA0MDQwNDMyNzI=").substring(1).getBytes()));
}
private static String g() {
String str = TouchtvInternet.getInstance().getConfig().b() == Environment.TEST ? "kajY3TTBXN2hBbWtDNTFORHYyTTVxWmZpRVE5QnhOaFVaTjhpaDJ4QVRSaTNmUnBKZmE0Y3hUbVdBbnlUaUkwVg==" : "hdjU3eEp4NkJxdWVGOGNPekxVZURGVXd5WWd0M1dDZEFUQWhndks3aGtpeVZGY3lybEF4ZGJUejVNaTVpbFVyUw==";
if (TextUtils.isEmpty(str)) {
return "";
}
return new String(Base64.decodeBase64(str.substring(1, str.length()).getBytes()));
}
public static String h() {
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_QUZHI.value())) {
return g();
}
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_QUJIAN.value())) {
return e();
}
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_TOUCHTV.value())) {
return j();
}
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_MIDOU.value())) {
return c();
}
if (TouchtvInternet.getInstance().getConfig().a().equals(a.ID_GDSPORT.value())) {
return "";
}
TouchtvInternet.getInstance().getConfig().a().equals(a.ID_COUNTY.value());
return "";
}
public static String i() {
return new String(Base64.decodeBase64("MDQwMzkzNjg2NTM1NTQ4NjQxOTQ5MTA2OTEzODk5MjQ=".getBytes()));
}
public static String j() {
return new String(Base64.decodeBase64("cW1pSGVCOWJLZ293SHF4UnYwcHJjMmNQTjJFd1hMMUhPWXUzRFBpWUNjYVl4eXhkRkl5VDVtQWZCbXIwVUtQTw==".getBytes()));
}
}
没啥东西,自己捋一下就都出来了。。。。。。
边栏推荐
猜你喜欢
随机推荐
软件测试面试中,面试官问你一些比较“刁难”的问题你会怎么回答
MySQL Leak Detection and Filling (3) Calculated Fields
Web请求原理
数据治理(四):数据仓库数据质量管理
本体开发日记05-努力理解SWRL(中)
MySQL indexes
Difference: char* and char[]
MySQL查漏补缺(三) 计算字段
on duplicate key update
C语言单、双引号的区别
营养与健康(HIT2021秋)
本体开发日记03-排错进行时
Swap swap partition
div模拟textarea文本框,输入文字高度自适应,且实现字数统计和限制
软件测试面试思路技巧和方法分享,学到就是赚到
Domestic with Google earth software, see the download 19th level high-resolution satellite images so easy!
AES/ECB/PKCS5Padding加解密
接口测试的基础流程和用例设计方法你知道吗?
教你如何免费获取0.1米高精度卫星地图
使用Protege4和CO-ODE工具构建OWL本体的实用指南-1.3版本(7.4 Annotation Properties-注释属性)