[移动开发] 【Unidbg】海南航空hnairsign算法逆向

开发: C++知识库 Java知识库 JavaScript Python PHP知识库人工智能区块链大数据移动开发嵌入式开发工具数据结构与算法开发测试游戏开发网络协议系统运维
教程: HTML教程 CSS教程 JavaScript教程 Go语言教程 JQuery教程 VUE教程 VUE3教程 Bootstrap教程 SQL数据库教程 C语言教程 C++教程 Java教程 Python教程 Python3教程 C#教程
数码: 电脑笔记本显卡显示器固态硬盘硬盘耳机手机 iphone vivo oppo 小米华为单反装机图拉丁

-> 移动开发 -> 【Unidbg】海南航空hnairsign算法逆向 -> 正文阅读

[移动开发]【Unidbg】海南航空hnairsign算法逆向

作者:https://csdnimg.cn/release/blogv2/dist/components/js/pc_wap_commontools-5e28c4e010.min.js

寻深圳逆向/爬虫坑位 , wx:cjh-18888

很简单，没难度. 直接上代码了.

package com.rytong.hnair;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.github.unidbg.AndroidEmulator;
import com.github.unidbg.Module;
import com.github.unidbg.arm.backend.DynarmicFactory;
import com.github.unidbg.linux.android.AndroidEmulatorBuilder;
import com.github.unidbg.linux.android.AndroidResolver;
import com.github.unidbg.linux.android.dvm.*;
import com.github.unidbg.linux.android.dvm.jni.ProxyDvmObject;
import com.github.unidbg.memory.Memory;
import sun.misc.BASE64Decoder;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.List;


public class HNASignature extends AbstractJni {
    private final AndroidEmulator emulator;
    private final Module module;
    private final VM vm;
    public HNASignature() {
        emulator = AndroidEmulatorBuilder.for32Bit()
                .addBackendFactory(new DynarmicFactory(true))
                .build();
        Memory memory = emulator.getMemory();
        memory.setLibraryResolver(new AndroidResolver(23));
        vm = emulator.createDalvikVM(new File("G:\\code\\java\\unidbg-master\\unidbg-android\\src\\test\\java\\com\\com\\rytong\\hnair\\base.apk"));
        vm.setJni(this);
        vm.setVerbose(false);
        DalvikModule dm = vm.loadLibrary(new File("G:\\code\\java\\unidbg-master\\unidbg-android\\src\\test\\java\\com\\com\\rytong\\hnair\\libsignature.so"), false);

        module = dm.getModule();
        dm.callJNI_OnLoad(emulator);
    }

    public void callSign(String encryptData){
        List<Object> list = new ArrayList<>(7);
        list.add(vm.getJNIEnv());
        list.add(0);
        String str1 = "{}";
        list.add(vm.addLocalObject(new StringObject(vm,str1)));
        String str2 = "{}";
        list.add(vm.addLocalObject(new StringObject(vm,str2)));
        list.add(vm.addLocalObject(new StringObject(vm,encryptData)));
        String str4 = "21047C596EAD45209346AE29F0350491";
        list.add(vm.addLocalObject(new StringObject(vm,str4)));
        String str5 = "F6B15ABD66F91951036C955CB25B069F";
        list.add(vm.addLocalObject(new StringObject(vm,str5)));

        Number number = module.callFunction(emulator,0xA49C+1,list.toArray())[0];
        DvmObject result = vm.getObject(number.intValue());
        String value = (String) result.getValue();
        System.out.println("result ->"  + value.split(">>")[0]);

    }



    public static void main(String[] args) throws IOException {
        HNASignature hnsign = new HNASignature();
        String encryptData = "{\"akey\":\"184C5F04D8BE43DCBD2EE3ABC928F616\",\"aname\":\"com.rytong.hnair\",\"atarget\":\"standard\",\"aver\":\"8.14.2\",\"did\":\"cdb090d2dd80442c\",\"dname\":\"Google_Pixel 3\",\"mchannel\":\"official\",\"schannel\":\"AD\",\"slang\":\"zh-CN\",\"sname\":\"google\\/blueline\\/blueline:9\\/PQ2A.190405.003\\/5310204:user\\/release-keys\",\"stime\":\"1650656867061\",\"sver\":\"9\",\"system\":\"AD\",\"szone\":\"-0500\",\"abuild\":\"62316\",\"riskToken\":\"62625d336v5NyL6OaDct0Fv0PVM5Yq5I1fFN6RJ3\",\"captchaToken\":\"\",\"hver\":\"8.14.2.23509.4f05a2e32.standard\",\"number\":\"13544221111\",\"pin\":\"F\\/rIccwe6CkRrHDXyr8Z4kjvfUQ932Co0XHIK6yyj74SHG9dla3S4GQlpSO7hWlh0HYgNLpdeCqL\\n\\/Wh7i6X5vr3Fs5w\\/qV8yjutwGo4IntwMx6\\/IDtQlbcX4iQ+R4lsPSASZAbbu8SRhX08YiCXZoLzI\\nVBpTjsQ+dU9A78O3HxE=\\n\",\"toSave\":true}";
        System.out.println(encryptData);
        hnsign.callSign(encryptData);

    }


}