记一次破解app过程

发表于 | 分类于

一般情况下我用fidder 或charles轻松抓包,但是今天偶然碰到一款app就像抓包玩玩,没想到这货竟然加入了防止抓包的代码,无奈之下开始入坑….

安装VirtualXposed

Xposed 需要root,考虑到root不安全,选择了VirtualXpose

地址: https://github.com/android-hacker/VirtualXposed

Inspeckage

xposed安装Inspeckage模块

地址: https://github.com/ac-pm/Inspeckage

运行Inspeckage分析

手机启动:默认监听8008端口,打开网页分析

avatar

从左往右分别是: 加密秘钥,加密方式,加密类型,加密向量iv,机密后的数据

在线调试

不用着急写代码,调试看看是不是…

在线加解密网址:http://www.seacha.com/tools/aes.html

把调试的参数填入其中看是否反向解密出接口数据

avatar

php实现加解密方式

这里我用的phpseclib/phpseclib

网址: http://phpseclib.sourceforge.net/crypt/2.0/examples.html

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
<?php
require __DIR__ . '/vendor/autoload.php';

use phpseclib\Crypt\AES;

$cipher = new AES(); // could use AES::MODE_CBC
// keys are null-padded to the closest valid size
// longer than the longest key and it's truncated
$cipher->setKeyLength(128);
$cipher->setKey('0123456789xxlive');
// the IV defaults to all-NULLs if not explicitly defined
$cipher->setIV('1234567890xxlive');

echo $cipher->decrypt(base64_decode('UhmAOV38+mf+FFsl70DjNWW8IQLCJmXgvUKm5Wll+e4ho
I2f70irsT1MVnA6K5UCSoZTo9H4fdkIZy3axFAM9n43wyxLShFdEh9pQo7/sD7XxJNlEL8jF5CJo/BNscWAytz81TC8HJdpSm8PwiGeloRukVg6Dd+xzoVqHBfq8bZeTAZDxLbJNgKz9hwvYngwjvug9mbXHdpXZH0SOEEFatZH/RWvKKxNI1Cf4VWJLz6ysd/Kfji1K/hQCsSzZO832nGqzpZvjJCpw2chilo8QOsENSF5QTVo5SqkoU/Ask4AYPGft6HlgUzn/9RbDW1lZmSrRGRmIMeg09BNTKLMnTN4Yzo7/s6OQDOGQ37qEXPmyE2jDQcWTJF6fIYeEJ3uSVYUTsNDyefaozOtpsx+B4qs3xco1x59N1b0Jc0TeYjzdvTOJAif+TS6OV06cCNdSqetXgUoVUi2QwyXGk3hj3nwbUd+/AL8XOE78x7GkrDA4hC3GOB5LbOZwyaoiq8m3F8vU6Hsh2vlmQbnx0TlslgPKnPDMyTWREDvQ9IqFb74CsRQqfB1SwE1XwgUEl2zjf48vjkK/R3TEFQCp37kNS48GHTljj9h4oLnHYW3LJ9NWYhijYeMskBIFHaO1JoSP2wBBbOS3w1t7ZhN/xmAzJzGEwZig35Xkgko9InnkivYEgzqIbwl48KwI08LUAx4tpIvx8ntUdkA9McQ3uyFeIvRgWvUhm1/SPUeY1W+bm4RYV8koCrdlvAyeSiKY0wtN2d/blEUoO5OfCCRxjbcmj2ugqp71yXzhiUeG7zgF2VRmdz03gNE8WhybjicNLVDNfZL5qjdN6GQpJjD4bOVZMnsm0hK5lErv9QrwypDTCr+03DtuwaEVOFsSglW9zZmYoJ8BNLH42CWKBX/AOb9H1P1Jv1lsIDFKfH2szqJ6F6xzjzuITVrgSuMEZ9lWRQ27ZTEaf3s2ZtkwXIHAamBIFzGxEoxlNIPEMs8pWbuLSqxmTdeF0zE12TPUuPBddOUKUMW/6cbnIYzkN3hGfhFw2aCs/CcpsHmbpfmu9dV56zMEwlCD/rQOBz4G4dMkh7xLXYgcp8x4ypggyT6YO2rtJbSB51vm5imLDLv5CDJ5PwBcAzJu/e5yqvb/MwmaDLfBRS7dqFW2wNtqv/1NofF1Sqgx+Ju6eo/GSBYZYto/wnkSTY1N0x/OP57RtjpttllW8xdGSeiXyDSZSpT13mrionWn7zNPAB0sZosQPI2h1smfFOjjAfkdk1wWiAxbM+eCJahuVG4yMaoGz3SfeMFQ6bqk59L3blzjecOXLUDNIIo3cUo0+/z1zwNXVVTFkHv04CwOgweLyJBkKphmUWoqKEpc9/JirMtej+cM7oAj2wLVmQD2mpSAXYaJGWTVT748ARLwXYFAYWIZMQ7autMIqusVwdDRKhKZuF5Dz+kQWGE6y4No2j2qXanjebl333Xf8yJ1RoiMkrXHg9qucQS4xTeoqm7r7oeRHAULd9FQBQSS+dbRss5QCZxUVdbeofyHU5hZ7riYQaM4aAcohjY7KpOLVqloOs4snWisTQO3HyUlIzbsgcbET5k/NfiMz1fV9x6reyWvV2RUTXI/xopmNZwn+H2JofHxhhTjXHwVgoiy4Q6JBqQbfC9vXpzfVp4RT29FU6/sdnM/dAK8iNzFAtFfVXR1sIF0yW6qPuEWnxlqNFYNB/Mgbq2vctcvQglMio49JfN287aWvzCJv2XxLDRwR9+/R2LEjc6rMe50u6OYhiU/5QlCizydCPL68KMnyozHDAOrDD3fcZKEW4XFjyHHZN1rSmo4TwgIXQ5LolnKnfqJOrCAWQIywsdecvCpQ1rs3E5K3QpDTO9Kn9HzuGQPMHRjDPrcljTO0+xQ0XpCosbVMgru6hwL5Ej4vn+WYE2raEWjqwCvNg54heMoFe3OKP3r/RqKHMF5EHHFxAHZpSfOfsfLPedGH2VeDz0clYVHPEdDOLNfr1/HFSdjkoipTS2wsR8K3CQcX4XPA3YrRnbympGDuO4gwT/Mjh4FArQD1EqFHjrZO9Ojk3s2mk/hBDKbnOPpru/daD/3HARYBaC+BLinZ7H3sCRDBIRa6Ls6D0Pyrpu9hh1n48i1VAxCeNiTPgw+q8yW3JdMZtWleWX7xVwkRwi8X2wN1sOaAMmTr29EREZ04/sEQfkuRUOiJvpT7xRDCcYnrcSrReOdKSb2ufiCtTscn9fFCFg/Hx3QIF2saJR5jrBnssr0cJd0PMOW2ePdMVEfWK8PdIemcqf0Fu36clY6xj4/o54ZyM983zRsRhiwkbpZ/x3LtE0KTVmX/yMP0zmDPoh+F+VA/v6M4Fc3O0G8hJCGXiIZpfYWBD52fAUgvZ4tUdmbdpdHBk6HOp+AFXeEFCTR1PFDSSjpSxTkKoFeWcgo3pst7kTCvv2koRTNHY/WvgqFG2J0E1zBZopsz7iNsaO2f2sWYR/St4DxM83ICtPA6I0TU3OVT7ccA9JBBE1UBobgsIbaIhnT8ihUf1BHJZ8kY7stHjJI3hR63MKwHEbq0dJT8AIJMn+orK6vOOvAKCB7AkjeoShlmTRasZtoA8KOo/ubhItcCbusvWY/MCF4SW4lCRlozhTJRphHm6+ee5gJ3Xmonj7kBVY41wPvpOkkhYr1rI7FpjTphMcxefNvgnotOP9cBheece8K1yKX4sJ5YTbj95WmZBjflUJUf5+7stwMwru/BKVN7lks1dKV7dzuxzCtSxc2ZY6pU7/PYR85Dqt84aMsNR2Mx4b2kH6tUuZVDIkTFvJzzvjAO+W2MolnbLM6dALo9rF898KjGqG+I5xUkkCmZhk+XRTF6HQH3O7xMaPqhSam0MFVlaNE3/jBiHtzrMIkMAE5p8xc/6fB47hIuYuNRoFnRGx6nPceiaus05U3hDNVszAs5tNiN78OAYpIuz8sKDuf9bUXmxBLc3MxIhXUTAlKfWWgrFJMtRnXM/ObYB2QA49izD9LHnUeGORWR7XWcKHv3jQpGbM8hcjhK5bwgDuAO8qnkltqzKbQK1CP08y3DMJEpB46iJ7WvYOZ4RL0khtz8p7238XzRnZT0/oHBh2X0SIXO/fxPAfju4t4B/Y7+TqlIaiPOK9mxANMpu0HOlyR70E/hNPMc6yc6SzYOeUzoebshiAvMCvf6IdeeDqpju6BtP1RCor4WB+SMqwscrOi+TGRn6NnmJ3vn6rNXUZRaohd+97t+Sh8YPstzwdct61xRodDf/iS0ya3Zd0M20oJd0vH0sZijFeL1uyY7I+DKHNVmAWYFDnncya2jHjLXBonEdy500VqzM6c/TLSB6YN5AvGGMkqMbpwRS++MX1qIJSRHyc5ArtZa5thX9pAfRSeX1rkERTERFnMCiheaOS9ZRxxAUeY6KmTkCeEmHyeVs9U3hzIA+BMCiAVga3Gigd5CUBvm0YeVCw9pXDW96EaxuryeFylgz1ZBUBa7/PeJaMz1+tFhkQ0AO5Lx69Qy09LlmJCPxoBOqmUkvieDy7pyhmbxlMdctftGbw6uiAbo7O/kAunGAtayhRpnm9Fh7cN/5aF2X6Lm+WyBSW5soj90KFDidLJkt6y2VWG1eYuF/Kkqiuoa8wE5mMFQqvQ6LmbDNSzCay0WYPZ7B6ymg28t4ereYYi8bDP2xpVanpu6c0xB7Ko1SO2P9mT4KdFCxQQzX+idAixtIV99iu1t2UjbzAyYyHPtqwyEWTNQ8uVqVW5SPhFFK7QMQYglW3Hj9+2pl89TVeSb3JFdiaIbXyedrn5hRjVgid93ACrDZDy6tepeF+DlizhYQxtIEW3ja0Lvvpx2EVQRRi8jBtP6o9T8rKMZdNzEnGGJLqVPWRXRSYHrci47G6VlWFZYb52G22AwwHJnrYAvl3SwQt/+UvAItC1dw77j96g1H16pW6i1w48RHrckh+4JOEjKYW5pcB1kBt93Yakz/2Mi1e05WmNnvSWsh0yDUf9kUovxsYFgXd2CX37aAldId+U9JBcybNvhqoTJM7c9FZmSgm3CAw7K5zXJ2ZBZAyWUq85WAZis3iIySKkd1NkZ6Q593fhMtn0BFxo9rcu7tl/seBmBX7wg+Y93ytBruR40uDVvHG2emFg44aFiGRUjPb8P+pojJ2ql7dwuPOjQnKFzGbFxZLKIdK13GzxNsUD55ofww0sGRgjpBkR8+dksc9W0mZr5HVR+0euDEh4hzPtyr5lcNHU4iUnUNQQ3iY5sbLrg1vbVqG7cnnJqHCdFUQJt0aN5GcUVrotwtGJcOs30Pj4EE3W9RpbraT3pgeqweDAH3DIMlcpP47TpFqZw7ZrElPUavxFngq2INPIMsxUmcN+UUA4EXkzoO/KCXbglp1bHF7iWa0+IH9WZ3xZU5u4lSMKqLgU+J+ffkPkKodGC/kfLfiCiG7yifZ6E0JGImYCkdvKvQO+XVaYWsDf3TXb8Qi3EYPafWAIPXGrm577/4le68nfM7PC/nZD60X5SNI5WR5y3AEw3rCQAFToELC3uvktQHrg70F0xu2gXAo2hT645x9KV8+ImY+p2R2ifkcNS1YVW6TD3f7+7JIVO2seZWpKWySigRUvMe4O8DQB5hQYHq59a6wna8pQLHSqdnpxr0v3DIOILXckYF6OzJUn3nEjJPgDbHpZk0rhnbodm/AP+jlVfQuSGzlq8o+lOQxJV4WxjJ114ljxhGv1ZIabV29n0qiX4U2US5I/iFbmuHeyZknXD3H5W5lhbrpIgmv4EnNGLZ/a+lwh12ZVQDT5BP70S9D0ZqJamc7RPOhNX3rF589dEP/8OkGmKkzNT+wD1DDP9UVdATTUmgZXdXS0oCeaLDn+WQSytiDTAxv8u7a+MywnyBmSAz2i3d9/cDzOLpHvmdvjIAxKsqpOh3U8SrOPG59U0wJ1O1vQctaR7iMByyeW6ghqxpS+SiEydBk5UVj/1pGrlsE97IH4B+CQBbS2MPbu4XxWvkCl6XpXbAX8SsrKQGm9N7JxtqMEIpXBLyDIac6f3RYE2t6vbRaN9JviSU+HDHAcWu/Pft7PMeslwR78Rkp6JIedtAxCGE3fxrMT3Zq+IFsfKHMTrvq/7czJ47DNQcqgC4nQJRb53nxRseMepWz/5pXJsDwK4u5bLyDFdgkkovXzih4BoCbKewJKNu7s6Z+toq5uAY3dsXxVThotks+fsuz3YmZGPalovRfth/IGrfFNCcmaH/W8fV0mMhsGrVgfVMYYPc7GGlgtENkO0Yp1H3HXxLqRzEZCdqVuc6dHLfG8HGpRiloUHvrXpE1atDUGHq1XUojjzFDk+Nb80KD88c18gS6lNYbWuabgSitAzeikphehtOqLDUlkkkUPkI11+2aHpIS0q2afyfzqQpCnC1FHc1jewrOW5KNchce5eQjORL2xvl206f05rNXOUzRyT7/w4WEuJAQ/clqt9PwUrBmuSd/x3NEsSoEkFkYv2u6NOkx6nF/c9TeBcpbc36/J4KA0vavyYY5uLV7dvHAelrBHqIzEqpxMNfK94mBYrIxRiujCBbY9lFD65wv29Git55/0vJu855O0DxPOP60GCjynjkki/P2Q9Vh+ozsacTs7YahDtR5YXhJkLvYiDQH9UY8xZr8qiBTKX0XNRyRchZVVVQpoa7a5uCr4R7Ww/Pe12Eq8kkh3vEAxL5gyb+evPgraS24o/S3Hp1PA9oudFyLnW4UJwXb2ckWPURALDqnnGI84jPAWpVXJN9jxDTpjNPJAR+YLHlSaLqr9NDf4coK5+X/X3zDs6ZrMKkSwWefp7gVES8pB9jcFVElNEWOXiftdsWmG/Oe9u6+9IlAnGvp/R2Z9+N/Ca3aHLH3zea99BH6HfLWXBZoT1fG/hYZM2zh8k5dTknWsINSofZW5v+sO+A5j1Ky0nVqcurH02DtriYmZMgL7snTgzdwZdGp+gRz4DP+tF/2Iy95TWSdOJT0gZ5y3u1gzt4SOABiJQnnFK0='));

其他

avatar
avatar

使用fiddler对app抓包,部分app上不了网:

用 SSL Pinning,需要 root 才能抓包 如何对使用了ssl pinning的APP(如知乎)进行抓包? - 知乎 - https://www.zhihu.com/question/60618756

纵有疾风起,人生不言弃!