-
-
针对ApiCloud框架应用HJZ Token分析
-
2020-8-30 02:08
3983
-
针对ApiCloud框架应用HJZ Token分析
名称: HJZ Token
类型: ApiCloud
环境: 雷电3.7.2
工具: Xposed+Uzmap Dump
抓包: HTTP Debugger Pro + 模拟器
推荐: Charles+Postern
作者: Lunction
01.抓APP应用数据:
POST /api/app.php HTTP/1.1
Cookie: COR_ID=b93f21d56b8f212fac2a1c2dc83635522ec5438b; COR_ID=b93f21d56b8f212fac2a1c2dc83635522ec5438b;
Charset: UTF-8
User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; f100 Build/LYZ28N) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/39.0.0.0 Mobile Safari/537.36
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
Host: hjz-coin.com
Accept-Encoding: gzip, deflate
Content-Length: 508
{"model":"user","action":"login","remember":1,"devicename":"gionee+f100","progress":true,"username":"13800138000","password":"a123456","mobile_code":"","phone_code":"","mobile_phone":"","":"登录","deviceid":"865166020436278","os":"android","version":"5.2.2","appid":"20161027"}
02.查看APK文件结构
1. 关键文件 : uzmap,widget
2. 打开文件 : 发现乱码
3. 推荐工具 Xposed +Uzmap Dump(xp插件)
4.导出文件到电脑桌面
4.验证文件是否解密
03.查找SIGN加密参数
04.验证sign结果对比
05.遇到坑点:
- HTTP Debugger Pro抓包
devicename":"gionee+f100"
- Charles抓包
devicename":"gionee f100"
- MD5加密参数有中文
- APP检测xposed框架
阿里云助力开发者!2核2G 3M带宽不限流量!6.18限时价,开
发者可享99元/年,续费同价!
最后于 2020-8-30 02:40
被Lunction编辑
,原因: