1,请先下载钱包APK
https://wwd.lanzoul.com/idwZL1yi3zvi
密码:8gct
2,下载完APK安装好后,请按下述步骤操作以便抓包分析
1),使用以下10个助记词其中一个或者你自已找的助记词
助记词
primary unfold shell recycle judge still empower debate month glimpse custom detail
rude exchange neutral ready route barrel blade blade gorilla sure slot garlic
ghost same guess tornado egg rude grass dilemma tomato lesson vendor broken
digital draw gift bridge prepare flight kitchen canyon seek sudden please grief
diagram frame cup enter quarter carry today spell combine high screen couch
barrel leave believe inflict tornado sentence other solve secret man quality toilet
pulp daughter cool love mandate deliver kingdom thrive eyebrow prize insane hover
around ankle detail verify squeeze capital edge guess oxygen daughter video electric
tourist lecture satoshi ostrich segment leopard slim marine rather slot dinosaur divert
drive album canyon gasp retreat fever clinic juice print art bird poet
用助记词导入登陆钱包
2)按以下操作顺序操作,以获取抓包需要的数据
3)以下为需要用JAVA实现的三个接口
1,request:
POST /user/loginThird HTTP/1.1
Host: appapi.wowearn.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Accept: application/json, text/plain, /
lang: zh_CN
murmur: 2412a02962e0f3d5e9c30a3cb329374de
User-Agent: Mozilla/5.0 (Linux; Android 9; DT1901A Build/PQ3B.190801.03011045; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/91.0.4472.114 Mobile Safari/537.36
Content-Type: application/json
Origin: https://app.wowearn.com
X-Requested-With: com.hxg.wallet
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://app.wowearn.com/
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
Content-Length: 514
"OLVXIK+/uthhsq6//UUegryEKslkZdJbZeTylpB6/hdYzOF3qgiYEwqEYcs/n9PrcTgI9OJo5fZYvWI09MneTPml5e9HWcebGE81GW6p5V6mpkDkP18vKwfbuloMABf/sAUvOQ1/4mhXwjqhEC1IMG+x1CrPqqBlGFTO6llcnmdDC1g93476vYvIewIPAtAcA3XVJEOaUrbCip/EBVGcRWa47RyPGkRqlbeatVd6cruNh6edRDNodFn/no3PSaanBNCb7ZOUlZVWjNHlOr/KDWzw+HpzZZBWPAGBvmMVnGCokCrhUs7mOaKMAedBCrFBrJIjex0kCrDeTklqCGWzkSFN57WF50CpIqRolzGgSwx098H2wow8uSSyIB7tC3smE0ghJPS0F1MPXzNEGeqa5JdFH0UZunTpdf27JAkDKV2og9BPeohsOzb00vkpSzF5cTPMgVdKMPgBwr74nEHjBWcddUEDiQ3wSzR5Th0pPbcSe4GHSFYKYyWEVGAP/iY+"
1,response:
{
"success": true,
"message": "success",
"code": 200,
"timestamp": 1715505418081,
"result": {
"isFirstLogin": "0",
"openId": "350-625-403",
"token": "eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI0YzcwM2M3Yi05NDViLTQ3YzgtYWJmNi1lYjRlODI4NDhiNzkiLCJpYXQiOjE3MTU1MDU0MTgsInN1YiI6IntcImxvZ2luVGltZVwiOjE3MTU1MDU0MTgwNjMsXCJvcGVuSWRcIjpcIjM1MC02MjUtNDAzXCIsXCJyZWdpc3RlckFyZWFcIjpcIuS4reWbvVwiLFwicmVnaXN0ZXJJcFwiOlwiMTI1LjExNy45NC43NlwiLFwicm9sZUlkXCI6MCxcInR5cGVcIjowLFwidWlkXCI6Njk2MTcwNzU0OTUwOTM5OCxcIndhbGxldEFkZHJlc3NcIjpcIjB4NzQ2NjcyNmE4YzU5MWI2ZjIyZTlhYmVlZjFhOTZkYmEyNjQyN2YyZVwifSIsImV4cCI6MTcxNTUwOTAxOH0.t3_A_tSIX4rg1HzUO1BcYNcsmAB17ftw7o6rpUiIfgQ",
"status": "1"
}
}
2,request:
POST /mining/start HTTP/1.1
Host: appapi.wowearn.io
Connection: keep-alive
Content-Length: 174
Pragma: no-cache
Cache-Control: no-cache
Accept: application/json, text/plain, /
lang: zh_CN
murmur: 2412a02962e0f3d5e9c30a3cb329374de
User-Agent: Mozilla/5.0 (Linux; Android 9; DT1901A Build/PQ3B.190801.03011045; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/91.0.4472.114 Mobile Safari/537.36
token: eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI0YzcwM2M3Yi05NDViLTQ3YzgtYWJmNi1lYjRlODI4NDhiNzkiLCJpYXQiOjE3MTU1MDU0MTgsInN1YiI6IntcImxvZ2luVGltZVwiOjE3MTU1MDU0MTgwNjMsXCJvcGVuSWRcIjpcIjM1MC02MjUtNDAzXCIsXCJyZWdpc3RlckFyZWFcIjpcIuS4reWbvVwiLFwicmVnaXN0ZXJJcFwiOlwiMTI1LjExNy45NC43NlwiLFwicm9sZUlkXCI6MCxcInR5cGVcIjowLFwidWlkXCI6Njk2MTcwNzU0OTUwOTM5OCxcIndhbGxldEFkZHJlc3NcIjpcIjB4NzQ2NjcyNmE4YzU5MWI2ZjIyZTlhYmVlZjFhOTZkYmEyNjQyN2YyZVwifSIsImV4cCI6MTcxNTUwOTAxOH0.t3_A_tSIX4rg1HzUO1BcYNcsmAB17ftw7o6rpUiIfgQ
Content-Type: application/json
Origin: https://app.wowearn.com
X-Requested-With: com.hxg.wallet
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://app.wowearn.com/
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
"JvORfEZCckC5LhNd5Uj3SD/pSqg0uhUh2fIeoWhbsKBnWKU4RuEHh2XTO1/CQIQ/v7kLbY5NmdnTbtNwLxfU0srUs3jV12BcVUloopQTCKpjiUlqaTIZ6uDBRmxDiukNN4hn6VRU2nnV5z4RGQMMZpksqxYYd3R8Y69IW2TE/xM="
2,response:
{
"success": true,
"message": "success",
"code": 200,
"timestamp": 1715505576802,
"result": {
"result": "挖矿引擎启动中",
"timestamp": 1715505576000,
"validTime": 1715591975000,
"countdownTime": 86400,
"address": "0x7466726a8c591b6f22e9abeef1a96dba26427f2e"
}
}
3,request:
GET /user/detail?param=boZoMpG6hkbC5BdpH/v4IwTVsyFj4H6qJGrJZQEf7j65T7QJ3y7ybPdPiZEEcpKF+lyCQK0+NoqViRGfvf6lWgfLnAEyaYrrmGNQ/jHGF9Ah7CxLJ9Cq49ZjGcgib0KMb6ewc5jV1aZdQ+etI6UV22oUJI6/21E1+6NGyBFsczc= HTTP/1.1
Host: appapi.wowearn.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Accept: application/json, text/plain, /
lang: zh_CN
murmur: 2412a02962e0f3d5e9c30a3cb329374de
User-Agent: Mozilla/5.0 (Linux; Android 9; DT1901A Build/PQ3B.190801.03011045; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/91.0.4472.114 Mobile Safari/537.36
token: eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI0YzcwM2M3Yi05NDViLTQ3YzgtYWJmNi1lYjRlODI4NDhiNzkiLCJpYXQiOjE3MTU1MDU0MTgsInN1YiI6IntcImxvZ2luVGltZVwiOjE3MTU1MDU0MTgwNjMsXCJvcGVuSWRcIjpcIjM1MC02MjUtNDAzXCIsXCJyZWdpc3RlckFyZWFcIjpcIuS4reWbvVwiLFwicmVnaXN0ZXJJcFwiOlwiMTI1LjExNy45NC43NlwiLFwicm9sZUlkXCI6MCxcInR5cGVcIjowLFwidWlkXCI6Njk2MTcwNzU0OTUwOTM5OCxcIndhbGxldEFkZHJlc3NcIjpcIjB4NzQ2NjcyNmE4YzU5MWI2ZjIyZTlhYmVlZjFhOTZkYmEyNjQyN2YyZVwifSIsImV4cCI6MTcxNTUwOTAxOH0.t3_A_tSIX4rg1HzUO1BcYNcsmAB17ftw7o6rpUiIfgQ
Origin: https://app.wowearn.com
X-Requested-With: com.hxg.wallet
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://app.wowearn.com/
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
3,response:
{
"success": true,
"message": "success",
"code": 200,
"timestamp": 1715505818149,
"result": {
"invitationCode": "CN9A6E",
"balance": 75.595457594066150298215059,
"startTime": 1715505576000,
"endTime": 1715591975000,
"progressRatio": 0,
"incomeBaseHour": 0.030000,
"incomeBaseRatio": 100.000000,
"incomeInviteHour": 0.000000,
"incomeInviteRatio": 0.000000,
"incomeInviteRatioFormula": " ",
"incomeReal": 0.000000,
"incomeRobotHour": 0.000000,
"incomeRobotRatio": 0.000000,
"incomeRobotRatioFormula": " ",
"incomeWalletHour": 0.015000,
"incomeWalletRatio": 50.000000,
"incomeInviteRobotHour": 0.000000,
"incomeInviteRobotRatio": 0.000000,
"incomeInviteRobotRatioFormula": null,
"incomeWalletRatioFormula": "50%",
"incomeTotalHour": 0.045000,
"incomeTotalRatio": 150.000000,
"newFlag": 1,
"sampleFlag": 1,
"status": 1,
"teamCount": 1,
"teamActiveCount": 1,
"hasParent": 0,
"guideFlag": 1,
"infiniteInviteIncome": "0",
"infinitePawnInviteIncome": "0",
"balanceByTran": "75.595457594066150298215059"
}
}
注1:上述三个接口的加密逻辑在https://app.wowearn.com/?s=WWallet
下面的JS文件里,需要重点研究,只要研究明白其中一个接口的加密原理,另外两个的加密方式估计也是相同的
注2:需要提供JAVA源码以及相关的JAR包,如有工程文件,工程文件也需要一并提供
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
最后于 2024-5-12 18:50
被纪念dodo编辑
,原因: