image.png
目前仅分析这2个参数,其他加密后续再看
jdax反编译取源码
image.png
搜登陆关键词 password
"password"
image.png
根据login猜测,可能是这个方法类,进入
image.png
mobileLogin 好了,看这个方法就行了,第一个就是pwd,密码
String pwd = l.a(password + x.aN);
进去看一下,有兴趣的可以看一下,是一个md5
x.aN的值看一下
public static final String aN = "du";
测试密码:123456
所以密码的md5就是
md5(123456du)
校验一下,md5的结果是;
ca8f119a27ec17f98b463807cd0b6b62
传参的pwd内容是:
ca8f119a27ec17f98b463807cd0b6b62
一致,pwd加密算法过,接下来看sign参数
String pwd = l.a(password + x.aN);
Map<String, String> param = new HashMap<>();
param.put(HwPayConstant.KEY_USER_NAME, mobile);
param.put("password", pwd);
param.put("type", "pwd");
param.put("sourcePage", sourcePage);
param.put("countryCode", String.valueOf(countryCode));
这里是传参参数,我转移一下
param.put("userName", "13759886912");
param.put("password", pwd);
param.put("type", "pwd");
param.put("sourcePage", "");
param.put("countryCode", String.valueOf("86"));
没有需要的sign,继续往下走,有个this.mLoginService.mobileLogin
进去看一下
image.png
是一个url路由,看一下需要的参数:
z<BaseResponse<SocialModel>> mobileLogin(@Field("userName") String str, @Field("password") String str2, @Field("type") String str3, @Field("sourcePage") String str4, @Field("countryCode") int i, @Field("sign") String str5);
根据最后一个可以知道,最后传的一个参数就是sign了,返回看一下最后一个参数是什么
this.mDisposable = (c) this.mLoginService.mobileLogin(mobile, pwd, "pwd", sourcePage, countryCode, com.shizhuang.duapp.common.f.x.a(param)).observeOn(a.a()).subscribeOn(Schedulers.newThread()).subscribeWith(new com.shizhuang.duapp.common.helper.b.b<SocialModel>() {
调用了该函数进行md5
com.shizhuang.duapp.common.f.x.a(param)
进去看一下
image.png
public static String a(Map<String, String> map) {
if (map == null) {
return "";
}
map.put("uuid", b.a((Context) BaseApplication.getInstance()).a((Activity) null));
map.put("platform", "android");
map.put(NotifyType.VIBRATE, b.c(BaseApplication.getInstance()));
map.put("loginToken", p.a().b());
List<Map.Entry<String, String>> infoIds = new ArrayList<>(map.entrySet());
Collections.sort(infoIds, y.f10050a);
StringBuilder builder = new StringBuilder();
for (int i = 0; i < infoIds.size(); i++) {
Map.Entry<String, String> map1 = infoIds.get(i);
builder.append(map1.getKey() + map1.getValue());
}
builder.append(e.k);
return q.a(builder.toString());
}
看一下return q.a(字符串);,根据这个尿性,大部分都是.a=md5(),所以进去确认一下是补上
image.png
注释很明白,md5,那就继续看别的参数
map.put("uuid", "b256a5b53509daa1"); 协议头的uuid 随机生成
map.put("platform", "android"); 安卓系统
map.put("v", "4.3.0"); app版本号
map.put("loginToken", ""); logintToken
上面的参数在协议头内都可以找到,所以无所谓,看下一个
···
List<Map.Entry<String, String>> infoIds = new ArrayList<>(map.entrySet());
Collections.sort(infoIds, y.f10050a);
···
百度可知是个for循环类,然后进行排序
排序方式,国内加密大部分都是根据键升序,所以暂定为升序(排序看不懂)
image.png
for (int i = 0; i < infoIds.size(); i++) {
Map.Entry<String, String> map1 = infoIds.get(i);
builder.append(map1.getKey() + map1.getValue());
}
循环,给builder数组加内容键值内容
builder.append(e.k);
追加k内容
builder.append("3542e676b4c80983f6131cdfe577ac9b");
builder.toString()转字符串
"countryCode86loginTokenpasswordca8f119a27ec17f98b463807cd0b6b62platformandroidsourcePagetypepwduserName13759886912uuidb256a5b53509daa1v4.3.03542e676b4c80983f6131cdfe577ac9b"
然后md5一下值,结果为:
image.png
判断:
image.png
完成,sign处理完成
附JAVA;
main.java
package signs;
import java.util.Locale;
import java.util.HashMap;
import java.util.Map;
import java.util.List;
import java.util.ArrayList;
import java.util.Collections;
import java.security.MessageDigest;
import signs.*;
public class main {
public static void main(String[] args) {
String password = "123456";
String aN = "du";
String pwd = MD5.encodeByMD5(password + aN, Boolean.FALSE);
Map<String, String> param = new HashMap<>();
param.put("userName", "13759886912");
param.put("password", pwd);
param.put("type", "pwd");
param.put("sourcePage", "");
param.put("countryCode", String.valueOf("86"));
System.out.println(pwd);
System.out.println(param);
String sin=a(param);
System.out.println(sin);
System.out.println(MD5.encodeByMD5(sin,Boolean.FALSE));
}
public static String a(Map<String, String> map) {
if (map == null) {
return "";
}
map.put("uuid", "b256a5b53509daa1");
map.put("platform", "android");
map.put("v", "4.3.0");
map.put("loginToken", "");
List<Map.Entry<String, String>> infoIds = new ArrayList<>(map.entrySet());
Collections.sort(infoIds, y.f10050a);
StringBuilder builder = new StringBuilder();
for (int i = 0; i < infoIds.size(); i++) {
Map.Entry<String, String> map1 = infoIds.get(i);
builder.append(map1.getKey() + map1.getValue());
}
builder.append("3542e676b4c80983f6131cdfe577ac9b");
return builder.toString();
}
}
MD5.java(百度的,然后稍微自定义了一下,建议直接用这个类,部分类有问题,加密结果不一致)
package signs;
import java.util.Collections;
import java.security.MessageDigest;
public class MD5 {
//盐,用于混交md5
private final static String[] hexDigits = { "0", "1", "2", "3", "4", "5",
"6", "7", "8", "9", "a", "b", "c", "d", "e", "f" };
public static String encodeByMD5(String originString,Boolean type) {
if (originString != null){
try {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] results = md.digest(originString .getBytes());
String resultString = byteArrayToHexString(results);
if (type==Boolean.TRUE){
return resultString.toUpperCase();
}else{
return resultString;
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
return null;
}
/**
* 转换字节数组为16进制字串
*
* @param b 字节数组
* @return 十六进制字串
*/
private static String byteArrayToHexString(byte[] b) {
StringBuffer resultSb = new StringBuffer();
for (int i = 0; i < b.length; i++) {
resultSb.append(byteToHexString(b[i]));
}
return resultSb.toString();
}
/**
* 将一个字节转化成16进制形式的字符串
* @param b
* @return
*/
private static String byteToHexString(byte b) {
int n = b;
if (n < 0)
n = 256 + n;
int d1 = n / 16;
int d2 = n % 16;
return hexDigits[d1] + hexDigits[d2];
}
}
y.java(从他源码里直接扣下来的)
package signs;
import java.util.Comparator;
import java.util.Map;
final /* synthetic */ class y implements Comparator {
/* renamed from: a reason: collision with root package name */
static final Comparator f10050a = new y();
private y() {
}
public int compare(Object obj, Object obj2) {
return ((String) ((Map.Entry) obj).getKey()).compareTo((String) ((Map.Entry) obj2).getKey());
}
}
网友评论