Shulou(Shulou.com)06/01 Report--

How to solve the problem when a crawler encounters an APP request with encryption parameters? in order to solve this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more partners who want to solve this problem to find a more simple and easy way.

After reading the general mode of the preliminary article, did you find a serious problem: if every APP needs to be decompiled and copied in this way, then when you want to climb different APP in large quantities, it already takes a long time to find the generation part of the encryption parameters, is there a faster way?

The answer is yes, and for an entry-level APP, this operation allows you to directly drop its encryption parameters in a minute, which can be said to be a reduced-dimensional blow!

So how does this effect work? In fact, it is very simple, that is, directly give the common methods used to generate encryption parameters in the Java standard library to Hook, and monitor their input parameters and return values, so that you can directly get encryption, the original text before Hash, key, IV and so on, how about? Isn't it easy?

Tip: the reason for not mentioning Kotlin is that when writing code for encryption and Hash operations under Kotlin, if you don't use a third-party library, you can only call the Java standard library, and the class names and method names of the third-party library are too many, unlike the standard library, which can directly kill a large piece, so it does not belong to the first part of this series. (several Android developers have been asked to verify this conclusion)

So... How do you operate it? In fact, there is already a very convenient tool based on the Xposed framework that can achieve this effect, which is Inspeckage. It has given Hook the encryption and Hash methods commonly used in the standard library:

The code of Inspeckage Hook encryption class operation standard library

Inspeckage Hook Hash class operation standard library code

When you need it, just open Inspeckage-> Select the APP-> that requires Hook, open the web side of Inspeckage or search the log for the encryption parameters you need to get the original text and the encryption and Hash types you use.

Next, I will continue to use Demo APP in the previous regular mode to demonstrate. If you can't wait to try, you can send a message [app second kill] to my official account to get the download address of Demo APP.

Needless to say, let's get started. First, we need to prepare an Android phone with the Xposed framework installed, and then download the newly compiled Inspeckage installation package in Inspeckage's GitHub repository or install it directly in Xposed Manager.

Remember to enable it in the Xposed manager after installation, and restart will take effect after it is enabled.

Once the environment is ready, we can begin to crack the Demo APP, open Inspeckage, click "choose target" to select the APP of the desired Hook (here select "APP encryption parameters DEMO- introduction").

When selected, just click the "LAUNCH APP" button.

Tip: if you have opened the specified APP before, you need to force it to stop and then click the "LAUNCH APP" button, otherwise Hook may fail.

After startup, we can search the Web end or log of Inspeckage for the encrypted parameters of sign. Here's how to do this:

Web end

On the web side, if your phone and computer are in the same network environment, and your phone and computer can communicate with each other, then you can directly access the intranet IP address (such as http://192.168.137.64:8008) displayed on your phone with a browser on your computer. If your network environment makes it impossible for you to do this, you can also use the adb command adb forward tcp:8008 tcp:8008 to map port 8008 on your phone to your computer, and then you can access http://127.0.0.1:8008 directly (if port 8008 is not occupied).

After opening the Web side, turn on the automatic refresh option to the right of the wrench button at the top of the page, and you can see what has been Hook.

Journal

You can use the adb command adb logcat to export the log and view it, or use a streaming, search-enabled tool like the logcat tool in Android Studio. In addition, if the corresponding encryption parameters are found on the web, if the original text is too long and the original text is truncated, you can also find the corresponding content in the log to view, and the log will be complete.

After that, it is still the usual process, so grab a bag and have a look. (again, if you can't catch the bag, take a look at my previous bag grab series, which is the basic operation! )

Here we get a sign:188c338423f3af3c2c0277946de958f8 after grabbing the package, copy it directly, and then search in the Hash column on the web side of Inspeckage (search in the log to search the contents of sign directly).

This is the answer to how to solve the problem when the crawler encounters an APP request with encryption parameters. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.