Shulou(Shulou.com)06/01 Report--

This is the simplest topic, all at the java layer.

Look at the key source code after decompilation:

Because I am not familiar with the android program, the android.util.Log.i function is completely ignored. Later, after reading Daniel's writeup, I knew that the three android.util.Log.i in the onClick function told the password book, password, and guess results by outputting log information.

I used a standard method of analysis. Follow up the access$0 function.

The password generation rule is

This code means that the user's input is converted into a byte array p4, and each byte of p4 is indexed to find the corresponding character in the codebook p3. It should be noted that p3 is utf8 encoding, Chinese corresponds to 3 bytes (one character), and ascii corresponds to 1 byte.

Password set for password book and title (winhex extraction):

To reverse the user's input is to find the index of each word of passwd in the password book, and output the corresponding ascii value of the index.

As my python processing Chinese code does not pass, so honestly in the winhex inside 3 bytes of 3 bytes of search, manual calculation.

Because the Chinese characters in utf8 are 3 bytes, the offset in winhex is divided by 3.

Attachment: http://down.51cto.com/data/2365363

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.