SSL two-way authentication pass kill_soulapp

Others 2021-02-27 04:55:45 views: null

SSL two-way authentication pass kill_soul

Recently, Netease Cloud doesn’t have any good music, so Hu Miao got on the song that was sung by passers-by on the Soul app.

There is no good picture bed, so please move to the official account "Code Sky" to get the best experience

Two-way verification was done once in about 18 years, and it was to perfect business crawlers at that time. Today, I want to write an article to record the thoughts of passing killing.

Download app

Under normal circumstances, you can directly use the new version of the app. Under special circumstances (when you are cooking), you can obtain the old version of the app from "X Pod".

Get the source code

Easy to develop and use the shell check;

Use fdex or manual unpacking;

Use jadx to see the source code;

Capture packets to find keywords, use Fiddler, special cases (those with various detection agents) and emulator + pc to capture packets.

Find the hook point and look at the keywords, this time the keywords are KeyStore (usually to load a digital certificate) and toCharArray (passwords are usually converted to char)

Then search for the place where the ssl factory is initialized when the http request is made, and it is absolutely necessary to load the certificate. At the same time, look for the password, use xposed to hook to get the password.

When you see that the certificate name is client, don't worry about the suffix, unzip the apk and search for the client, you will see the certificate file.

After finding the certificate, look at the password, that is, who transferred the char array. Look at the screenshot above, which is SoulNetworkSDK.a(r2). The password obtained by the hook is XXXXX (only for technical research, the password will not be released)

Then try to let fiddler be able to capture packets, you need to generate a ClientCertificate.cer certificate to C drive Fiddler2 can be used (ignoring the password).

Download openssl, download it from Baidu. Use command to convert client.p12 to pem format

Copy the beginning and end, this is the key. Create a new file and rename it to ClientCertificate.cer, copy this bunch of things into it and put it under the Fiddler2 file to capture the package.

Next, I will not disclose the parameters for each parameter, and attach a reluctant song to the master viewer.

If you feel that you have any questions, please join the telegram group and answer them at any time. Link to t.me/joinchat/LR6UchWjx3_RWmnD7WpQpQ.

Next: Anti-climbing articles|Tencent slider verification code, what to send depends on the progress and free time

Guess you like

Origin blog.csdn.net/ggl1438/article/details/104021864
Recommended
Ranking
SpringBoot-integrate redis
[Sword pointing to offer] Interview question 03: Repeated numbers in an array
Arrangement "Offer Penalty for prove safety" string
Browser prevent the automatic generation of fill and Echo have been saved account solutions
Work hard and never slacken——2022 Yinmai Information Year-End Summary
Install jdk7 on Linux system
App common dependency management tools
EduCoder-Web程序设计基础-html5— 给表单组件添加说明-第1关:label标签相关概念
Machine learning - clustering - density clustering algorithm notes
Ant's large model is exposed, AI+ finance enters the "big model" era
Daily
More
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)

Code World

© 2018 codetd.com