First unzip the app package developed by react
Change the suffix name xxx.apk to xxx.zip
then unzip
Open the decompressed directory assets folder
Find the index.android.bundle file
The key logic of react packaged code is here
I need to find encryption aes or des encryption
Copy the code to ide and format it
Search for aes or des to locate the key code
analyze
n is aes encryption library, u is not sure yet
t is the data to be encrypted by data
f is the key key
Because it is CBC encryption, it needs iv padding, iv is the value after the key is processed and intercepted (8,24), which satisfies 16-bit iv
Find out how to handle key becoming iv
u is the processing function of f, and it is found to be d[2], that is to say, the third value of the passed parameter, it can be seen that it is 921
Let me emphasize here, because react may be confused when it is packaged, so the functions inside are directly replaced by numbers,
Then we find the corresponding function of 921, how to find it.
Our current function is 886
Search directly to find the location of the 921 function
This finds the second half of the function body
Below is the upper part
Let's see what this function does.
It is very clear that we found that it is an md5 encryption
Then I understand that passing the parameter f into it is the key, MD5 and then intercepting the returned md5 at the (8,24) position
got our iv
At this point, key, iv, data, encryption mode, and filling mode are all available
Welcome to the qq group to discuss your questions
