In the WeChat login request, there is an rqt (Reliability Qualification Test) algorithm, which plays an important role in WeChat risk control. According to this algorithm, the reliability of the login environment of WeChat can be judged as an important basis for whether it is a cheat . Of course, in addition to this algorithm, so many subfields in the 24 fields are also the basis for risk control.
From a certain point of view, this may also be a warning to security developers. Analysts are always stepping forward and will never stop. If security products cannot quickly adjust and change, it is only a matter of time before the security logic is analyzed. . The offensive and defensive situation is changing rapidly, and the effectiveness of the strategies of both sides will only be temporary. For the security and defense side, adjustments seem to always be accompanied by many problems, and the cycle will be longer. It is a question worth thinking about.
There is obviously no way to see what is captured, but we only care about short connections, so we need an environment to trigger mmtls initialization of short connections, and we only care about mmtls, not other information, so we can use An early version, the reason is that the early version can shield long connections and force the use of short connections.
