Analysis of the latest JD.com signature algorithm in 2023

Enterprise 2023-09-06 22:29:07 views: null

1. Prepare the tools

The tools used are as follows

1. The latest version of APP (download link https://www.wandoujia.com/apps/279987 )

2.jadx java reverse tool (download address https://github.com/skylot/jadx )

3.ida reverse tool (by Baidu)

4. Fiddler packet capture tool (Baidu itself)

5. One Android phone

2. Preliminary analysis

1. First download the latest app on the mobile phone, and then configure the fiddler phone to capture packets. There are many configuration capture tutorials on the Internet, so I won’t go into details here.

2. Try to search for a product in the app, and find that there is a sign signature, and it contains some important information, which will be used later

parameter meaning
functionId search interface name
clientVersion app version
client cellphone type
st timestamp
sv signature algorithm
body requested data

insert image description here

3. Reverse APP analysis source code

1. Open the app directly with jadx to view the code. After searching for a long time, I found a relatively relevant place

According to the analysis of the above log output,
the sgin signature calculation involves the interface parameters
functionId, body, uuid, client, clientVersion
insert image description here

String signature = JDHttpTookit.m20863WV().mo68383Xd().signature(JDHttpTookit.m20863WV().getApplicationContext(), functionId, str, str2, property, versionName)

The uuid probably means to get the device ID
insert image description here

2. Enter the encryption method body and continue to analyze

The body of the method looks like this, it is an interface. Since there is an interface, there must be an implementation, continue to search and
insert image description here
find a decent one, which happens to have 5 parameters.
insert image description here
The key code

BitmapkitUtils.getSignFromJni(context, str, str2, str3, str4, str5);

Continue to analyze the method body.
insert image description here
This code probably means getSignFromJni. This encryption method calls the code in jdbitmapkit.so

 ReLinker.loadLibrary(JdSdk.getInstance().getApplication(), "jdbitmapkit");

3. Find the jdbitmapkit.so file

Directly compress the software to open the app, search and find the file
insert image description here

4. Reverse analysis libjdbitmapkit.so file

1. Go directly to IDA and drag the file into it

In the method sub_127E4, find the keyword sign=
insert image description here
There are also keywords such as uuid, body, st, etc. in the method, confirm that this is correct
insert image description here

2. Check the code of ida to analyze the algorithm, and use java to
insert image description here
restore it and call it a day

Technical exchange QQ 53461569

Guess you like

Origin blog.csdn.net/danran550/article/details/123394841
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com