[原创]入门级,无壳app登录算法还原并实现发包 | 宜武汇-ag真人国际厅网站

import requests

  

import json

  

import time

  

import hashlib

  

from crypto.hash import sha

  

from crypto.signature import pkcs1_15

  

from crypto.publickey import rsa

  

import base64

  

  

  

pey = 'miicdwibadanbgkqhkig9w0baqefaascamewggjdageaaogbamngabifn iron2hbwb7mlk1dm05v1qlzbiltdj7dypr gjzq9fk0v7giichpfg7pdqexmbb2nj8vknaiidbaw7uy1h9n scbt xzz6bb2uxlbbmqvwowv55tjkz2ybchfqdgz51hjxaonkjdhwgpjip7bwdx375gybn2ic4qnufagmbaaecgyeamcha7eqgasckcx5damhtc2 bopfblfcijb1rnd6l7mcxb/coisutb2bctyklw0lhaiadyi5r87ply3ijif0yju35i8aiedvmeaqxxqfpisimxlomz6p4vlbzakz493oxpeh81chqbwnfkife3vvthbcnozqxlfwthidae2kpjlecqqdycml09eydbnguzg1r4taq4ceze7ackefwk2at76raqz9nkrynbizhsklu3jedrm2ez7jimuhsukbbks/mcxbrakeazop7/pyddsxgdfdecyuxtuekyzzuvdgiynmoexhswtmtz7qdqqe5p382ycqcy8rxxz6w9cljuukfa9i6tcz/zwjaqbjpg318d8flohbzbixwe36iwia51jjfcpowc7ztifviakhoofyngiisdulbwm 7dhyud/oxli4/ope3zhgiqqjaqd3gfjnrdqty19kz8oyaaa30h0prbg3qx shirgercjuy oius0ky qp8egz3a0tgjrgx6you17e6nmspksn qjbakhabgehqs0 z5wtfcunuqc6hv7wlhbyce5ysxbnsiaohxdr6nqwjioy22q3m8ainp9ks ldww0o4c58varkyo8='

  

  

  

url = 'https://api.langshiyu.com/user/v2/account/login'

  

  

  

def md5(pwd_str):

  

    md5_obj = hashlib.md5()

  

    md5_obj.update(pwd_str.encode('utf-8'))

  

    return md5_obj.hexdigest()

  

  

  

def times():

  

    return str(int(time.time()))

  

  

  

def sign(content, private_key):

  

    private_key_value = base64.b64decode(private_key)

  

    key = rsa.import_key(private_key_value)

  

  

  

    # 计算 sha-1 哈希值

  

    hash_value = sha.new(content.encode('utf-8'))

  

  

  

    # rsa 的密钥长度为 1024 位

  

    k = 1024

  

  

  

    # 计算最大签名长度,根据 java 的实现方式计算

  

    em_len = k // 4

  

    h_len = 20

  

    t_len = 3

  

    s_len = em_len - h_len - t_len - 1

  

  

  

    # 进行签名

  

    signature_value = pkcs1_15.new(key).sign(hash_value)[:s_len]

  

  

  

    # 返回 base64 编码的结果

  

    return base64.b64encode(signature_value).decode()

  

  

  

def login(mobile, param):

  

    params = {

  

        "password": md5(param),

  

        "os": "android",

  

        "mobile": mobile,

  

        "version": "2.2.3",

  

    }

  

    return params

 

def jiaparams(params):

  

    # 将参数转换为 json 字符串,并进行 base64 编码

  

    params_json = json.dumps(params,separators=(',', ':'))

  

    print("json转成功:",params_json)

  

    data = base64.b64encode(params_json.encode('utf-8')).decode('utf-8')

  

    print("data成功:",data)

  

    # 对加密后的参数进行签名

  

    signstr = f"data={data}×tamp={times()}"

  

    print("时间戳:",times())

  

    print("拼接成功",signstr)

 

    signss = sign(signstr, pey)#sign加密的地方

  

    print("sign成功",signss)

 

    # 创建一个空字典用于存储加密后的参数

  

    result = {}

  

    result['data'] = data

  

    result['sign'] = signss

  

    result['timestamp'] = times()

  

    return result

  

mobile = input("请输入16位手机号:")

  

parem = input("请输入密码:")

  

params = login(mobile,parem)

  

paramss = jiaparams(params)

  

print("发包内容:",paramss)

  

fb= requests.post(url, paramss)

  

print("结果:",fb.text)bjsdm

  

#结果:{"code":0,"message":"该账户不存在","reqdata":{"data":0},"reqtime":"0.015238"}

原文链接:https://bbs.kanxue.com/thread-277869.htm

网络摘文,本文作者:15h,如若转载,请注明出处:https://www.15cov.cn/2023/08/27/原创入门级,无壳app登录算法还原并实现发包/

发表评论

邮箱地址不会被公开。 必填项已用*标注

网站地图