【实战】人人直播 password 加密分析

分析

搜索 password

jadx 搜索 “password”

找到地点

private void aCv() {
        SettingManager.bmC().m16156rl("");
        SettingManager.bmC().m16124tV(-1);
        RSA.init();
        aBB();
        Variables.account = this.fgV.getText().toString().trim();
        Variables.password = this.fgU.getText().toString().trim();
        if (Variables.account == null || Variables.account.length() == 0) {
            Toast.makeText(getActivity(), RenrenApplication.getContext().getResources().getString(C4591R.C4595string.v5_0_1_guide_register_account_no_null), 1).show();
        } else if (Variables.password == null || Variables.password.length() == 0) {
            Toast.makeText(getActivity(), RenrenApplication.getContext().getResources().getString(C4591R.C4595string.v5_0_1_guide_register_password_no_null), 1).show();
        } else if (Methods.m13910tM(Variables.account)) {
            Methods.showToast((CharSequence) getResources().getString(C4591R.C4595string.v5_0_1_guide_register_not_have_china), false);
        } else if (Methods.m13910tM(Variables.password)) {
            Methods.showToast((CharSequence) getResources().getString(C4591R.C4595string.v5_0_1_guide_register_pwd_have_china), false);
        } else {
            deY = RSA.bNv();
            this.f14991n = RSA.bNx();
            this.f14990e = RSA.bNw();
            if (deY != null) {
                try {
                    Variables.password = RSA.m10340P(Variables.password, this.f14991n, this.f14990e);
                    RSA.kJi = 1;
                } catch (Exception e) {
                    e.printStackTrace();
                }
            } else {
                Variables.password = Md5.toMD5(Variables.password);
                RSA.kJi = 2;
            }
            if (Variables.account == null || Variables.account.length() <= 0 || Variables.password == null || Variables.password.length() <= 0) {
                return;
            }
            if (this.fha == null) {
                try {
                    this.fha = new Dialog(getActivity());
                    this.fha.setContentView(C4591R.layout.login_dialog);
                    ((ImageView) this.fha.findViewById(C4591R.C4593id.image)).startAnimation(AnimationUtils.loadAnimation(getActivity(), C4591R.anim.login_dialog_scale));
                } catch (Exception unused) {
                }
            }
            this.fha.show();
            if (RSA.kJi != 1) {
                deY = null;
            }
            C12919ServiceProvider.m_RSA_login(Variables.account, Variables.password, 1, "", deY, getActivity(), this.dfg);
        }
    }

firda hook 和 objections hook

hook password MD5

Java.perform(function () {
  var MainActivity = Java.use('com.renren.mobile.utils.Md5')
  MainActivity.toMD5.implementation = function (arg1) {
    send('Hook Start...')
    send('=====================arg1=============')
    send(arg1)
    var t = this.toMD5(arg1)
    send('=====================return=============')
    send(t)
    return t
  }
})

hook password RSA

Java.perform(function () {
  var MainActivity = Java.use('com.renren.mobile.utils.RSA')
  MainActivity.P.implementation = function (a, b, c) {
    send('Hook Start...')
    send('=====================arg1=============')
    send(a)
    send(b)
    send(c)
    var t = this.P.apply(this, arguments)
    send('=====================return=============')
    send(t)
    return t
  }
})

[*] Hook Start Running
[*] Hook Start...
[*] =====================arg1=============
[*] a12345678
[*] 9ddcf8c2fea9cdf39ab64ca208a99a13e6a607edaf1250ba105a150bc197fc09
[*] 10001
[*] =====================return=============
[*] 9cdbd2bb1c45dff85eaecf20814911c15e1f1c2a6f1bd2f9bb5c5d06b6338fef