MENU

hack 网易云音乐加密

September 21, 2020 • 技术分享

前文

自从上次写了自动刷步数后,喜欢上了这种hack的感觉。这次弄一下网易云音乐。

步骤

首先到登录的时候我们通过追查,能够找到请求参数的 encSecKey,记录在core_xxx_js中。打上断点我们可以看到

image.png

参数a的内容(函数):

ƒ a(a) {
    var d, e, b = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",
        c = "";
    for (d = 0; a > d; d += 1) e = Math.random() * b.length, e = Math.floor(e), c += b.charAt(e);
    return c
}

参数b的内容(函数):

ƒb(a, b) {
    var c = CryptoJS.enc.Utf8.parse(b),
    d = CryptoJS.enc.Utf8.parse("0102030405060708"),
    e = CryptoJS.enc.Utf8.parse(a),
    f = CryptoJS.AES.encrypt(e, c, {
        iv: d,
        mode: CryptoJS.mode.CBC
    });
    return f.toString()
}

参数c的内容(函数):

ƒc(a, b, c) {
    var d, e;
    return setMaxDigits(131),
    d = new RSAKeyPair(b, "", c),
    e = encryptedString(d, a)
}

参数d的内容:

{
    "phone": "***********",
    "password": "b69f0c9743c84b1e04fbefd2129abedc",
    "rememberLogin": "true",
    "checkToken": "9ca17ae2e6ffcda170e2e6eeb1f63b94e8a294c647aca88aa2c85a978b8f84aa528bb6bdb5f767aaa787afaa2af0feaec3b92abae8aaa7b765b8afe58aea5a938e8bb7c44e8fab8384ee4facabb788b167f695ee9e",
    "csrf_token": ""
}

剩余内容:

{
    "e": "010001",
    "f": "00e0b509f6259df8642dbc35662901477df22677ec152b5ff68ace615bb7b725152b3ab17a876aea8a5aa76d2e417629ec4ee341f56135fccf695280104e0312ecbda92557c93870114af6c9d05c4f7f0c3685b7a46bee255932575cce10b424d813cfe4875d3e82047b97ddef52741d546b8e289dc6935b3ece0462db0a22b8e7",
    "g": "0CoJUm6Qyw8W8jud"
}
ArchivesQR Code
QR Code for this page
Tipping QR Code