原链接:https://sskaje.me/index.php/2013/05/verizhun/
UPDATE[2013-05-30]: 隐去具体密钥,释放文章
飞常准(http://www.veryzhun.com/)是一款国内比较好用的航班信息追踪服务/软件,官方莫名其妙地提供了两个版本的Android客户端,而且入口都在首页上。
不过也正好感谢这俩客户端,抓到了两个不同的签名密钥。
dex2jar + JD-GUI 发现签名算法部分的签名串是在一个 libsmm.so 的文件里,找SAI同学把两个版本的so都反编译了,一个15k的一个24k的,IDA Pro反编译的伪代码里边,分别有如下片段
v7 = xxx;
v8 = xxx;
v9 = xxx;
v10 = xxx;
v11 = aRtw8121X0csX4[8];
。。。
完整文章:飞常准用户客户端协议
(Was unable to post on sskaje.me...sorry ! This comment is related to your intellij keygen explanations.)
ReplyDeleteI have looked to all the details you provided regarding intellij keygen and it's really interesting!
I understand you cannot deliver the source code (you provided enough information to understand the underlying principles).
Just a question: do you have generated the private rsa 512 bits key needed to encrypt the byte[] array that contains license details (using RSA-tool-2 or something else) or did you succeed bypassing this step?
Thank you for your help!