我找到了从Java JNI调用的C ++ API。 libcma.so包含方法Java_com_smule_android_network_core_NetworkUtils_makeDigest,该方法将创建摘要-我认为它是MD5。
以下是相反的来源:
https://raw.githubusercontent.com/Bizarrus/Sing/master/cma.cpp
这是JNI的定义:
谁能告诉我将使用哪个Algorithm?
修改
将遵循以下HTTP-Request:
POST http://api-sing.smule.com/v2/login/guest?msgId=1776&appVersion=5.7.5&app=sing_google&appVariant=1&digest=179645edb702ce4a57197141522d848145f8861f HTTP/1.1
User-Agent: com.smule.singandroid/5.7.5 (6.0,F3311,de_DE)
Content-Type: application/json; charset=UTF-8
Content-Length: 501
Host: api-sing.smule.com
Connection: Keep-Alive
Accept-Encoding: gzip
{
"common": {
"advId": "e133b6d9-25b1-4651-b4b8-94d80fa25ed9",
"automaticLogin": true,
"device": {
"carrierCountry": "de",
"country": "DE",
"deviceId": "a:e133b6d9-25b1-4651-b4b8-94d80fa25ed9",
"deviceType": "AND",
"googlePlayServices": "12.6.85 (040306-197041431)",
"hasMail": true,
"lang": "de",
"limitAdTrack": false,
"locale": "de_DE",
"machine": "F3311",
"manufacturer": "Sony",
"os": "6.0",
"product": "F3311",
"screenSize": "normal",
"script": ""
},
"pulp": 17,
"tzOffset": 3600,
"vorgom": true
},
"forceNewPlayer": true,
"lookupAccount": true
}
带有以下Response:
HTTP/1.1 200 OK
Server: nginx/1.11.5
Date: Sun, 24 Jun 2018 16:27:31 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
X-Smule-Host: a155.sf.smle.co
X-Smule-Digest: 64dc15893bbf43240798c73ae652bfb80e848f57
Set-Cookie: L=N; Max-Age=172800; Expires=Tue, 26 Jun 2018 16:27:31 GMT; Path=/; Domain=.smule.com; Secure
Cache-Control: no-cache
Content-Encoding: gzip
{
"data": {
"loginResult": {
"elControl": {
"npt": false
},
"handleNew": false,
"handlePrefill": true,
"language": "de",
"loginCount": 1,
"playerId": 1762444898,
"playerNew": true,
"playerNewlyRegistered": false,
"playerStat": {
"installDate": 1529857651000
},
"policyUrl": "https://www.smule.com/privacy/embed/20180523",
"policyVersion": "PRIVACY_POLICY_20180523",
"serverTime": 1529857651,
"sessionToken": "g4_10_wma5HOX13kDeho2gvEuIQyf5EnUaAp0Uw3C24O5w9s9xUB1U0JOC0w==",
"sessionTtl": 86400,
"showEmailOpt": true,
"termUrl": "https://www.smule.com/termsofservice/embed/20180523"
},
"settings": {}
},
"status": {
"code": 0,
"message": "ok",
"version": 1
}
}
在POST请求中,Query-Argument **摘要is the哈希of the request. These摘要will be created by Java_com_smule_android_network_network_core_NetworkUtils_makeDigest (i think). I don't know, which data will be used for the哈希算法{{1 }}摘要具有以下参数:
- I've tried to reproduce the(按字母顺序排列)不包括Query-Parameters-参数(这些方法将在JavaScript的网站上使用。我尝试了一些数据组合来重现digest,但是我没有找到解决方案,这些数据都代表了原始摘要。
从digest头上的Response将被X-Smule-Digest散列,这是我上周复制的。这里(在MD5中)是一个用于计算PHP的工作示例:
X-Smule-Digest答案 0 :(得分:1)
1。您指定的摘要长度为40个字符,包含从0到9的数字和从a到f的字母。因此它是40个十六进制值。因此,很可能是使用SHA-1摘要函数创建的。
2。您指定的C ++函数具有以下签名:
int32_t Java_com_smule_android_network_core_NetworkUtils_makeDigest(int32_t * a1, int32_t a2, int32_t a3)
Java源代码中的相应签名为:
private static native String makeDigest(String str, byte[] bArr);
第一个参数a1可以是JNI环境保留的指针。因此,预留a1输入,该函数接受两个参数:一个字符串和一个字节数组,并返回一个字符串:摘要。对于我来说,C ++代码本身太复杂了。
3。您指定的Java文件中两次使用了此JNI函数。在函数m18107a和m18106a中。让我们在源代码中添加一些注释:
// Function that takes three arguments :
// - a list of pairs of string we will call the "json pairs"
// - a string we will call the "secret"
// - an other string we will call the "optional token"
// and return the returned string of makeDigest which may be the digest.
public static String m18107a(List<Pair<String, String>> list, String str, String str2)
{
// Sort the json pairs alphabetically according to the first string of each pairs.
// (Check the source code of C35442 to verify my statement, I may be wrong )
Collections.sort(list, new C35442());
// Create a single string, that concatenate all the json pairs.
// ( I guess { age : 21, name : "bob" } becomes "age21namebob" )
// We will call that the "digest input"
StringBuilder stringBuilder = new StringBuilder();
for (Pair pair : list) {
stringBuilder.append((String) pair.first).append((String) pair.second);
}
// Append the "digest input" just created with the "optional token" if it exists.
if (str2 != null) {
stringBuilder.append(str2);
}
// Send the "secret" string, and the "digest input" as BYTES (may be important)
// Return the digest computed as returned string of the function.
return makeDigest(str, stringBuilder.toString().getBytes());
}
// Function that takes four arguments :
// - a string str
// - a number j
// - a string str2
// - a string str3 (can be null, as seen later)
// and return the returned string of makeDigest which may be the digest.
public static String m18106a(String str, long j, String str2, String str3)
{
// Create a single string, that concatenate j and str2.
// We will call that the "digest input"
StringBuilder append = new StringBuilder().append("").append(j).append(str2);
// If str3 is null, make it empty.
if (str3 == null) {
str3 = "";
}
// Send the "secret" string, and the "digest input" concatenated with str3, as BYTES (may be important).
// Return the digest computed as returned string of the function.
return makeDigest(str, append.append(str3).toString().getBytes());
}
很难走得更远。尝试挖掘一些东西:
m18107a和m18106a在哪里叫?您至少可以找到这些输入的内容吗?这样您就可以发挥出色的输入效果。