学习逆向某风控id分析

时间:2025-03-06 20:25:42

侵权删


1,初始化接口===配置接口
请求参数:

{

    "data": {

        "smid""2022050615375359f8c969cd07e16daebd9dd4441226e000b0e688bfbb58e6",

        "os""android",

        "sdkver""2.9.8",

        "enc"1,

        "md5""988751ca8e09f518984ff7b0bc98753a",

        "sid""1651822673895-40780"

    },

    "organization""sdj8X1y4Unvsx2DYN3BU"

}

返回结果:

{

    "code"1100,

    "detail": {

        "code"4,

        "ver"1

    },

    "requestId""c32a0498cf1a43172d4541baf02960d3"

}

id返回接口请求参数:

{

    "data": {

        "pri""aZy0+s1KUp3jzuS4NgyFJcIvGKScbD9RINDyuKTlHJFnr93kHrmUJldxHtE\/QGi06UBsRaiaDg0EX7r5Bi0Tv2H5FbOKPYojoOOiNIm4KE5ONZ4To4jzbEdLSYR0sUHT1Fe\/KrIAHXxppoPWoTN\/ePiU9uE\/mPppI+Q7mI\/HgKr2xtuzGdICdFFFWAlIa7wkQmBi9N3MOqV7nBketc219tGWzu6JI5tmKMd4Ac\/qRV2Xl4wu7zpiCmm9FcCKENBcrISykRMWP1fX4R2PZQprkE\/uJdDWXx\/2mwbjH7kUp6UvvEYMYGTMhq5w8FFdyzo6FrceuEGQ2fc4hBocmOt5Lg==",

        "fingerprint""mwwX10hhvGjLIuc9E6yveD0wgtRXeAPSHysVOW+CMYlHMqWu58ZKN2V2na68ZzSHpd0kEDItS3vmr9k+MziCjB9RcO72q90QnPqNr+j+TB1zQ12mFeIG7AgfLmNaZPm9a1qfh4B8PEPGF3rIwa4Cfy9VLBNZCkN107NCjrUk+xc5w7H6s6rxoDCdqlaQx9XrI8gV90q3WcydIcTH6ihkg3B5GfqFhx4KXKKyQDC\/xlNDt3DlBAxMt0mr53gf0w+h4G3g6Staw7LdAavQzqEm9yVVWbzWH3R\/NRNBXiZxBHbVR0FMzet1X6fs8vTVjSohJRU1co\/55tEkHj0zM9bCK9yhbGuA9kk6b\/DYijHJ3M9fbj9rLl1yUHE7CfuM14MgNX0MhnL4SkgwqvUuN2\/EYo3eGKBNCaknakw99UxAFlUiD6urCfJnf8APt3UYQyWz6sVHwHRaF+sv33VtQQpkjk1sw9zIb7zULucgx9SA2ShYPCPVg9BiKOHIUK9N8MqGZ62m2ybuLsKxlhnbDO6OjUM3qbDYzO1P6WJkxY7zvhLVbEoYHYv45RPkBt4PlA+tawMCA58Z4U5cPmZ0+Lug8rQlT9E9oiCn6pdPt7jwFZj\/4XGOnM8oSgdpwgDUJ4+Udr9QpynJi6n9ic\/4MvtySEdjMm2lEvEXqFtkDef2JBBxptkhzCRFq03LOgWzZIovz\/u98VDAPp6PTZBoJCMrucSKQjdgZ4p\/5WR\/Rs6CCfSzZGf6fSpRrYAdST8Grdueswv3D8L669cN09IDX77b4P7VcoWLRrRSDUd2LHqgNmBZc6KG7MjLWnezduFk\/DrQVRFTdkxz3sq4gQbidf6orxMYjszzW60EOMrydT14UUw11\/s\/36QkRJuCH86\/UOQVSjlYHhvs31EKeQrr32w7SKApBv5HOoQ2b6vJackrY8Y0Bmpp7vnnIoiH9Hiyqsb5hBrzFIwu9KHYHjwjXzI6DjP3EogeUSe3gcEWxinbAAYokJiqVaAyFhRA5d9REFmt5dvVI3mHvbiU5\/b7cC2ZV\/pZ6UksbKMSCbkF0vT+nwafQdUBuSUnaef8+BVfpMRrfYaWdQcl0XCMEFLrwR7v934bB92q08FJatpvGWgkgQkBwA98vXPujxLUyG6mxgrwVTZnzHD\/\/FBnrILYCawTaZxiXKChMxtAG2rAz+PnW8HaSq+BcvCpbPbIy6wcWovSQAPprdhBzRLT5uKnQ57k4Z\/KSchF1PuH6NZ71ZoGWnwCxwI47xoGHRWPtw9MYyQUlPll+b8eGILlJHhsg14nc0sH7UKgQ9N9TzhX0C55qvWVrKBmjGT1UM2EPQ1M7926c40wGGAIf5a8MYnUdW2UoYilKcQgOmTRFcQ3UMy8aU8KP7GTKC\/sDLif3cJ+kDVXhUQuUYQvovqpg00TiL1KcqIkXOzHR2xU9c6VwiiyK\/Y0sD+X8km0oYQOnhvg7tvdoyj2bgcb51ccTqL6m+h0clkADhzd2k2eJEy2Ja6JzexwOd8tOekLRhPKcxVIDzLhpP3tSEY0319ck+WpDyPfppEmkzoG2TPKoj9AFDlBVK2AagSC\/R7coIJpCu5oZh3FEEirGuXA47I7u9V8FNEwUSN8pioor9kt+cSUWSQfZZ6qKtMhhRFe0QDTTa7QlrhLc9b2aG1\/V\/q+LU9+mbt6dpKlKWwWovLIlhyZ7NNXjKoPxZEUynO6n78rk8OWalgJs6jVea5JUg0psqucIM2TRnn4n1iElaZmFFhBRtZm+D2n99\/VgXtZ2nygK7EYIyiZxeZYgr537Ca02+bIKYNCaeg2+1OIKD4eflu6RN9oY6ZwSQW\/3CsrgZJINtFEU76KpHXWSguW1IIynhv78YPdj\/OGGhivuLEtSRYTVOHBxOy4J2llk794fkB34RB5mutoDovFX9+YGkG2BG0Jxb96xIGcRFNh1tgrrkIwoCxyXpAEonO5kX1TkivIrkNyR\/RZUR1eYaGZLMTmrbcxcb7ilT2TlFQQC38XDgTxenvCZCcigb+7Zz1Y5edXyCgkPO0iMvRvmtrM33gRA46D7YtmV2LHoWwxeCqK1dUuCbZFFLCvxMIVAxUoqYbOZ8NHr4JfqOD0gpGrAkxAZBfmP3lC\/Zw4Pnz26ZeJW3tWRC\/dr+30k372h00ejVsiPqJxqrVhTW0H\/c9g2qdCrsd\/LmAkE3SJeGWPdqfJF6uR6sXCrrmLqDPgeB9ZGm1nKYufTWPEg+hkyBfI4nB6RGd\/Bjv+T3ZgSxfU5NyWFSk85Vq\/n841O05jaArVDSRUErSfvuzuH+7XnhXT\/ti2Y4WQqrHjVk7kePpwzyYjcFHIZ1XkAHnI6\/IfDbLEc92c0ku1hdZb+qIevtrqCRRak1C0FsMHpkUpWuRPUhrxVDZq3SnkjqQFpgqDIOrToR6KEhqmYnJ9MByIsEiVzIOn5scUfqY1G2XmBTchYIqj5ldrBGXCgRuLwVuhk9VrvWK3R7KKl+QmCa1TIp9cgSkWyknXUf057RLVaoOhNc3LPgSFfeCLJ64koF1HbnDJ25bO1Kz1uk67kOUJh4kU6zGWKQ+Ga3TyoD1pr\/yYpGF2vIk4VoHbMolh8F58CmzfL6jILdUgZrae7\/Qd0bej6yR0xGPHvHWIYtym5GFNRcch1PDbMjSXttnFD9ayk7iiunUfYagV4NYvVHHewXxek0CiP3rJd2YEjQhMyilk1Q5OlVrVTrRBKqefyo4r5vNv6NMiJvnWMFtFFjwGv4hKAO2VmiR1ugFLzionJTZoMeWY0Vf19A5uy6W5DYbg29iiPw8jX+Iu59fk04kdmplDNIcAb3s7q3Y2UVQf1SEPVl79VOYj0WBUzpT7l5c1O8dXqm4GqQtGNDWqOEhPYa8S0PncXD8AUN2mN6\/GJA1aoDX+mj7lrNMPwtHwYr2iRaiP1gvuq1mm\/IyPUcCxVTWL2kuuR+LwzJeuigGtIbu1RjUF0TmvPjdbKG0SXWfGOCRybmVdOy8UmFF4311XuwSubTtvzr1rCbyFblcrWzgXJTrltOfOu4gSbeoURO0gfJeBod9Xcv6Wh+f9l8pnJ8ewrKNJTm1ov9JkYiOfmVXkZvqklz2Ul4KlCyX0NicXS3lHZ0e25mNB1NGv5jBGAjJE6kKjh3x0stnvGrgSHiMtNAaePSs2VaMoKKA8t0qvyITUHJE8dKpSAneYXnp86MbkoWXSvBi+a0JBNbre28BXuoYmCQjGscmR5aIyNRb+Nk88vJBg70c4CZzp1sdFaR8agcwYGfDaaH1evKxe4UVE2B4OV4plIUDkwNRTin+DBJZEUwf05GCGSGSkBlm0jJJl9BvuNV7LGTv9XEOKa2MaVsBtys+W4kh7q5TzQ7rmab8Qf2+NxPbsOHKLaTyd+WOIjemkTAWtlX3WWoxs0UHlmPW4NEmrBnnVJlvxqmdRofq4+eiP65ssmQpxZZ5qZgnP7YfSgOok1loNukMShUarW9LTePx52t3O31mI28y2+MzpZXF8fM6scnr\/2lzC2aMlQNUs8jGv9A3fiH\/uDYs\/DgWFBaUIvvOujTmrXU8XaLNMJLk36qdAHKVwtAVkoZBsJXGydWmoQoUjAnTIp4Kdbo\/402yrKKu3kGyjEnciNCCP4bxvFkSLFK0xvIBcd3XM+ASMLTKf674a\/bGgM2wetjcaAlsru\/NUJuDnNtqnFuCrKpftiKLDsydO2LQTP+1d+11Q35oxG3McfajSbavqF+CttO1nTl62DPMsxTdgYpOLUIxcFAUL1z44nVc9N8QZm4u8lj\/CjnEgH\/\/lGTwE0r3mmre\/5Jnw08GU2AnUdHXy\/xaJIdjVzMGKVCDRS4WnMmSRW8k0dYMO22wFT81ekq\/i3A41MQbH82n8weAgs+oAW5hKuU0xn\/P6iLxQo08GzY2q12ZBFCyT2a9eUVWbHPItkGuzLlmaj3RvOVtRdv7UcBjLtGuwmVfott6fEo7\/+v3Gcta4\/IcgG43cuwAKfEhIbo0BzP1qIABG72BcrOk2Dc0wkozOe4T9BZmwlsiiP\/PF07F+3t69oKNj4A2GKCJJ6y9QRMJfFBkUautjAcIIdBnBCPYjhjUiE5w0BXfIneCSUYBZyc30FHdJK7RVWLS2y5Wc6RAqNkvesGt3PwlJ3asE6EO3crxry8Dk62G+ATmwZEiAVc2ZxwhU3EJJeX2UE3yt\/uHxRNxQlaGy98Ss+RU1OSedli42n14KtEaH9EiVHLdfTWs4GVMkh4qxyl\/AKRh61mndrCUgTK63uDEd2blrM9jeb6GjRoL8TzYf6fGzU6lZ4BlD+f9Rys0VJ2CQIpI0jn+dAJ0Wf+Ap3ocGUd07D7eFdi5WXvXWSYsr7j3cZhz7w3t4CHHiDvfdcxE8frkdJL3BXD+mjC9Q+UWp9ibk3J4y11g2gpecstr7ZILDKmgf4z\/ZKRRD6rNObyHg6c8DOCmWkAVjM8r3TZKCyX\/zxzsFzIFaPiBZN0gfYVYFdoeczARILaGoZxsErzBnDVAHz3qccoASdnW7pVkwkHuTAqVhJTV2+2QSq9dsPqVi1WUgMu8s3qHdDvu96lV2p55Kx7lMylqEl1usjqwllV8VUs77IjeGuYZHtXEBMYSeXgnXR96ippMeidxZsl7o8l1gBerYSE8HeXZBICr+vZP0z0oe204TQKHZIDtk7\/va35iglVrRGIp\/xiXiYKiPNKjrBKCKaLmGTTqrM9BhWaxBYSncOYRBcri\/BzbzdtObJl9WjG2lD1T8BDNH52BQnKuOKYsxzQhjryPoe80fK+j6mf+xga2\/mvOV2u\/RiLrU35gmTSjDZHK06eHH5QaeEOZxNdi5GPZEh6SI1GdDlkLDoPEM2h6UcNPKs4XhrZ1rc7RQhVjm1oYlzZYYUJvfclF1JBKmADxvljIwo1YO+lDS\/ybB8AnIPupRCYoFEKs52wBmCiPaZ+ao\/+ypA6HIWnER4bDWBaJl4ruBZpb0UthPCfkYDCxy1DbaC1bTod1lBPmoFSekDGqGwhq4EnIRGGFyORbAUsM9nPW0icE9X7qFlzKzdUN9mSLERvCMXEIcbAj+Dop1c6eS5uOUjQySQ4DNv9IC5hg6lbghq5GMwT\/dApZaPTW2TdDHrKs+nCdL1SD6xgxWlcTJFjoYvMx6okpPs21UO14gFKzrsdTrfBy5lKkkAbzAVG41JjWrw6Au9VM3WtU+lMsLFDwOSaWYaPD3mBlz0b\/AYSxSON8v2YdpsVsQ7y2HQGqWYe97yswndhnny5ZJ1NcnyXsCER8VJg7o29nHCrE1h+eaYjRXZxLn0h1XQsKWV8Nfskrds159EcpFCzMy6BhKJM9h46G7nXeWC\/VUgrrPoANuccqe6cz5BUibCSg76TtGG48nYFYS9UR7SgOUPTdKl9EGm+LU3LDW56dQiRxZsdL+h2b2hTAR8PhQR2tbf20TpHsbT3p9M71dUQSpZV3BbYNKN8mVoptzt6Lz6ic1cBxVDLIkjq34cuwBSE61F7ePZvbL6oWSNWL7zhrPOj\/VOa82LdFSYTJk21MzlgGVgIFDkNr9n77JYYcOy1g0nP8QaEuSHnkoHHBbxcgzCH5M2mhSlqJwZr3UqDJo9mFnCqBU3SebUSFLuM\/HcPilHcMKCGhJEy\/amLFUvLIL6hbm8eKhzzITTkvEfAQf4I1FI2u+PHv2WnyfCxG+CeOovPomXoyANr+Rb7TvHId0ovbhc4ypAn3bavrhwy2TO6GoGzxcKKFLwgLnPiyY1cLwNmB\/avVX5P2QmC8qKIFKIePqcgFIJORi1ubNTr1\/rj51MLda0LcWtX+VYUqpw+KbpZeakp9zhASxQIF73b9EeM81JCUUdv+mjYfmdgkrrf3CJEGFqU0DxQ3Md4hrCzN0298xm66lBneYlod6UdpyixxTI9h8IWe2pOeaMRjIDwE65AWwi+3h5pV3+o\/Ow9tXpU1ogysWWNsHYf0\/4H38ZdnUozdWMH7RsrIpneGD0JeMpq4gJyOLTv3asBP5\/gCDgm\/YwrSHbK4PvBT\/LrCSiT50QnZmxKPFocvcRcdc7e6ryIOzl24GsXMyUOYV9mrsT1Gg4ki8OOpg7CGIS\/sLE1pNDFug0PETdCFhoKnG9v8bVnkd2rwYG1pUWNNDWXwh5Fsu6fnlst77QcET3kT14FErIPLUTRi\/l59lf7ueG5NT2tlOgtU\/ldz5lW2CPpDDKbATT7x\/1lKDSPHAAIXJj1LnvaMY4klVpywFgdp8L7xa6Jxf5SK92OjgmA4S7fTPDrconIIDN7fZdKiwC9fg6q+HuFprN1ZA4DFiR1jmSi965D2Li827tKNdqTk8hG3nYWSc\/alxOkXkwapmK66hcKvJZ+SXlUwz3lNPAO1kDDmsE324OvZs2i\/Pwn3ktWNjp5aO3ur9mhaHxvTGTlvtupb+niBmdvb\/1cLrPhJe5yqYJEhfbDgjPBGXvXzc2zRCR3cCFLIaTVDNW1q2OzVo8RY5U6W8kjZHH4crDCCqWztg1TpwS0HotE2cDvVzamQnRSSRjy4K9miIajxO7Fa1mkdYtXayder3D5PlX3N8tqD2Z9WaLSvJ9GEBScIcLxQXBYySZOE6CcsxPliNsF3PNpXK3bqQetZCMcZJm4d+CxIDQrQj5MGi3DDCnDHI7sw50cXTLDBJrzsHb1qcxZgVCqs5zUjbtYhtmrBDVY7kfpXQkt4ZliSUjpLmf2mkGwz5FYS4aeLweYIAgNcOlXEDs4fy1EY+RBMFYzL4v0Kb4HwCfRhgD9dHEohh0G5rXTNc5+u3NzzaQU+OfLoHtEDAfrbri3SNDJTl+3R7kvUMppWMZWuGwGg2bUiVKMUg+fl7YNT\/Tz+xqYD1ba77Wl\/eOfSokObrfQX96HeT5AwROQhFcXS+wQj9iekk6KI1ps07MTAcHvNAVj5KuXDbqag\/x3W+6HZi5n6Aueyamqew9O540wyvpJmW6ciPcgMw3u+ZH2STHP7zD462NE7yeM9dPS6+r5oRKHB8S\/5TXdlsdq225HxPqoBGJHS+iCg+Csr\/M8+vrOuuUDzsvUkLsBDpl2u8v9+3mz75ns0eKDkW8RLY2utJ4ml065eDjzoj+mSJRrV4nL5UpS\/L0HPvc2uJR7d\/YWVVdA2Wb2BhNa2U5tcIjwnCPFM+fYyRllfCpQ0LdctQtnPFjJdqLYihXQPUexIgrZM+JVPb6mTDlulZOau4xgMGzGX9eDeVuS36R6qJuck6muf7zxEH6QlVsCe94x7adANbsrlclXk9q1BBjmrPopUS7nUt6dFGc4qgD6EA3YIeML3eIRB0FZy+LoOYqp66RGmXw+2xxTJYicUou7xp2Ua970X1TRY4loBwQ2AA9zTb1Wf4WMCbRzQhHDPLEOnv2XhJFeYtGmAueZsE\/lsfST8D7zoC\/o9+HYeo6Km2eyHskw2Pcbxuowlx0gG9dXbJxYOdQEbXFCJeX3n2mieJwMJAIhTtTi\/D1vMmiBEWzKNN132R3PH8ziBcijFNhytmNsscXA+AiJuKtYpSQZxyH5LDRaBY4qvaYS21gm697TGbRoaFPRAqGcbOyk0G3EudZn5UtafxYYckaVkKCpHSTOQvl6V5+5eQHywZYUEPbCdqvRU8kGufkEaiiqDAzWNjqirJHdLVO3u1GikdObC+uTtcaXbA3X9g+EgchqhmnChQanGq9WGqUP3I3gB88ZqzNe7pnF8FoblIXvIf5qcV19d7+32YrlGh51MwmAAY0eDIaNyiu10E3DKbTuRIgUR2jTGfblUm+rYUy1MNC7WN\/jdqdNP26PlVYlvy0An2f+a1Fm5Iz7cl46IL6x4crDYC46yhck82jx6g8iWU9qat51MaGpsEVgnv5OBOPTmOSRcuB\/9evQG25wn98uNH1xoWW5W5vD3HhmxhIp2H5nDAGAua0uXSWDxTF3rRcSBGs5OtsYAd0OknIHs+9zcJWC7vU0mEHV3Fhrw949RiBFXRc1Q8H6dffnqc4wEDritcRBDxDueYJcK2B08cfV1Mdu2YN7hlZ\/8c29Gicl42OBYryw+0Y7k6ZKHKzjAe1Qbxd2cwhcK1jIRvCksB5kmlRgL619wbwOQwlxn5dqm\/ZcOFg8ylRL\/hVCmZSodx4I4gz3syOaH4Uw0u35fL\/qnb1SbV6ZT\/5RPsMnvS9fB2W\/xLSTolmsTaAsAuxWTcgRg5E6yEVkW45seVE4qNsLBeSidr2\/MRUOr8d5SuSfrz\/E2vtv6WHNPMNFGEFHjnSPQiLjfzmP79GHNmKpNp0JAZY06k1Cwbq78rMdnAIO0Qf5\/wL2wMqO6I4R057eIB7CRYF9s\/IA+m6MoeSHMNFPtmdw==",

        "tn""YmGFAcKkQT1SsYol8LmhOKRI3RQpw5Cx4RAYdyfweX4ceelFKtNciPGrEO94bVyvSpaxli5h6zAkx4DXEG4vo5mlosh7UTF74y\/nrTlL+KcmZ\/6i+rQ\/wRL0uFaPb48kpXk32ktRF8lWYDGATzV\/ZAeFvixD9Ydi2+au3oHkRYa93mFdU\/t6MkaMAophuYsyXJ1hIFWyKrIACBEZZDEc6SbpTpS1VIIaxhwa0B\/uubKdOg8DBkgkpXNZnHqTjprnJrSaBuV5kYMKy2FbEPhUro+kBCYoiFWSiC+8T3Fd29ATO3P3f52sEdBQZE5\/dMhTem6PoytzseDka2ZRgp74xA==",

        "sessionId""1651822712180",

        "fpEncode"11

    },

    "encrypt"1,

    "organization""sdj8X1y4Unvsx2DYN3BU",

    "channel""bx-gw"

}

返回结果:

{

    "code"1100,

    "detail": {

        "deviceId""202205061459453b91eb7b6a57724f5fdfd1fdc7074a1f01182f14258b1c81",

        "sid""202205061459453b91eb7b6a57724f5fdfd1fdc7074a1f01182f14258b1c81"

    },

    "requestId""687bc489c3686e585433ae7566b0e57c"

}

2,frida hook getDeviceId()函数得到的结果:同一次初始化,结果的值不一样

18537 ms  ()

 18541 ms  <= "202205071654504d466d8a9e7aec0e6e594821bf8f51c70000d8b3411fc7b8"

 35459 ms  ()

 35460 ms  <= "202205061459453b91eb7b6a57724f5fdfd1fdc7074a1f01182f14258b1c81"

3,java 代码分析:

public static String getDeviceId() {

        return f34263a == null "" ().b();

    }

.O0000O000000oO.O00O0000OooO

    public synchronized String b() {

        O000O0000Oo0O o000O0000Oo0O;

        if (!(this.i)) {

            return this.i;

        }

        O000O0000Oo0O o000O0000Oo0O2 = this.e;

        if (o000O0000Oo0O2 == null || (o000O0000Oo0O = this.c) == null) {

            try {

                ("sm-tag""must be call (...) first.");

                return c();

            catch (Throwable th) {

                ("sm-tag""", th);

            }

        else {

            for (O000O0000Oo0O o000O0000Oo0O3 : (o000O0000Oo0O2, o000O0000Oo0O)) {

                String d2 = ();

                if (!(d2)) {

                    this.i = d2;

                    return d2;

                }

            }

            return "";

        }

    }

public String c() {

        return (.O000O00000OoO.O000O00000oO.f34171a);

    }

    public static String a(Context context) {

        try {

            return new SMSDK().z1(context);

        catch (Throwable th) {

            throw new IOException(th);

        }

    }

private native String z1(Context context);

4,unidbg 获取jni动态注册列表:

JNIEnv->FindClass(com/ishumei/dfp/SMSDK) was called from RX@0x4005398c[]0x5398c

JNIEnv->RegisterNatives(com/ishumei/dfp/SMSDK, RW@0x400a1120[]0xa11206) was called from RX@0x40053ac4[]0x53ac4

RegisterNative(com/ishumei/dfp/SMSDK, z1(Landroid/content/Context;)Ljava/lang/String;, RX@0x40052950[]0x52950)

RegisterNative(com/ishumei/dfp/SMSDK, x2(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;, RX@0x40052ac0[]0x52ac0)

RegisterNative(com/ishumei/dfp/SMSDK, x4(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;, RX@0x40052c74[]0x52c74)

RegisterNative(com/ishumei/dfp/SMSDK, x6(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;, RX@0x40053094[]0x53094)

RegisterNative(com/ishumei/dfp/SMSDK, z3(Ljava/lang/String;)I, RX@0x4005347c[]0x5347c)

RegisterNative(com/ishumei/dfp/SMSDK, y2(ZLjava/lang/String;ZLjava/lang/String;)Ljava/lang/String;,

5,通过抓取数据得知:在native层获取的deviceId是变化的(知道有当前时间+uuid+其他生成)(未分析完)

*(_QWORD *)timer = time(0LL);

         localtime_r(timer, &tp);

         LODWORD(v18) = tp.tm_sec;

snprintf(

           byte_A2158,

           0x40u,

           "%04d%02d%02d%02d%02d%02d",

           (unsigned int)(tp.tm_year + 1900),

           (unsigned int)(tp.tm_mon + 1),

           (unsigned int)tp.tm_mday,

           (unsigned int)tp.tm_hour,

           (unsigned int)tp.tm_min,

           v18);

v28 = fopen("/proc/sys/kernel/random/uuid""r");

fgets((char *)s, 64, v28);

6,分析配置接口参数:
organization===>hardcode ("sdj8X1y4Unvsx2DYN3BU");
:sid ===>1652153150390-36739
生成规则:
public static String a() {
return (, "%d-%05d", (()), (new Random().nextInt(100000)));
}
md5生成规则:
代码调用如下:

private O000O00000OoO a(String str, int i, int i2, int i3) {

       String str2;

       if (str == null) {

           return null;

       }

       try {

           byte[] g = (str);

           if (i2 == 1) {

               byte[] a2 = (.O000O0000OOoO.("zaq1mko0", g, i));

               str2 = new String(a2, 0, "utf-8");

           else {

               str2 = .O000O0000OOoO.("zaq1mko0", g, i);

           }

           return i3 == 1 (str2) : (str2);

       catch (Exception e2) {

           ("lty""e: " (e2));

           return null;

       }

   }

md5通过demo验证该值每次通过md5方法加密的内容相同:

JSONObject jSONObject = new JSONObject("{\"code\":0,\"data\":\"dCjgPt2SrInat24CGI1ZdcJE1PVPmhz2TFE3svmGY5wPQkgF9LaW36QoaEq44t4UMIGySjSAghyRoRPU9jpCOpsPMyJZ6tCk8eotIsNEAjorvqyPgj5SMevJxT54OEnuSGjkUTMWFR9vfVGokusMVzHq1bs/WI5D5kGnnxtsGGapSOAu1znBfrCcsaovLNcdJy/KJP+Jg3Siub2euiLpRszUfODYu1vWVkGr6HoRDRzzzQG36usFuZjfydGxeBJ1shUTJBTZN/NKEA6zypkl/BrejH0vuFJEppPsQY8/9s3XXmYSWOT0+VaZuQdDhLo2hgyB11DW6NjarFrK/DRmxymw1/ZnAf0zIyp8ZiWwx+mN+HHFkAo7gvA7BmPzV/5VGieLzkmpo2+YMSNm8/76zP7lfXdt4h5HiwlHoQSmRWeqcn8r6ZQOHVamJErfWYX+S5BKn928GOvRBHLX/oTVxfqa3WUXNioSfIcUykl2v8KSyyG85IFBi2TG5mzLqnE+J0l/dyMIseAAynMlvwgkalR9E7hFmdMA8bh50j7RzUdT5dnsnXpucHMiNmcSPnkjASrJu3hR8uT7LeXSxILREXRemsZnoP7d0kKv1D/cYa85OYP3PpI6dxl8pmCyuUNPE3QCZsUyLhKwgBcCX3UDGDnclvSc5HcwJA//kQc6WnwKhl4SA1Af5fl1/iQ+O0dW3CZhNg2KB36UzfBBQ++BCcjRryieO0IhwYahTwkfOp6D5rTESAOGFQ5Va90KWtawBE1VUChaCFvf5tpq0UgyLNqfqVNyrb1ZbBqCX4UGNeOU+ikHNekSLIV6o+FlUrX1HLbaohvWchTgzO2lU72XHdbYLcMfOyR9BxdJfiaeNdvZ5+wGzT7ddXN4KIOYhecmrvqr2RP5gHjBSvUszjqajy/fqFbpxc0ygGswPOWa2xPriC3nro0t8ottBlo6t1eDOyyokByxcofUFJfewW6WKyivnd65oeN9UK1i0JzO9wHHhF8g1bBBsK2RC8RZesKD2tFD4iWI4B6633kzt0TeL11md4V6fQwwhU6fEGmPTaLf4509oMoY0iHrEbVpNwfw5uYLHgklKH5JjJfOuRsAv8ID+xR2TCAPpVtnJcJlpqF3HFs7K+E7WD3aHPKNI4mUKzRPUoHi3Iy3MY0zlC383kD+3vFS/yWAKNz+haapcFXcHDU85whbj35Z5KZQT3SfQOe96DJlV6VpAGeapqiYG9vdbDUVeUehqh0b49bd9TOxFt39X12kK5Njl0TtJivjaAt/Oq/hXhhnRXpji8B6bvEptAZ/dhirr/Kwd9vp8RYhepW55xkGz9Rqw4CXQ5aZrQvjr9TYMq789h1M1rduoiUCd2NK3bqIHezk5+6FohKmVoEzigu23fDYV0I0xQ/owXBtTXZYTSt4KUyZ1lLDfMmlZDj+PggNsZzClbZS7Hd1hSr7Dm0NrYpj2zGixutOu6BcRfKq4zdlnYL92VIMj5UKbnghyRuKDpVPV9s42LkfVQlL0oUHoFPfoBINAZgX/uVgRbNa6hiiRUL8rnk0MWgrzsKm3YY7iWRTXJn1pyLZ2okKAjnTqXF6fftujTOkIIUvXCGQNfRaflXupV79BZfDl6QmVeDqPZR9YFllwLM2mM4fr8/iQxpJEZ4ico7fPn2cdWwASDOob0kjOT0hUt5DaPP6bJTFbbcf3vZ46QQ2a80/fg4ouNoo/wYsDSl1u4JZDdvaeN3jDaYVriYIX6Vr+XIs5guubgjWdaY9ux/RmF2MSrpaKBJrsCeYbZd4Ljl3I1HxnT3ebStifE/wJsfh5/GImt1oO12JflBc6RrjPnZHSoB8ufyRmk3PBDVSjk0CZTh1dwrJFJ8kXzQzHnvkHsNRn2PbBOpigDat4JRLJU2rSotP83omZx1Rs6nSgbhyz/qJe4Xr9hFSI0nApzjB9EWwgZ+Ry/bIUaHul7LpyXNV1vyNrxh5hOPsAjRY6QbwLB3z8M3exsvZI7/gEAr9ZvAXSNR9ZRDSAfK24eYGbyBw8RfiYF3WLtAOiLMK57S6EC4pXbDwrHHSZ2ug5pR36l6m42hlI4tHmyGVGijaWXIyWkBGWDyKQCKdrpcpDV2+P4lEHCIUw6+uj0uSJR/G2kT1RBdMAPYU1D/Fjncsfm8ZcDBIDd9ITUiUgvbBJSBAh6CzK9Y7NwsKxBelTv8YYbZS97uHy3+8FgWK/kH6/dwx6DCj/XWcmMbpuGKMWfCNWNKiAqOH87m33/6QSNJKfU+COdzMmoTzQOFoSWCQlQghnT6vF5EOdbrwOai6q1m9HV3I1+JIpbdwJa4R4EX/FZd/k3bWkPM5a+Ls5uiBug2qvge0TBcNJ9VA1gD14vbaeK9yBJztXXYNKTUQsvi3hooaVoARv9EYvVV9fAwROLpWdqhVvqcW+zAj1Rqztvr3I9SGHdmlsr1MnBsIGATPx6EtL+LjMCDmJf9WbdnSshllu3QQAw/qc6MIKqjdBWJm1gzt3NLzuNCc3TppRVLPGQmnDIN5xPgw3F4+OhfKwTaybjQqRn2o4rAOQLCNC3lXsejU0vj692T9oyznbdqTl8OA/AXkSk1oRtaX+m8iGMeQAbbvPZNlm+dPkml6v2g8BCavHIJgFyRIE3OQvMMI0zLj0uIOyIfsYTpumcPLbQ8LCiZdUMPyEAW4DwbTOGXp9HRKUCDKJl8teWGB3SFB4gXSCA1UVCqZCmZy4sBHX4w9GM7Ks6T0fIRwgLw4z3brZz/x6U3gxO1hJ66tpZDr3DyRPA6b1WblWEManBhelSHDQRTx71Xc6I3jjm35KtwzO4W1uaQYl1D0bQxG0ozHbCAsKrVqGwPFOTAcq35v5Ba02ig3h2igbmwrAstSGBw3R7OzQjQkxWTljXUDoDbkEjcQL7/WSvLQiUOf9KJZkEhyeOVCQ6kv53LDdQTaQL1Kea2hBuLfOcWWiS7ndhH/Pa2qNG3qjOrBWr1CtdsgqMtqwwF9CEmDTeOmlO+4AISFYC99Y0V1yqFeavJ3ILwhC2asXzFwiM+sYDn2bdYQg9/V/8I/NZH1Heynr5Cdle4ohoCbpYjAFA7BouA7QnOmJUXd9CdPNAXq+JoJRN16lsxbQxShkbrMiyFh5DcCjgEuhPsDovkRMiNIKn9QM28GnzWtU3bzkBi4yuhSUXxXSwVcE1XAredD7GwmwnG/VLb/DDsT/VS4XYn8Uz1S7mnu0gmcdLh0t7jTdnepOMquqRuuDFSN9HpytvJMqWWQ4qVrj4Ml3mUT11CSgZj/cM/Q6PFc33Sz1Epk84LcZfGK+7l934ApCnjX4E+RRjO1/OE+mz4VLfyB/crmzct/Q7VVS0obS0cC+X8tsO4X3BV2s1lhiiFq5yKXzBriaQwc5rxqzLhDi1LwkT/EVO2t/BL7oDdeDj+bBtrR16Ah+PFRr9WeRtrqwK1icdgrXZn+LD5up00Nfe1rdM+NdS5Wa3wk/ymlk906jAqnWFAZm2KTVF6uy55u2FMnDA9WyD1pxmISKjWzJyjSaf0kZuKRkjIPbM0iWoympPOq40HOEw45erNPNlBU2nzJUpPigBdgHraUYeoSYvr4GIXKNmPvjaFE0A5xragcXwNOdVhvcwRTWAqOZHcULYj7wKlORGjPg7VXfS170nAKID3dgrJ1+Ft7+WBXH2wjuU4BFjaUl53gAwtf9Puut54bPEbYegGVWkjbTEZt6GbrSnfDmvlEgNjQOtENwqNVPTkwk8yNKUUzxlf9mFB13aevulLBYmMs2LSzjK/+dsWghq0fn11y5OwC0NjmxHEIW3X00S0QK2J8xgjV11OTzLJn52iwfUS7iZAsEFshZycgvH7vV3cpuLYrAbHpbeN85Ijvq5f1SxFr6DLPgKVX4BANDpuQ/ynrQWdW4CIKGIjpjU60JulbCpqeR4Xuz2B072woo+0xoLApVRxTenFSYtr3tqK6Ie6Unh17b5xS34FukCxVLy4x6jP7bcVFoXCzhYklbl4ZwFA5Ysp/OqqXPmUmLsABe9C8FlQETa0QqpWK+JmqM6EycLaVmsdugH6USLEgMSRJPA+USVkYH4HKbddpQ6PQ9x1nKcBSkOO/2FOgkxJI4h5oypSKrOp1n5MxuX1FmtsIaJQaOWH5RZ/JvYjl0DYQMxf9XwCWko9zKk31xTTYz1WyR9T7Fg1f2mQ9Hn2dbQ4HNh0i4His0JmX/ca2v9xhPAubObDkIMYuqU5xMVScfx37wVOWxseh8o0LoGCsBEHJm1f6lZnpUECxu9evqTcrprfvwtdUvxS6TcCIeYxyOKY9EonYTI9z+RD70CRmI+k8/mFsI+2DHWMBWS3jeVo9NqQ08ulm+Y9M4csy87y2+/t1t6gXiouTRnoUdjq8CW7GiJV6Y/11KL08+A86fBO56dPHHxK/LnpIgQ0Tb8ZgMVSIzipvddiqaQaFsFk/ySff8U5AFb65zAsx/aF/lN98jbeS2+WL+2H7Gt5guJKiw66n50KAnmlGEUSBxPE799qdKVOHQROyz0ELWE0nLJ/4kVA94cnET0SsY7nW6aF0Cl0KtpA/IiHjhlxg0pHFGEXBk6GI3bYeWXXjLvKQ9TKAaiMRG4hD/6to1zXaAd6WvtxDaki6ZnAM1Jz4Ur/lHGHxI3VGEweCBLFPa8oYw4v1o2+JEH8xG1rTGRuoUjO+xY2iUeWufKUkRPJMgNbPUVe0mDYCFt1tZ8v4ph9eDQLJ0gpHPPzZ9mHTR3d3Pfzrkwnwf2vaOXhJeV/2PT/zkeBaYRvJqpm9MykuFb6cGB4iVlkU+9hmwKY5d8iYtWnt8Dt2b6tmhV01Xi90LyrDZXT2Spf4IBkMpaY46JZyPHt/lNyD3eOSCZtlZ/jzUa9Ouitd1mG9pnroQKmogNMPLHgp132II0pDWBC7lC478l/Yy1lMEwDU0kkRT77T9XfVLhj1Vp+AaQ4LIuTeXr6cXrRek5DUUrDFLUlbsOMe5LzdJH59rJNR/Y+ODprK48t1T8sNVYZS4dzHkLldLbNYbi4hUawnAbW7Mecx7CLuVtp7zhQ6i1aNoMLhEhnGGhKxNVTIUAc23zxaSNo4cNWFWeQi2zH3SSPHLt0KwgQG4MZqS9++gBKRq3uVj1YeCSXnrRw44nM+PEmfpbEcpx6qIq2b7H0ncZtXzq0GGWKQz4J90/itUaZBJX64kUfoNVblvscD28b/w0qjUo7Hf06m0fvTaRNiC7arMLCJsNvtwR3B7VOuflEbF5p2ACZ8N0L8g3qOWXUaVCcQ6KndvWrznZ2KwRtrWd5jY8LonSCJT1/uzmNN0CFDt8R/3Y2uUF9ytC6Botb/G6u7D9JT1GK6MXcrHdsH3bZaOIa+sLmfKCPGjh+H1xpOVXE5FBCDa0U+5XA+POuLLdcN2VByurmeIy8H5cMXZnRCVyFqHeA40drsIHRGJyN+imYIw/GD1xg1xJ20DJYD9/V3EVGrZDFGMtUaCj6lBO2P9FxFQW4HZ5eqB75HTQGx4HjIGcLx9p710Ngnkf/sT81mbkMgJcoY8/mzAnh5zO7lLOeQL85hsRQCQbBF4qZ8QlL/XnQ/H9Wf0Yp+WY6WrqYPPsoccG61OVx2+XEuiv2UbA4gTHrzXAVfpWuAA+NwWVHSpo+GDH1Mc/xOhR6hUT3H/SXk8h48c1cUhYdc8dhP+Ymj1BtrnRzW6NTa7qYe2WoX2D2vS806wqVLq23B/10Fxbei6yUSHJM4VCqh/r8ZExh0R8loJVPOAzBtnkRtdY1uviU=\"

    ,\"enc\":1,\"length\":4323,\"ver\":1}");

解密之后的算法:

data(base64==>des)解密后:

{"all_atamper":true,"core_atamper":true,"hook_java_switch":true,"hook_switch":false,"risk_apps":[{"xposed":{"pn":"","uri":""}},{"controllers":{"pn":"","uri":""}},{"apk008v":{"pn":".apk008v","uri":""}},{"apk008Tool":{"pn":".apk008Tool","uri":""}},{"ig":{"pn":"","uri":""}},{"anjian":{"pn":"","uri":""}},{"rktech":{"pn":"","uri":""}},{"magisk":{"pn":"","uri":""}},{"kinguser":{"pn":"","uri":""}},{"substrate":{"pn":"","uri":""}},{"touchsprite":{"pn":"","uri":""}},{"scriptdroid":{"pn":"","uri":""}},{"toolhero":{"pn":"","uri":""}},{"huluxia":{"pn":"","uri":""}},{"apkeditor":{"pn":"","uri":""}},{"xposeddev":{"pn":"","uri":""}},{"anywhere":{"pn":"","uri":""}},{"burgerzwsm":{"pn":"","uri":""}},{"vdloc":{"pn":"","uri":""}},{"vdtxl":{"pn":"","uri":""}},{"vdwzs":{"pn":"","uri":""}},{"vdkit":{"pn":"","uri":""}},{"vdwxg":{"pn":"","uri":""}},{"vdgps":{"pn":"","uri":""}},{"a1024mloc":{"pn":"top.","uri":""}},{"drhgz":{"pn":".noroot2","uri":""}},{"yggb":{"pn":"","uri":""}},{"xsrv":{"pn":"","uri":""}},{"fakeloc":{"pn":"","uri":""}},{"ultra":{"pn":"","uri":""}},{"locationcheater":{"pn":"com.","uri":""}},{"dwzs":{"pn":"","uri":""}},{"mockloc":{"pn":"top.","uri":""}},{"anywhereclone":{"pn":"","uri":""}},{"fakelocc":{"pn":"","uri":""}},{"mockwxlocation":{"pn":"","uri":""}},{"anylocation":{"pn":"","uri":""}},{"totalcontrol":{"pn":"com.sigma_rt.totalcontrol","uri":""}},{"ipjl2":{"pn":".ipjl2","uri":""}}],"risk_dirs":[{"008Mode":{"dir":".system/008Mode","type":"sdcard"}},{"008OK":{"dir":".system/008OK","type":"sdcard"}},{"008system":{"dir":".system/008system","type":"sdcard"}},{"iGrimace":{"dir":"iGrimace","type":"sdcard"}},{"touchelper":{"dir":"/data/data/","type":"absolute"}},{"elfscript":{"dir":"/mnt/sdcard/touchelf/scripts/","type":"absolute"}},{"spritelua":{"dir":"/mnt/sdcard/TouchSprite/lua","type":"absolute"}},{"spritelog":{"dir":"/mnt/sdcard/TouchSprite/log","type":"absolute"}},{"assistant":{"dir":"/data/data/","type":"absolute"}},{"assistantscript":{"dir":"/mnt/sdcard//script","type":"absolute"}},{"mobileanjian":{"dir":"/data/data/","type":"absolute"}}],"risk_file_switch":true,"risk_files":"UUNTKuZ2FkqjAACv32cnhokTpMQKyKsPcAdizg0dWcnjz2VsaZWaXVutOsepqx0tF4UzvwTYMEs/MidvfKDHFeEXd9cFXU9Nn6LfHRWAd/vTQHaR0Wpl6+zPW6GoF+3F/sEt+ISOU9r+AjFqqK6OtJDgJJdaT3yWrE945sev3b/zuYKXhv0LTQnLuRnUDvR4+DSfgYsRElEMVXFyaFU9I7Od20pxyB1p2qN+U6bD0LNEFiU4ZzqvDrCj48XoErqUOkYIz5ZsOf95ak9PQpaEoVFNJBd841tkQlREvc84u4Ck0i74Sq8kVXnhOQAYNQgmtBLFNImXb5e/LLg+/F94z2tixp/m265In2CS9966dgiNkSSYB7DzY4x56oqYbDVr3VRJD/r4eyNzxxU/XuYk5+l27n1UJoD8lZVJ1WFkAIye0zDk/BDwx0wagiTQh492MWnps/kmSXQAKXzJKJqF8xIT5acT9amMnIQVcChxtj6roeZlFFLH74+3rjbK5+2t39xvh1IeoUhdNhaEHTkDfZHeU62pMANSRLVmwb9rUQPQ6Rs2ShYnTc+DiKNwu/8hNCBpWulhv82Bqb45oMXbpu+fcISm/SNbBi3s+8BSEqK/iNKTCd+T+dCYwnNjMYc8IM+hmSnZLnZ4ZOhdnF7kPd+iobTpieOflMiO6/wcp8CHYsTWkKrCBRfxNsP+K196jAZ8c4MzmV04G5wH5fHZ9zTBVVpq3StLtqwYXeDFEMcv4id8TXgjrvi9XRHEG/0lHtkAkxp8yoM53GnfeUK8yx2oyzhIZ5NHBwgSw1t0NGcHFkawcRPp0Wu2GG9W0aGaFAG48+Ue7lR40shdnOgSxfwJ79o6Wtqwij2LzQPx2ETYn5Xb0sTzURn0IBxh1G9xs+QfpGdIJHQ1WZUmOe3hH17DUn9jFsxm0x5YS2K8rjO4O+xgW0CdALd6uQk7s9vSQr5fVlo24XKcBUM68Z97M8O9KKNDtiJFU/1/7EoA74LEEyVPjdRFCPx5el/qlQhEEZJJ65trohfor3mPrTkO0vYyhVyEUfu8d4sMFFThVZnov

data解密之后的MD5值:

md5==988751ca8e09f518984ff7b0bc98753a

7,代码中使用如下针对加密字符串进行解密如下:

/* renamed from: a  reason: collision with root package name */

   public static final String f34129a = .O000O0000OOoO.("9c9092d18c978a929a96");

   /* renamed from: b  reason: collision with root package name */

   public static final String f34130b = .O000O0000OOoO.("9b9a89969c9a969b");

   9b9a89969c9a969b===解密之后====>deviceid

   9c9092d18c978a929a96===解密之后====>

    存储到sharepre文件;名称

       /* renamed from: a  reason: collision with root package name */

       private static final String f34139a = .O000O0000OOoO.("a08c978a929a96");

       /* renamed from: b  reason: collision with root package name */

       private static final String f34140b = .O000O0000OOoO.("a09e919b8d90969b");

  val str2 = "a08c978a929a96"//==>_shumei

  val str3 = "a09e919b8d90969b"//===>_android

    public String a(String str, boolean z) {

       try {

           JSONObject jSONObject = new JSONObject(str).getJSONObject(.O000O0000OOoO.("9b9a8b9e9693"));

           String optString = (.O000O0000OOoO.("8c"));

           if (!(optString)) {

               return b(.O000O0000OOoO.(.O000O0000OOoO.("859e8ece929490cf"), .O000O0000OOoO.(optString)), z);

           }

           if (z) {

               a(jSONObject);

           }

           return (.O000O0000OOoO.("9b9a89969c9ab69b"));

       catch (Exception unused) {

           return "";

       }

   }

   var str5 = "9b9a8b9e9693"//--->detail

   val str6 = "859e8ece929490cf"//--->zaq1mko0

   val str7 = "9b9a89969c9ab69b"//--->deviceid

   /* renamed from: a  reason: collision with root package name */

   private static final String f34136a = .O000O0000OOoO.("d18b978a929d9c9e9c979aa0969b87a0");

   /* renamed from: b  reason: collision with root package name */

   private static final String[] f34137b = {"".O000O0000OOoO.("bbbcb6b2"), .O000O0000OOoO.("af969c8b8a8d9a8c"), .O000O0000OOoO.("bb90889193909e9b"), .O000O0000OOoO.("bb909c8a929a918b8c")};

   val str8 = "bb909c8a929a918b8c"//Documents

   val str9 = "bb90889193909e9b"//Download

   val str10 = "af969c8b8a8d9a8c"//Pictures

   val str11 = "bbbcb6b2"//DCIM

   val str12 = "d18b978a929d9c9e9c979aa0969b87a0"//.thumbcache_idx_

解密函数:

public static byte[] f(String str) {

    byte[] bytes = ();

    int length = ;

    byte[] bArr = new byte[(length / 2)];

    for (int i = 0; i < length; i += 2) {

        bArr[i / 2] = (byte(new String(bytes, i, 2), 16);

    }

    return bArr;

}

public static byte[] a(byte[] bArr) {

    byte[] bArr2 = new byte[];

    for (int i = 0; i < ; i++) {

        bArr2[i] = (byte) (~bArr[i]);

    }

    return bArr2;

}

9,分析id返回接口参数

sessionId(8c9a8c8c969091b69b):
String valueOf2 = (()); 
(.O000O0000OOoO.("8c9a8c8c969091b69b"), valueOf2);

fpEncode(998fba919c909b9a):
(.O000O0000OOoO.("998fba919c909b9a"), 11);

encrypt(9a919c8d868f8b):
(.O000O0000OOoO.("9a919c8d868f8b"), 1);

organization(908d989e9196859e8b969091):hardcode
("sdj8X1y4Unvsx2DYN3BU");

channel(9c979e91919a93):hardcode

pri(8f8d96):随机数通过rsa->base64加密的结果base64(ras(random))

RSA的key:
ras_key: = "MIIDOzCCAiOgAwIBAgIBMDANBgkqhkiG9w0BAQUFADA4MQswCQYDVQQGEwJDTjENMAsGA1UECwwEQ05DQjEaMBgGA1UEAwwRZS5iYW5rLmVjaXRpYy5jb20wHhcNMTgwMjExMDg0NTIyWhcNMzgwMjA2MDg0NTIyWjA4MQswCQYDVQQGEwJDTjENMAsGA1UECwwEQ05DQjEaMBgGA1UEAwwRZS5iYW5rLmVjaXRpYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkF+2AicVKj7SaHw3dbJt3i6fkL1WfLw1WRqe8r8Cc7qJOshaqNvCzW1qRX6E5H/umtl1Uj99V07uewUFk96xY/+s/GuBnbGoSrcu3OAHDgEGuY5atZo+umIk7LufAif2VUcNGY3nWxGcig20ExO/6nAf/G3Xxo4QL8fBdPG/prOXxSvtJiPls1Qg9zzSgAH+HMCAINMsuJmzDQiTt6Me8k7YHts+jWQF7KF25plITcW1Qmy3Aw8qYjVhbHn8KTAEeuQhmM5RS6KP1Hu71q4DYOWcx44QThSbiAYwG1JQBBwM8XnBfVYMpr6Qi0owibNYoZ/S6xwfRFGB0W1HeG9WfAgMBAAGjUDBOMB0GA1UdDgQWBBT0iLEXY9HIKNy5DG4d72l+R7Nf1zAfBgNVHSMEGDAWgBT0iLEXY9HIKNy5DG4d72l+R7Nf1zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQB5MWz1RGFG537rJCtHp+LqxR9iJSFsHiW3ZoLIAeyD0oJ69RcL2gE/TNWmE9zYUkd9TdNtXqxlNPpj1P1/+x781neWnGou/n/XFS82T5S339X3DIjHc/IqOzwnxEOKH2V0NmK9iKgx6H05Q9MMvUXFsL3QK2hDMAVY28roRiC4S1yfJJaA08DfvXZf6cVx1xfWl+ks57+3knkoWap1rjwh1RdGk5ChPbzD0AnAcWTMWRCbjuJnttlmWZnI1I6mhcQUKUEMoj8sR8m11YJ5woscYPsIle/rJOOosuMghczD1vRcg3eLUaWn1A5rsBa82RyxhiuYocEQVX59Hy6v3npT";

str4 = ((SmAntiFraud.(), ()), 2);

str2 = .O000O0000OOoO.(16);

public static String a(int p0){

   char[] uocharArray = new char[p0];

   Random random = new Random();

   for (int i = 0; i < p0; i = i + 1) {

      uocharArray[i] = (char)((26) + 97);

   }

   return new String(uocharArray);

}

tn(8b91):

base64(RSA(md5((currenttime/sessionId+map+randomtime+orgination+sm_tn(8c92a08b91))))

String valueOf = (());

(.O000O0000OOoO.("8b91"), ((SmAntiFraud.(), .O000O0000OOoO.(valueOf + str + str2 + SmAntiFraud.() + .O000O0000OOoO.("8c92a08b91")).getBytes()), 2));

调用栈:

public static String f(String p0){

     if ((p0)) {

        return "";

     }

     try{

        return (("utf-8"));

     }catch( e0){

        return "";

     }

  }

public static String b(byte[] p0){

     int i1;

     if (p0 == null || !) {

        return "";

     }

     try{

        p0 = ("MD5").digest(p0);

        StringBuilder str = new StringBuilder(( * 2));

        int len = ;

        for (int i = 0; i < len; i = i + 1) {

           if ((i1 = p0[i] & 0x00ff) < 16) {

              ("0");

           }

           ((i1));

        }

        return ();

     }catch( e5){

        (p0);

        throw new IOException("fail to md5 data");

     }

  }


抓取函数如下:

("1652352789853{"a30":"\"z3qcc204e2e3699cde4\"","a31":"192.168.0.105","a32":2,"a33":"ARMv8 processor rev 1 (aarch64)","a34":2803200,"a35":"","a36":"720,1280,240","a37":102,"a38":"8.7.3","a39":"","a40":1652352338971,"a41":"比心","a42":"","a43":"samsung","a44":"wifi","a45":"46007","a46":{"cpu_abi":"arm64-v8a","serial":"unknown","fingerprint":"samsung\/z3qksx\/z3q:9\/NRD90M\/900220327:user\/release-keys","model":"SM-G988N","cpu_abi2":"x86_64","brand":"samsung","board":"universal8895","serial_P":"e2e3699cde4cc204","manufacturer":"samsung"},"a47":["1,STMicroelectronics","10,QTI","2,AKM","3,STMicroelectronics","9,QTI","4,STMicroelectronics","8,AMS TAOS","5,AMS TAOS","15,AOSP","20,AOSP","11,AOSP","3,AOSP"],"a48":2090045440,"a49":"89860081011884016418","a50":{},"a51":[],"a52":{},"a53":{},"a54":"0000000","a55":"988751ca8e09f518984ff7b0bc98753a","a1":"all","a82":"Dc0oaMojWFBtHoohUnuP2l6kmd84Px+IwjWqwgwQ5avi3GZV+SlPH5CfFY4Kapyg","a83":"1001100","a84":"","a85":[],"a86":"1101100","a88":"locateServiceName:|phoneServiceName:","a97":"","a98":"","a108":"2022051218523085a81e8079d8b745cd063ca4c4789aee00b6ebac68173946","a109":"","a110":"","a111":"","a56":"CN=gaigai, OU=ypp, O=ypp, L=Shanghai, ST=Shanghai, C=86","a57":-2023242913,"a58":"0","a59":"1","a60":"u0_a49","a61":[""],"a62":"\/data\/user\/0\/\/files","a63":["InputMethodInfo{\/.InputService, settings: }"],"a64":{"suc":"1","enable":"0","service":[]},"a65":144,"a66":{},"a67":{},"a68":[],"a69":124898783232,"a70":124915560448,"a71":125856731136,"a72":{"temp":272,"vol":3905,"level":98,"scale":100,"status":4},"a73":0,"a74":0,"a75":0,"a76":"192.168.0.104:8888","a77":{},"a78":[],"a79":"","a80":"1652352750316-86599","a81":"4","a2":"2022051218523085a81e8079d8b745cd063ca4c4789aee00b6ebac68173946","a3":"none","a4":"1","a5":"bx-gw","a6":"android","a7":"2.9.8","a8":"","a9":1652352781116,"a10":"9","a11":"","a12":5336,"a13":"SM-G988N","a14":"","a15":"false","a16":"lIsxHspPuckfGL8sB\/ViIXIdZHHga8W1px2zP1WE5F1GNHEHpfBB2mz25yiVoP7q4JRbM2USuk6\/URq\/Dz64zgHcsXp0cqvO\/gt7JS+m83I0sVqXeEO70Pzh2tK8\/SLv2TncAtd4LH6McbrK8XzAZAdgKSVi1Ba3PFrmU0YKTbFGylHfKHQaNEvDbD+HTQ2Ui27jmxMy9OQ2Fjul8r+nbG7\/2j0CdgN\/w1dQDv1vhAFtlMIfWRdPjedqkhAu5kDoH+57489\/Oj8T7sgfInokbgEmzsqTVrcMuzd0B9LPIYMz+m\/jy00YnMjCNj42PBvMt6QcxIZyW4gmI9HHmrm5nNODEF+vBHCI7dmoUPaLW26I\/U0RBmzlhVZ+HGwzcy0uYEC\/Z2wS2YWYrCtk7mWB88I4hQaVKp3A\/lqKmRilNRuo0KxW2R8GndE1f6I+Qr1WaOQG51D6QIzgcF0Hal4nXhDm7wkYWxtpnRK5Emrn5nOhpqUjmhZiW+LTVIAmVIjuxdqh\/D7\/JRk2rF+o4UveDIbfUZa0tbhb6UGjXByVmrMPEhORtSKcLU0CNsgs8LqiCxAvN5YE8VdT5TwQ8OYRoqbF4Kztvev4w\/rpSKuz\/oWRXWhfcgHiuMGC4xu1qrnxMzo2YgV1PYqpvioSeSJUJwnyvoDfa5ik2dtj9iivkDQlv9+9ctBje07vvPgExGklc4pOUl4+VVI4\/S4lOUaZhLqzRe05RnLHn50v2KtMeAvgHVWPAMiJ1\/B0Mtr3nDfEHIELhDPxCFqjIzrkBImANw\/tjEfB2plW5ZDn5X0WFe2n\/T8ghxWuDxqHUFb9x+RcqaAN2AsTmSMoSs3YbnPhxSPKYaUiCqivQD8Pv+4pXyWV8TR3pYev03Tz\/OGrzNAN3+DbMlcdRJ1QAc8Y2bNcOAX0xZ40YfOFgDtU5ky9EPy9IUxklomT2Tjzhjrmk3FHa+amg11ceBx\/BRdrrIHHcbWRB03\/CICQh7WlsDD6nzmd2tpj+227k6Dy9PqUTBcaVnoCbH89yj4VyG\/9vTvK4DE4sFiMo3HxIndb9uwDxDsi3HxcyugFsEXs+w3xzJAIufMaEosclxQ7db40ewfCqqkxpr+jKswlsm8wA6NvfdTLOii2BdjMM7loNqmeo9OSFEKw22Vg6wCi6qoPL3SLbLQKd8uPxprSPnqcPoyFozjz1LH4tPeSMUzbDSHzbr6mhBD76cUisVBr+KUpty9FJa7YSSozVNi6CS2LX7CX22CDX9skHrAZ+RzENyw5KhmN2MT1H1J9+VBva1+gX1qv+A6xSWZS3AzOkYn6Fdax7MYZA\/YNVNyJ\/qmS7a2u9tmY3LWnobbFrUkA9fQB1btLSfYyZKUokdL4FkMS8EfeNB2w33MlzIfKgNjpMhhnS5Dv9OTzBv3\/rFQINmj56uHYMb3AUY2zPfm5wX7ofYnIq\/yISeBhGGrGmKJqEqv\/s2dudu7Hr1NtVVvlgI4o4i+YYgBnDfh7UP3jdOrbJoEXq6dJ5dwpzChFNDK2DvkuGuoWJm1hPpiWLrgEA0o+SrRGyqtZOh23uZPWx38BNSJ5xMmFSSbpg7VgDuEC0gitX\/MYBmkcb24y4L4wzHRAfxzCttNImBOrQSEyou7tddSHvB3aeJ6fofLgpHhqM8qiYhWTgtPH\/eCLO6DdhOkyp01a+Do4ZfMsVKXHxp+oUdfLutaJlBxi3lb25W1oUtYt52\/f8XV8iXrWu9n5iiRl1X92VdMfYOWMjLxpiwFXmVVmoFW1eEdhRJb6MDepjauXVbaynfWryzzJZgWlfF2O3ANYCcgfI2epQT+5RIU3yTq6uE6iJmMn7VkGKrjmzr44UXjEanVRkN9dLxkH02tmqtdMR\/Ch\/5M14y+rP00\/FXX0HHz6U5sBxbq48JhXdMmx9fvUssPaVXuL1V+nmAdxEzfp4lNoAecJumGEtFrRIy61SaHCPvmu+RkT5lVZqUSm5pSa4umrB2jpA\/U\/\/Qq\/lhtbDwYuxd3lZ6TLRe34bDClSH1cdppReIwwjPsyNx1dalGTPjkCjX2JsUbBNGQG2YSfQgigA3NhwgLwdDjJX7ueV2O7\/oykiWcfYPGB9v8sDLvcrPl\/cP+TgXumGZhDpkBS6EQrcWDkQUJMfI26KTq6K\/XuG6V8fmwn40CfzYKaiU070NMd8kUIq74CDUFG\/kqOvJBx7pNivyXz9bdRA7yqnYN55jkqFtgA\/rtDVokc5ibvwclV8wASZRadt8dqH4HPgkww+G3ZNaGbdpvoATVJyioIe4M9Wpl4Q1SPFJRpFk+uJFoN4A\/PMiVU+xf2e+HXxHQu7+iXp6ImS5uOJyPcy8x276UIZc1I5IldkCOKcUt4tTOY8p\/\/\/wu9SuQ0DMbFKiYr\/9xvohpIQROmqWMLFeHpA2vGXeMCmpE7D0V+LjITS1apZ8zdtjr8KhLugruEwmcUeJZQURogLg08WKtvp6xvspjHylrA4G7zYBsxTLEKUJDhOCsACxcdWrhq3rpJ2RjwjFfbpc4q9\/AGf5IeWPYhsc3i++nyO\/z3jJUlp6x+xEZvsSmyvjTm3mxA+BcB7rrf8JOSp8CKN7PZAJQfccbNPPAcmq\/LjIP9Zx0s15q18psCBajJ3NNY6gDOcud1HcnP9Fh3B5OFKwWIHsYauh8=","a17":["wlan0,192.168.0.105,080027ed845a,fe80::a00:27ff:feed:845a%wlan0"],"a18":{"":"e2e3699cde4cc204","":"Unknown","":"mtp","":"0"},"a19":"08:3E:8E:50:A4:BD","a20":"351564903616415","a24":"cc204e2e3699cde4","a25":"460071884016418","a26":"08:3E:8E:50:A4:BD","a27":["1652073024883,,ShuMeiSDKDemo,1,1,1.0,1652344819292","1651818809002,,比心,1,36584,8.7.3,1651818809002","1648325651000,,Android System WebView,0,451513106,92.0.4515.131,1648325651000","1648325646000,,,0,27,8.1.0-4396705,1648325646000","1648325646000,,边角显示屏凹口,0,1,1.0,1648325646000","1648325646000,,双显示屏凹口,0,1,1.0,1648325646000","1648325646000,,移动网络配置,0,28,9,1648325646000","1648325646000,,日历存储,0,28,9,1648325646000","1648325646000,,媒体存储设备,0,900,9,1648325646000","1648325646000,,,0,28,9,1648325646000","1648325646000,,文件,0,28,9,1648325646000","1648325646000,,外部存储设备,0,28,9,1648325646000"],"a28":{},"a29":"","a21":"895d0e47251d86b41461f3941f25f0c2"}mrykzpzkeglloonhsdj8X1y4Unvsx2DYN3BUsm_tn")


fingerprint(999691989a8d8f8d96918b):

(.O000O0000OOoO.("999691989a8d8f8d96918b"), str3);

str3 = str6;

str2 = .O000O0000OOoO.(16);

public static String a(int i) {

    char[] cArr = new char[i];

    Random random = new Random();

    for (int i2 = 0; i2 < i; i2++) {

        cArr[i2] = (char) ((26) + 97);

    }

    return new String(cArr);

}

str6 = (str2, str);

  public static String a(String str, String str2) {

        try {

            return new SMSDK().x2(str, str2);

        catch (Throwable th) {

            throw new IOException(th);

        }

    }


抓数据:
SMSDK.x2("onkctqqqqjdepbsk", "{"a30":"\"z3qcc204e2e3699cde4\"","a31":"192.168.0.100","a32":2,"a33":"ARMv8 processor rev 1 (aarch64)","a34":2803200,"a35":"","a36":"720,1280,240","a37":102,"a38":"8.7.3","a39":"","a40":1652864593330,"a41":"比心","a42":"","a43":"samsung","a44":"wifi","a45":"46007","a46":{"cpu_abi":"arm64-v8a","serial":"unknown","fingerprint":"samsung\/z3qksx\/z3q:9\/NRD90M\/900220327:user\/release-keys","model":"SM-G988N","cpu_abi2":"x86_64","brand":"samsung","board":"universal8895","serial_P":"e2e3699cde4cc204","manufacturer":"samsung"},"a47":["1,STMicroelectronics","10,QTI","2,AKM","3,STMicroelectronics","9,QTI","4,STMicroelectronics","8,AMS TAOS","5,AMS TAOS","15,AOSP","20,AOSP","11,AOSP","3,AOSP"],"a48":2090045440,"a49":"89860081011884016418","a50":{},"a51":[],"a52":{},"a53":{},"a54":"0000000","a55":"988751ca8e09f518984ff7b0bc98753a","a1":"all","a82":"UizHoquhLLZTxIUCStxX\/LR1U7Vtev+\/PGQL6Z8WZ93OYm5CmcJ\/UkPLH5vZ3BlO","a83":"1001100","a84":"","a85":[],"a86":"1101100","a88":"locateServiceName:|phoneServiceName:","a97":"","a98":"","a108":"20220518181636b5f2a310d85c2765de79627c918c38cf0087ef8245c0caef","a109":"","a110":"","a111":"","a56":"CN=gaigai, OU=ypp, O=ypp, L=Shanghai, ST=Shanghai, C=86","a57":-2023242913,"a58":"0","a59":"1","a60":"u0_a49","a61":[""],"a62":"\/data\/user\/0\/\/files","a63":["InputMethodInfo{\/.InputService, settings: }"],"a64":{"suc":"1","enable":"0","service":[]},"a65":261,"a66":{},"a67":{},"a68":[],"a69":124749959168,"a70":124766736384,"a71":125856731136,"a72":{"temp":315,"vol":3491,"level":95,"scale":100,"status":4},"a73":0,"a74":0,"a75":0,"a76":"192.168.0.104:8888","a77":{},"a78":[],"a79":"","a80":"1652868996831-45539","a81":"4","a2":"20220518181636b5f2a310d85c2765de79627c918c38cf0087ef8245c0caef","a3":"none","a4":"1","a5":"bx-gw","a6":"android","a7":"2.9.8","a8":"","a9":1652869027887,"a10":"9","a11":"","a12":8515,"a13":"SM-G988N","a14":"","a15":"false","a16":"lIsxHspPuckfGL8sB\/ViIXIdZHHga8W1px2zP1WE5F1GNHEHpfBB2mz25yiVoP7q4JRbM2USuk6\/URq\/Dz64zgHcsXp0cqvO\/gt7JS+m83I0sVqXeEO70Pzh2tK8\/SLv2TncAtd4LH6McbrK8XzAZAdgKSVi1Ba3PFrmU0YKTbFGylHfKHQaNEvDbD+HTQ2Ui27jmxMy9OQ2Fjul8r+nbG7\/2j0CdgN\/w1dQDv1vhAFtlMIfWRdPjedqkhAu5kDoH+57489\/Oj8T7sgfInokbgEmzsqTVrcMuzd0B9LPIYMz+m\/jy00YnMjCNj42PBvMt6QcxIZyW4gmI9HHmrm5nNODEF+vBHCI7dmoUPaLW26I\/U0RBmzlhVZ+HGwzcy0uYEC\/Z2wS2YWYrCtk7mWB88I4hQaVKp3A\/lqKmRilNRuo0KxW2R8GndE1f6I+Qr1WaOQG51D6QIzgcF0Hal4nXhDm7wkYWxtpnRK5Emrn5nOhpqUjmhZiW+LTVIAmVIjuxdqh\/D7\/JRk2rF+o4UveDIbfUZa0tbhb6UGjXByVmrMPEhORtSKcLU0CNsgs8LqiCxAvN5YE8VdT5TwQ8OYRoqbF4Kztvev4w\/rpSKuz\/oWRXWhfcgHiuMGC4xu1qrnxMzo2YgV1PYqpvioSeSJUJwnyvoDfa5ik2dtj9iivkDQlv9+9ctBje07vvPgExGklc4pOUl4+VVI4\/S4lOUaZhLqzRe05RnLHn50v2KtMeAvgHVWPAMiJ1\/B0Mtr3nDfEHIELhDPxCFqjIzrkBImANw\/tjEfB2plW5ZDn5X0WFe2n\/T8ghxWuDxqHUFb9x+RcqaAN2AsTmSMoSs3YbnPhxSPKYaUiCqivQD8Pv+4pXyWV8TR3pYev03Tz\/OGrzNAN3+DbMlcdRJ1QAc8Y2bNcOAX0xZ40YfOFgDtU5ky9EPy9IUxklomT2Tjzhjrmk3FHa+amg11ceBx\/BRdrrIHHcbWRB03\/CICQh7WlsDD6nzmd2tpj+227k6Dy9PqUTBcaVnoCbH89yj4VyG\/9vTvK4DE4sFiMo3HxIndb9uwDxDsi3HxcyugFsEXs+w3xzJAIufMaEosclxQ7db40ewfCqqkxpr+jKswlsm8wA6NvfdTLOii2BdjMM7loNqmeo9OSFEKw22Vg6wCi6qoPL3SLbLQKd8uPxprSPnqcPoyFozjz1LH4tPeSMUzbDSHzbr6mhBD76cUisVBr+KUpty9FJa7YSSozVNi6CS2LX7CX22CDX9skHrAZ+RzENyw5KhmN2MT1H1J9+VBva1+gX1qv+DpA85ZsSrqMlKZGlojz2\/+kkHI\/qqz+J2pZPMGoOyzXZ3amvYv+ShX4ikqO0jbRPo+MgpGZHw0msZhdSWROOL5\/efKlmpsC2jA+UWPTooEktLULggcKbBHe5D1UD7KyUQicPciXaNWouTAdb1Yj6wBtOIk5Hl7WNt40\/RksXASXcXBxw\/BYIzM7f3W\/nkZuKDZM0HepDvFtiqnW\/EJ1dDVS\/jcSC4RiNNlAKmtn8BUGb7XrbE5D3uJzAUA5\/NYTFVKXco864NfxXt+rAyncUQbEl0UoWbu1cMf+K2k0KOakm0HDVbeltK+ghq1uxZANk3SBWxGr9SCWpuTYLMME\/w3uMxuxnfZlMuLzUZJLL5cp5lBagTzo+SPexFAOSKGNWOFIROJmlCqbwaKOdlR74F6LQ8jgfiMmm7WKQsdkX47gBGlxKun4LsE08AcJ1iyP+lhipZSR27ao\/amLa7OOSCKOFsPnQFGtGR0xDZ0tgRMUxiWB1aIukMABDbZ+YUw9zECg16WE78AG+Ww8+nwUpeVahGHSbfNaxm0TedtYIJfMq6K4EjWmUrGi5UgfNOJqCLs2wxe0xd8jUkzabBKBwwvSNv1ba\/kbPRG4mLcPLcqDoaDc5olQSyA2WoXsWj2j+ZwzbsaoA09Xty6l8jdvbldXSvp7YCRuTreFkweoWpLNhiGsmXUiOWTJTJBZ1ZXR0Wm7PyuLXH3q0sZ8TdtcPytlnGK0Hhlkm5+Px\/PcuxvoT51Y+KQjZu\/LLv+uRxbaqjpk\/\/eXSkHwDg4wEw+HvDtEDxbxe5ZR1\/CYd\/OS4UwMuMeFtEYGWH3KqEUEQsi\/dP8dOIrEwFHCG7i306APPfk7ULQrvcVLy+J88R4G3baFEsJ58Skza4lLrNF946QAoDmugGUxcsJfPpQ8oRw67ptlgKZ++acijU29Uv8OA5LPuNjK1CfBgrKWUxZt1G3E+32ZSTWLVxf34oZ1jfWNN3JeYKP7TRIalIkCRC2lsO6L6z1Iv\/phO8iHs\/CNyEbfCBvBbLjpSoY38ARyU8OaAi5LOo2g0jda734IuKLUhrkUtpDFoDzZi6d\/0UVDZBzR2P\/lIQc8m\/6h55nSxUpJmSkYOxcrtYhmqaIWAaZC\/JA0kXiQcaakt2I+tg7DjnJpvr4Xeoxq0YAQXm7x7Uol6SRXcLulSxaRPf4IUxZNFXAsbIzk2i+TsGpvWXZdogH81LV63VsnG713MD8Q67oxzXp7j5REtEZqbtnDROi8aOg3mBUT+raTK7FPD00YwKssBd7u0HneJKnw2mVAajKVSJfA7VzbcX0c7H5Cibo90Hey0f7j6Z1MyMvZsFk6yBMOZqBYRIk3xEkWhYkImFNOC3Q=","a17":["wlan0,192.168.0.100,080027ed845a,fe80::a00:27ff:feed:845a%wlan0"],"a18":{"":"e2e3699cde4cc204","":"Unknown","":"mtp","":"0"},"a19":"08:3E:8E:50:A4:BD","a20":"351564903616415","a24":"cc204e2e3699cde4","a25":"460071884016418","a26":"08:3E:8E:50:A4:BD","a27":["1652073024883,,ShuMeiSDKDemo,1,1,1.0,1652344819292","1651818809002,, 比心,1,36584,8.7.3,1651818809002","1648325651000,,Android System WebView,0,451513106,92.0.4515.131,1648325651000","1648325646000,,,0,27,8.1.0-4396705,1648325646000","1648325646000,,边角显示屏凹口,0,1,1.0,1648325646000","1648325646000,,双显示屏凹口,0,1,1.0,1648325646000","1648325646000,,移动网络配置,0,28,9,1648325646000","1648325646000,,日 历存储,0,28,9,1648325646000","1648325646000,,媒体存储设备,0,900,9,1648325646000","1648325646000,,,0,28,9,1648325646000","1648325646000,,文件,0,28,9,1648325646000","1648325646000,,外部存储设备,0,28,9,1648325646000"],"a28":{},"a29":"","a21":"191a37c1d96ce59f68aff5677bf1e0fb"}")
通过参数分析:

a16因子:

(new JSONObject(a2));

 String a2 = (z, str, z2, str2);

     public static String a(boolean z, String str, boolean z2, String str2) {

       try {

           return new SMSDK().y2(z, str, z2, str2);

       catch (Throwable th) {

           throw new IOException(th);

       }

   }

    private native String y2(boolean z, String str, boolean z2, String str2);


抓数据如下:
SMSDK.y2(true, "{"all_atamper":true,"core_atamper":true,"hook_java_switch":true,"hook_switch":false,"risk_apps":[{"xposed":{"pn":".installer","uri":""}},{"controllers":{"pn":"","uri":""}},{"apk008v":{"pn":".apk008v","uri":""}},{"apk008Tool":{"pn":".apk008Tool","uri":""}},{"ig":{"pn":"","uri":""}},{"anjian":{"pn":"","uri":""}},{"rktech":{"pn":"","uri":""}},{"magisk":{"pn":"","uri":""}},{"kinguser":{"pn":"","uri":""}},{"substrate":{"pn":"","uri":""}},{"touchsprite":{"pn":"","uri":""}},{"scriptdroid":{"pn":"","uri":""}},{"toolhero":{"pn":"","uri":""}},{"huluxia":{"pn":"","uri":""}},{"apkeditor":{"pn":"","uri":""}},{"xposeddev":{"pn":"","uri":""}},{"anywhere":{"pn":"","uri":""}},{"burgerzwsm":{"pn":"","uri":""}},{"vdloc":{"pn":"","uri":""}},{"vdtxl":{"pn":"","uri":""}},{"vdwzs":{"pn":"","uri":""}},{"vdkit":{"pn":"","uri":""}},{"vdwxg":{"pn":"","uri":""}},{"vdgps":{"pn":"","uri":""}},{"a1024mloc":{"pn":"top..pro","uri":""}},{"drhgz":{"pn":".noroot2","uri":""}},{"yggb":{"pn":"","uri":""}},{"xsrv":{"pn":"","uri":""}},{"fakeloc":{"pn":"","uri":""}},{"ultra":{"pn":"","uri":""}},{"locationcheater":{"pn":"com.","uri":""}},{"dwzs":{"pn":"","uri":""}},{"mockloc":{"pn":"top..pro","uri":""}},{"anywhereclone":{"pn":"","uri":""}},{"fakelocc":{"pn":"","uri":""}},{"mockwxlocation":{"pn":"","uri":""}},{"anylocation":{"pn":"","uri":""}},{"totalcontrol":{"pn":"com.sigma_rt.totalcontrol","uri":""}},{"ipjl2":{"pn":".ipjl2","uri":""}}],"risk_dirs":[{"008Mode":{"dir":".system/008Mode","type":"sdcard"}},{"008OK":{"dir":".system/008OK","type":"sdcard"}},{"008system":{"dir":".system/008system","type":"sdcard"}},{"iGrimace":{"dir":"iGrimace","type":"sdcard"}},{"touchelper":{"dir":"/data/data/","type":"absolute"}},{"elfscript":{"dir":"/mnt/sdcard/touchelf/scripts/","type":"absolute"}},{"spritelua":{"dir":"/mnt/sdcard/TouchSprite/lua","type":"absolute"}},{"spritelog":{"dir":"/mnt/sdcard/TouchSprite/log","type":"absolute"}},{"assistant":{"dir":"/data/data/","type":"absolute"}},{"assistantscript":{"dir":"/mnt/sdcard//script","type":"absolute"}},{"mobileanjian":{"dir":"/data/data/","type":"absolute"}}],"risk_file_switch":true,"risk_files":"UUNTKuZ2FkqjAACv32cnhokTpMQKyKsPcAdizg0dWcnjz2VsaZWaXVutOsepqx0tF4UzvwTYMEs/MidvfKDHFeEXd9cFXU9Nn6LfHRWAd/vTQHaR0Wpl6+zPW6GoF+3F/sEt+ISOU9r+AjFqqK6OtJDgJJdaT3yWrE945sev3b/zuYKXhv0LTQnLuRnUDvR4+DSfgYsRElEMVXFyaFU9I7Od20pxyB1p2qN+U6bD0LNEFiU4ZzqvDrCj48XoErqUOkYIz5ZsOf95ak9PQpaEoVFNJBd841tkQlREvc84u4Ck0i74Sq8kVXnhOQAYNQgmtBLFNImXb5e/LLg+/F94z2tixp/m265In2CS9966dgiNkSSYB7DzY4x56oqYbDVr3VRJD/r4eyNzxxU/XuYk5+l27n1UJoD8lZVJ1WFkAIye0zDk/BDwx0wagiTQh492MWnps/kmSXQAKXzJKJqF8xIT5acT9amMnIQVcChxtj6roeZlFFLH74+3rjbK5+2t39xvh1IeoUhdNhaEHTkDfZHeU62pMANSRLVmwb9rUQPQ6Rs2ShYnTc+DiKNwu/8hNCBpWulhv82Bqb45oMXbpu+fcISm/SNbBi3s+8BSEqK/iNKTCd+T+dCYwnNjMYc8IM+hmSnZLnZ4ZOhdnF7kPd+iobTpieOflMiO6/wcp8CHYsTWkKrCBRfxNsP+K196jAZ8c4MzmV04G5wH5fHZ9zTBVVpq3StLtqwYXeDFEMcv4id8TXgjrvi9XRHEG/0lHtkAkxp8yoM53GnfeUK8yx2oyzhIZ5NHBwgSw1t0NGcHFkawcRPp0Wu2GG9W0aGaFAG48+Ue7lR40shdnOgSxfwJ79o6Wtqwij2LzQPx2ETYn5Xb0sTzURn0IBxh1G9xs+QfpGdIJHQ1WZUmOe3hH17DUn9jFsxm0x5YS2K8rjO4O+xgW0CdALd6uQk7s9vSQr5fVlo24XKcBUM68Z97M8O9KKNDtiJFU/1/7EoA74LEEyVPjdRFCPx5el/qlQhEEZJJ65trohfor3mPrTkO0vYyhVyEUfu8d4sMFFThVZnovqbnGCfWvrdiVV1MZLy1iCbKnG0FXI166/wSF8/oIBuYF0Q5usOZi45LpXx+gLjeOAtxR/VHOfXfs1wUFvgrmO0q2mOhtIzsZhrPtjNjk2sNp9oM7r2FV0lJXD5pfXtwwlNS4W3FyzgY/rzAA+kBvvYlsQXLfWdhJVqd6/ArAf8FyYvw7mYMYifhOjNPJLGAfbsij2YAYPXk0m648SPkhBNLxWq5e6Ww/g2yCwRSzB07xrxuKq7wptjyjwU1lbk47qiR+XesuiG3p4/IvtLtLjuXzNFkMNfFs1SrAuAYUc0nmu7th0oWRfz+pMUtsLDAQ3shioIaNmy7S9wmqtozKfaHVCUMN+IvSWkrQaCtzRaQB73o0SMkgn5P3RpUfJiHjcWV5egBkHQoh3LX4pHivf1Bf5zJRH/evLXHYf8egmgxKAH4K6SnOFLGbhJyNdJfSS1qyOcvd8aHuai9Bgu16ZD7/yVvyqDbX6KPL90umNj8T6/dkM/4Puly5UbVA+7WdtAMoqEaZzhHXTg70XQQLIsoOH1vyhTlV5jBEtYI/5AOoglt43fHCom869gcLi4avImDYYdPwRLmdXcNBHI/yD0SwGI7gVxWOHCvzd3cYZ2fqkfquzm3OTk+W/YUTfh3q/pnffmuZossqROtjo5rUvyAQh86Y5sQdOUKzS6mWxnA3bJjkWc1su6EjHPjEjhwWPQI97XCqq+AM9zwe2536Vw7CqwdDvTjYaaoMf3wtM8wthIUyyIjN8OblN37H9G+Q/IbIViufH3D5MJWtEfUMEUMMsXNCj+HWP72tlFXwWVDFc2m+uvSXJmzgSGERdUi2LxRq1YA6PZKsBkVI6M+IWmYepBLMdP/JlMlqJBtqtqkt2JpF+CrW/6Pe+DnB71qltw3s8Bj4kNuPrehHk62zPFbK5qbgM9uwsui+fiqwd/gnAlXfbMVLB+pm7BPNt66TZ4UXWzB9s+3xzjZ5NW7bZjn1b8H6d44ibW3hL47jxW+jx5cvOxi2EeLIc+dp/gIowoSUTWymSYHZgTXcoJWA5/xpmR7BKsKnjlTcVnqDnjT3F4YUa28LYtYYRKfFK7BmwZmmR+NwRr4u7mGA0sqGRZM2XwYj2ir/Pk4agps9a6KZyw0zTC8LLibx9WlSbaZcD7vzyyD4JYSYo85O86rVZTe03kKzlE0xZ+8j2MaPNPDRtlJiXzVggf0LzIGahdI2ez6/ZL6Ftab5Gm2f9CRcK0MCKeZeaABeolfGqA7g3sJGQ8KI8ndcR6qALUtmZrvpW6bL8wO9HINg8iQspn3bTRZoGpMfPiFPFAzdfxh9HCgiQD0vsN/T76swvNrd2iAAoAwtGFMLN6T7t29NyFLxaUJh5+etpKi7CKSc+jiiYBUR3SF+PrzhcnUk+HQRLCQJAUfGAUKdnw9KXlkcBYCWB1qUMissDvSI4sfARgMe607LyQlknImNPHAs3ZTnOFN5DzHZxvO8NrvXvHqp8sfzOzUbwc9+5jQPsz4n1nOAQzWUWWITxBGtUaf4i++PDGi6hF8NprhRBmUB+tjlp1xPrzTZD/DQfKtvMSpldgAOBqHHODh0tHR/pp4+Y4Lh+nGDqn/+nnCNseLx2nfmx8P+7Y7ztHLFzHUtyvb+P8ryTxgzgaX8HeMKEmBImwn9otDLNpiUtCAr3Wxc5HT13STAFOFqX615nTV59ob+ohQnrRUsDO+60hRI2G56NMhZo54aMFkawR7pWi2u9Y0ExthPX75wR01pFMOFq3JaeV8PAoMWLa11YQOidnL1g7eG1W83tgQysgfgBokymfTgArQl0muYJdfblBVfGiuktyiSyMgr4rI2ghYFyF6bmeiT2VKxOgXldyaKu29iFxm/pP/XFIWw3qSTZrn/Nbzx84VRagbp5lI3gXPi3kJ1gtfwZPd5GUGAMw7tqh4EwR3qi+9LBAgE72UXrEWV5kLb5gkQ9FCU5YaZUTip6wSVte+TSbG+MUIATub91irzCFb3qcQjoe25QUmi2+tJAqLWRFdWqUmy/38CoyTqV36leqWYv+XCYwi3O25q7/LUM+vMXd1KggSVqNuysYsdEdV37/9iwea1Z6WBCFcKreKRhyGZJ9ML4yGgnvrTcQC16S6uhjZYwXwdDPvKS+71XGKqNXCk9QnBD0aHFOxjrhJDM59wYHwkufFHpqefGtvJ6DxtpCGac6JyEbahWkLieNsc9jMwt3yRJNiXkIljPPB3jNOXPEbg2qAy2BJmXjAxc9itBqc5EVdmhw5ScT/nmD1QDC4u3WtDFadGiYyYgbO6Q76N/Zx7/DlUV8pp3xUMJM5mzacakefeGfkHc0JWmTYsaTjojIRxtgVZDDoKGVIrQWYz5wwSqsLyyLy2R8e7RKRQSPzXN1doU4PdwETjOSNbqdAfWZHQcxmW51dKdulW597eOA6fgsV1O1az4IQ9aFX8E9GLPFBFPaaZGa8DA2PlfMIFyH/hB/vqrwmPp9GlY8XuxpjAxPudyDtjEBDrsCLYQbxYUpe8kberM3GUhJwFdkhsevNkLopzKstVjGb2VIUmsE1WCmrPvNH6MdZ/2eIvWpU61wE15ZqmfPs0fY3l/i3O42vv5ba177PAIWRQFJ6n6yK0VH3CG4bkHsaA+/xISSnMtyjlNHey0rUVDVA8hNKA9Cw12yrHftWoOa+QnNUCX6fGCST1K89aXgSVJQJce9s0MBKmEqLlqXTlghpQkQv5p7GKgq8wpnPnbuK4rccYgQpLM6AyMeyXRvCEvPwPBL3n/XDSKqgHZhJdR5Aaq0DvvTny/ZnDDc8hibu8g8mBX1I+QSiTLfTlBWIKNMg2ojceukUnLuR9aE8kB/F5UvuT/09ClmK5XhYfZKqfNeXdT5iEkIcsNp4kBUnSd2uAzwY+1evKyOcBVK3Q+dORa0IuTORodj8S8eCdu1HST8C3UvAq8OnmVPqJaZYBuQg+6D3JKkoShP7cxULAmhLZXdB0ouNZUJYnUp8Rf+yozHe+ssbpgi46fS4qEuZ3XjpRQiixMztQLwXbw9leWgXJzJ8Qho60BtsOX92qqfb/fEeek5J6SpJx3AtEQO4YJe/h4tc3JsVv2vrqmeJvTID2vDhm6p0DAgxnRYbmRWO76x+SWBRFY6pIGWXh3cATPDEiCRmleAq6oMKb66HxKfoWUh/Xj49RC9vTI5GWZdLedWkrLw=","":true,"":true,"":true,"":true,"":true,"":true,"":false,"":true,"":true,"":true,"":true,"":false,"white_apps":[]}", true, null)


tn和fingerprint都使用同样的map因子:
map因子分析:
获取设备信息:imei、mac、android_id、serialNo、ip、fingerprint、应用列表等。已经可以通过脚本修改
通过脚本修改map的内容去请求,抓的数据如下:(返回的结果唯一id不变)
{"a30":"6686668757","a31":"","a32":2,"a33":"ARMv8 processor rev 1 (aarch64)","a34":2803200,"a35":"","a36":"720,1280,240","a37":102,"a38":"8.7.3","a39":"llll","a40":1652949757046,"a41":"比心","a42":"llll","a43":"samsung","a44":"wifi","a45":"46007","a46":{"cpu_abi":"2527895026","serial":"8410897728","fingerprint":"6647199583","model":"8595959602","cpu_abi2":"8401025104","brand":"4453571240","board":"3213587180","serial_P":"7684553638","manufacturer":"3152805723"},"a47":"llll","a48":2090045440,"a49":"4512638148","a50":{},"a51":[],"a52":{},"a53":{},"a54":"0000000","a55":"llll","a1":"all","a82":"llll","a83":"1001100","a84":"","a85":[],"a86":"1101000","a88":"llll","a97":"","a98":"","a108":"llll","a109":"","a110":"","a111":"","a56":"CN=gaigai, OU=ypp, O=ypp, L=Shanghai, ST=Shanghai, C=86","a57":-2023242913,"a58":"0","a59":"1","a60":"u0_a49","a61":"llll","a62":"llll","a63":"llll","a64":{"suc":"1","enable":"0","service":[]},"a65":183,"a66":{},"a67":{},"a68":[],"a69":124729380864,"a70":124746158080,"a71":125856731136,"a72":{"temp":359,"vol":4217,"level":84,"scale":100,"status":4},"a73":0,"a74":0,"a75":0,"a76":"llll","a77":{},"a78":[],"a79":"","a80":"llll","a81":"4","a2":"llll","a3":"none","a4":"1","a5":"bx-gw","a6":"android","a7":"2.9.8","a8":"","a9":1652959337773,"a10":"9","a11":"","a12":18537,"a13":"SM-G988N","a14":"","a15":"false","a16":"lIsxHspPuckfGL8sB/ViIXIdZHHga8W1px2zP1WE5F1GNHEHpfBB2mz25yiVoP7q4JRbM2USuk6/URq/Dz64zgHcsXp0cqvO/gt7JS+m83I0sVqXeEO70Pzh2tK8/SLv2TncAtd4LH6McbrK8XzAZAdgKSVi1Ba3PFrmU0YKTbFGylHfKHQaNEvDbD+HTQ2Ui27jmxMy9OQ2Fjul8r+nbG7/2j0CdgN/w1dQDv1vhAFtlMIfWRdPjedqkhAu5kDoH+57489/Oj8T7sgfInokbgEmzsqTVrcMuzd0B9LPIYMz+m/jy00YnMjCNj42PBvMt6QcxIZyW4gmI9HHmrm5nNODEF+vBHCI7dmoUPaLW26I/U0RBmzlhVZ+HGwzcy0uYEC/Z2wS2YWYrCtk7mWB88I4hQaVKp3A/lqKmRilNRuo0KxW2R8GndE1f6I+Qr1WaOQG51D6QIzgcF0Hal4nXhDm7wkYWxtpnRK5Emrn5nOhpqUjmhZiW+LTVIAmVIjuxdqh/D7/JRk2rF+o4UveDIbfUZa0tbhb6UGjXByVmrMPEhORtSKcLU0CNsgs8LqiCxAvN5YE8VdT5TwQ8OYRoqbF4Kztvev4w/rpSKuz/oWRXWhfcgHiuMGC4xu1qrnxMzo2YgV1PYqpvioSeSJUJwnyvoDfa5ik2dtj9iivkDQlv9+9ctBje07vvPgExGklc4pOUl4+VVI4/S4lOUaZhLqzRe05RnLHn50v2KtMeAvgHVWPAMiJ1/B0Mtr3nDfEHIELhDPxCFqjIzrkBImANw/tjEfB2plW5ZDn5X0WFe2n/T8ghxWuDxqHUFb9x+RcqaAN2AsTmSMoSs3YbnPhxSPKYaUiCqivQD8Pv+4pXyWV8TR3pYev03Tz/OGrzNAN3+DbMlcdRJ1QAc8Y2bNcOAX0xZ40YfOFgDtU5ky9EPy9IUxklomT2Tjzhjrmk3FHa+amg11ceBx/BRdrrIHHcbWRB03/CICQh7WlsDD6nzmd2tpj+227k6Dy9PqUTBcaVnoCbH89yj4VyG/9vTvK4DE4sFiMo3HxIndb9uwDxDsi3HxcyugFsEXs+w3xzJAIufMaEosclxQ7db40ewfCqqkxpr+jKswlsm8wA6NvfdTLOii2BdjMM7loNqmeo9OSFEKw22Vg6wCi6qoPL3SLbLQKd8uPxprSPnqcPoyFozjz1LH4tPeSMUzbDSHzbr6mhBD76cUisVBr+KUpty9FJa7YSSozVNi6CS2LX7CX22CDX9skHrAZ+RzENyw5KhmN2MT1H1J9+VBva1+gX1qv+OCnED/y97ykBkUgKSy0QFEskhWyTAifFpdwhoj0uENUq0LAqvy4XKczoMqyLdpq2htsuYE9uD4rr45YyZFkFQ7HyFRBlR2TYEi72eue92sn4x7Z/qI+b/Rf/q6HaUQLmG/xmrPIeZEG98VyKTtyoDOrktUVvLpH6x6O3LOmexXdMcaxM42SkOOhFOTWUXbdw9eWlxAwhNEyaNwin0y2lTLypESenORCvBh3Eilg6ZveJ90QHNc44tbM0/wOuo06Xe3PTPxPuRW/8Eds+lWaBEZzoVRofGbY7T94qxEiKEWlBKxqKM4/VFoQx2bTIHLeR2Qgct5kBT+CzfxeU2GMWOOaZAJkvy6wKMSjhPSKMk+aiFYwq1xGiyYtOQnQV9FpbHbOj4I0E7kZyuy/F3WmslCRV9DC/TcxYP1IWCWBI0tNOKXan/mgqRqwor1RX+5kaniRgQvoYbZeO0dC5cOFoBY/UJUSFYlT1dQJhQv8H/t4Vh+LMtyKKDsFSKQmzHUH6rluvsQFW5Ic1fyis+k63R2/C7QiCM/51MzFrxELr20q3f7c6gew7iD5d/mUpleWo1jR2CZHcNylpaLCXaB/8cero6A597vSx0ZOlPwqCoUrEOuzjJkiVzjwEvJH2s8+DTzy09KuDvlT3OIytJ1pttjWFSuaRV6+x4Ju2YlIFW4BMcbWnFuqbnYJ2TA12S8gzHQGC9a6DRj6J5uRRAQJeJiaOK/FnpdW+KPn0PgLeB8JnS519v6grj3U31w9xTpvLY2tqd7RXabV0nRqwG0CIBeRbGfx7aRsENPxno6tAViE2FpBk7JfVZ047y6ehR6HtgAguz43YE80vQKh66m3VTPSB4Odjjg+NzLeXlp3lzjbYPZ6IcoERq/bJ3ZHPrbQ4Sdd3Fw9KW9imn/6w5N7swTvqsmFaRZiSAsqCnrk3n0a0THzcV9sFqOUvhYEGl30xTbdYW8TpJu2InWn5EhDJlEowHWIwDOdmFtWs3FPQMH0dpQ/fs6T6roapLn1N9IKSfV9mhg76FUfAE+OOuRZvOJMIGHNLevblL7d6na37jJufVNaADjD92rI5T/ex1bnSZFIYWccMMYt9YjrCkhYn93F4gLwuR2israxhC8Cknl85X+occcE1z2o8ky2X91fbEILabk2xlo5x3DkTrHXyilCVqYseyyayF+v/OYYf+XgjhY/4GT7Th95RVkq9Q77zDuSxlw+m4Oh6fVsGa9SUaABV2V7U8lD3CkZlwOHF5m4sKxvP03xLFuDM6kXmeqLFGq+tGDhjve4cO8mOg0OqlttbzUdMEqpkmDZ7cRnUnSBdxHHvMsbKZAQYGIM64X+HFyOFQdqrZR76L3s2hCucrNykfkm79ADslXaonRwi5HSsTSljTmU+g0jsvZnpPd6cIw0rHan3pEVaObPUvqbDYWlf21emrpbU0YEWvinUEC3Nfpke4xBwru+0WslzFAgfg==","a17":[],"a18":{"":"6547920429","":"Unknown","":"mtp","":"0"},"a19":"1901985985","a20":"llll","a24":"llll","a25":"llll","a26":"llll","a27":"llll","a28":"llll","a29":"llll","a21":"llll"}

后续是native分享。。。

相关文章