登录接口汇编伪代码:
void -[QXLoginViewController loginAction](void * self, void * _cmd) {‘
sp = sp - 0x4 - 0x4 - 0x4 - 0x4 - 0x4 - 0x4 - 0x4 - 0x4 - 0x44;
r8 = self;
r10 = *0x1a86288;
r11 = @selector(text);
r0 = *(r8 + r10);
loc_e0b008(r0, r11);
r5 = loc_e0b02c();
r6 = @selector(isEqualToString:);
if ((loc_e0b008(r5, r6, @”“) & 0xff) != 0x0) {
loc_e0b00c(r5); loc_e0b008(@class(UIAlertView), @selector(alloc), 0x1a82e18); r4 = loc_e0b008(); loc_e0b008(r4, @selector(show)); loc_e0b004(r4);}
else {
stack[2052] = *0x1a8628c; r0 = r8->_passwordTextField; loc_e0b008(r0, r11); r7 = r7; r4 = loc_e0b02c(); r6 = loc_e0b008(); loc_e0b00c(r4); loc_e0b00c(r5); if ((r6 & 0xff) != 0x0) { loc_e0b008(@class(UIAlertView), @selector(alloc), 0x1a82e18); r4 = loc_e0b008(); loc_e0b008(r4, @selector(show)); loc_e0b004(r4); } else { r0 = *(r8 + r10); loc_e0b008(r0, r11); stack[2051] = loc_e0b02c(); r0 = *(r8 + stack[2052]); loc_e0b008(r0, r11); r6 = loc_e0b02c(); loc_e0b008(@class(QXRSA), @selector(encryptString:publicKey:), r6, @"-----BEGIN PUBLIC KEY-----nMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKvaYJcKtjtQHOyv//JkrT/zOB9q5pN8nhfAZdqy0kh/PGym8/t3zO58HAzBtDDPzvHPOgL4T8yELh3aRhZbNlbkCAwEAAQ==n-----END PUBLIC KEY-----n"); stack[2052] = loc_e0b02c(); loc_e0b00c(r6); loc_e0b008(r8, @selector(view)); r6 = loc_e0b02c(); loc_e0b008(@class(MBProgressHUD), @selector(showHUDAddedTo:animated:), r6, 0x1); loc_e0b02c(); loc_e0b00c(); loc_e0b00c(r6); loc_e0b008(@class(QiXiuDataModel), @selector(sharedInstance), 0x1a82d68); r10 = loc_e0b02c(); r0 = r8->_identifyCodeField; loc_e0b008(r0, r11); r6 = loc_e0b02c(); stack[2064] = loc_e0b010(r8, 0x98d05); stack[2058] = loc_e0b010(); loc_e0b008(r10,@selector(longin2QiYi:passwd:vcode:completionBlockWithSuccess:completionBlockWithFailure:), stack[2051], stack[2052], r6, sp + 0x2c, sp + 0x14);
loc_e0b00c(r6); loc_e0b00c(stack[2058]); loc_e0b00c(stack[2064]); loc_e0b00c(r10); loc_e0b00c(stack[2052]); loc_e0b00c(stack[2051]); }}
return;
}
https://passport.iqiyi.com/apis/reglogin/mobile_login.action
request:
PTID 0203301
QC005 C9B9F2E0-
agenttype 120
device_id C9B9F2E0-
email 159
passwd nK/M39kRG6XWiDt0
textKey 1
vcode
cokie:
P00004 -899118908.14733 QC005 da0a84de35f835
respond:
{ “data”: { “guid”: { “privilege_content”: “绑定手机号,可以更好地保护您的账号安全,保护个人信息和记录不被侵害。”, “choose_content”: “我愿意接收短信,了解最新资讯”, “bind_type”: 3, “accept_notice”: 0 }, “qiyi_vip_info”: { “name”: “159*”, “level”: “2”, “vipType”: “1”, “autoRenew”: “0”, “payType”: “0”, “status”: “1”, “type”: “1”, “mobile”: “159”, “surplus”: “48”, “deadline”: { “t”: 14770, “date”: “2016年10月” } }, “authcookie”: “42”, “token”: null, “level_info”: null, “pps_vip_info”: { “vip_type”: 0, “level_moon”: “00”, “level_star”: “01”, “level_sun”: “00”, “pps_bean”: 0, “pps_level”: 1, “vip_expire”: “”, “user_id”: 1675, “vip_remain_day”: 0, “skip_ad”: 1 }, “userinfo”: { “email”: “”, “phone”: “159”, “uid”: “120”, “user_name”: “159”, “macid”: null, “nickname”: “159***”, “real_name”: null, “work”: null, “pwdScore”: 35, “activated”: 0, “pru”: 126, “birthday”: null, “suid”: “1265”, “jointime”: “1445”, “regip”: “138”, “accountType”: 11, “city”: null, “province”: null, “self_intro”: null, “gender”: null, “edu”: null, “income”: null, “industry”: null, “idCard”: null, “find_pass_email”: null, “icon”: “http://www.qiyipic.com/common/fix/headicons/male-70.png“, “status”: null }, “guide_to_bind_phone”: false }, “code”: “A00000”, “msg”: null }
破解请求参数结果:
1.passwd:
—–BEGIN PUBLIC KEY—–
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKvaYJcKtjtQHOyv//JkrT/zOB9q5pN8 hfAZdqy0kh/PGym8/t3zO58HAzBtDDPzvHPOgL4T8yELh3aRhZbNlbkCAwEAAQ==
—–END PUBLIC KEY—–
2.device_id:
3.QC005字段:
“device_id”+”_Unix时间俊逸的小蝴蝶
4.agenttype
120(写死)
5.email
6.textKey
1(写死)
7.vcode
8.PTID
02033011010000000000 (平台ID)