search

xmexg / xyks

小猿口算逆向笔记 (已实现纯协议答题模板)
GNU General Public License v3.0
330 stars 57 forks source link

用js写了下libContentEncoder的解密 #34

Open HuanMeng233 opened 1 month ago

HuanMeng233 commented 1 month ago 
const zlib = require("zlib");

let encData = [
  -53, -78, -87, -73, 41, -32, -92, 107, -96, 26, -121, 62, 22, -82, -114, -16,
  -114, 9, 121, -21, -64, -38, -70, 51, 15, -68, -126, -44, 35, -113, 96, 66,
  -24, -76, -53, 97, 57, -28, -126, 71, 89, 100, 88, -7, 14, 77, -21, 79, -27,
  87, 117, -114, -64, 69, -30, 115, 94, -106, 112, -4, -124, 80, 11, -72, 11,
  -33, -4, -38, -10, -102, -60, 50, 57, 1, 63, -36, 1, -9, -86, -41, -13, -57,
  114, 47, 126, -11, -92, -87, -91, 119, 100, -47, 37, -99, -13, -2, -127, -13,
  -12, 90, 127, 86, 16, 64, -75, -69, -38, -62, 77, -13, 80, -25, 88, -15, 75,
  -57, 35, -39, 40, -47, 14, -13, -50, 16, -16, 66, 100, 36, -63, -13, 5, 2,
  -112, -40, 65, -95, 48, 69, -88, -50, 114, 2, -43, -1, -89, -22, 108, -78, 3,
  95, -36, 53, -111, 88, -74, -17, -38, 72, -109, 64, 101, 18, 57, -31, 99, 113,
  -93, -128, -74, 87, -58, 104, 24, -57, 52, -104, 127, -63, -54, -38, -29,
  -108, -94, -116, 94, -64, 15, 72, 114, -64, 63, -41, -101, 39, 90, -14, 59,
  99, -25, -30, 4, 70, 1, -53, -4, -4, 116, -69, -29, -121, 94, -119, -105, -85,
  -66, -118, 82, 7, -128, 61, -83, 63, 94, -87, -25, -36, -111, 14, -97, 106,
  -107, -31, -72, 83, 73, -74, 4, 110, 54, 125, 123, 32, 118, 28, 74, -24, -123,
  -10, -11, 5, -15, -109, -76, -84, -81, 60, 27, -78, 18, -119, 80, -42, -118,
  79, 27, 117, 23, 69, -15, 115, 63, -67, 40, -35, -30, -20, -93, -91, -75, -34,
  -77, -126, 82, 57, 114, -48, 69, 33, -124, -123, -124, 97, 89, -54, 106, -34,
  -8, 115, -1, -60, 34, 83, 81, -82, 81, -68, 59, -69, -22, -59, 62, -103, 124,
  -81, -95, 22, -70, -55, -24, -71, -17, 53, 75, -86, -17, 98, 82, -97, 47, 44,
  49, -79, 26, -65, 125, 69, -89, -23, -61, -111, 120, -122, 109, -22, 78, -106,
  51, -34, -29, -109, -39, 35, -28, -56, -4, -93, -14, 4, -29, -39, -12, -116,
  27, 81, -62, -82, -5, -87, 71, 30, -78, -57, 101, -125, 17, 15, 54, 61, -75,
  8, 6, 87, 108, 43, 64, -86, 54, -62, -109, 2, -116, 20, -87, -119, -25, -72,
  24, 100, -31, 125, 64, -31, 118, 109, -117, 116, 57, 59, 33, 52, 88, -49, 59,
  -52, -120, 48, 16, -70, -127, 15, 22, -57, 11, 12, 13, -10, -110, 42, -99, 52,
  -46, -67, -112, -14, 25, -110, 91, 0, 73, -71, -36, -89, -20, 22, 102, 13, 65,
  101, -43, 127, -112, -69, -58, -5, 89, -48, -60, 55, 111, 27, 110, -102, -52,
  -18, -22, 87, -106, -1, -55, 47, -14, 76, -12, -38, -66, -102, 98, -128, 58,
  -49, 105, 10, -113, -20, -76, 58, 58, 29, 30, -1, 2, -45, -105, 13, -108, 0,
  66, -62, -16, 78, 120, 50, -38, -98, 32, 3, 29, -12, 52, 16, 81, -11, -82,
  -85, -12, 119, 27, 97, 124, -79, 77, -88, -13, -47, -27, -39, 87, -125, 66,
  -8, -3, -28, 108, -107, 10, 70, 121, -54, 24, -68, 26, -24, 75, 5, -45, 82, 1,
  -26, -122, 89, 71, 9, -36, 114, -21, -61, -128, -41, 9, 81, -66, 74, -51, 8,
  91, 56, 82, -99, -71, 19, 16, -114, -82, -82, 56, -78, 54, 10, -66, -36, -62,
  64, 20, 40, 43, -81, -10, -58, 34, -65, 12, -17, 46, 51, -109, 80, -111, 72,
  94, -63, -43, 127, 103, -4, -11, 5, -121, 47, 112, 62, -98, -116, -83, 66, 78,
  87, -52, 121, 24, 88, 64, -40, 64, 93, 4, 85, -64, -16, -102, -100, 102, 27,
  105, -57, -126, -40, -20, -13, -65, -23, 103, -126, -117, 61, 105, 77, -37,
  45, -83, 38, -12, -14, 44, -126, -42, -87, -28, -88, -30, 112, -24, 15, 125,
  79, 20, 101, -119, 88, -79, 12, 20, 48, -70, -92, -38, 31, 1, 88, -20, -26,
  92,
];
let v17 = [
  0x40, 0x05, 0x00, 0x34, 0x03, 0x01, 0x0b, 0x09, 0x0b, 0x05, 0x04, 0x08, 0x00,
  0x3a, 0x6d, 0x40, 0x72, 0x00, 0x43, 0x03, 0x0a, 0x0f, 0x01, 0x01, 0x10, 0x13,
  0x09, 0x7f, 0x6e, 0x04, 0x0c, 0x04,
];
let v157 = [];
for (let i = 0; i < 0x100; i++) {
  v157.push(i);
}
let v159 = 0;
let v160 = 0;
while (v159 != 256) {
  let v161 = v157[v159];
  v160 = (v160 + v161 + v17[v159 & 0x1f]) & 0xff;
  v157[v159++] = v157[v160];
  v157[v160] = v161;
}

let v162 = 0;
let v163 = v157[255];
do {
  let v164 = v162;
  v162 -= 2;
  let v165 = v157[v164 + 254];
  v157[v164 + 254] = v163;
  v163 = v157[v164 + 253];
  v157[v164 + 253] = v165;
} while (v162 != -254);

let v166 = v157[0];
v157[0] = v163;
v157[255] = v166;

let v167 = 0;
let v168 = 0;
let v169 = encData.length;
let v158 = v157;
let v170 = 0;
let v171 = 0;
let v172 = 0;
let a4 = [];
while (v169) {
  v169 -= 1;
  v167 = (v167 + 1) % 256;
  v170 = v158[v167];
  v168 = (v168 + v170) % 256;
  v171 = v158[v168];
  v158[v167] = v171;
  v158[v168] = v170;

  v172 = encData.shift();
  a4.push(v158[(v171 + v170) % 256] ^ v172);
}

let decData = new Int8Array(a4);
//console.log(decData);
//gzip解压
let unzipData = zlib.unzipSync(decData);
console.log(unzipData.toString());

image

Amamiyia commented 1 month ago

大佬,研究过sign吗?

GalacticDevOps commented 1 month ago

大佬,研究过sign吗?

sign的生成稍微有点复杂 具体可见

HuanMeng233 commented 1 month ago

sign太难了 跟时间有关的那一块好复杂