dewu得某APP newSign签名算法的python实现

firehack

算法是从app中反编译破解出来的，自已用python重新实现了一下，没有做的十分智能，凑合着用吧。
直接给代码：

[Python] 纯文本查看 复制代码

# 
# -*- coding:utf-8 -*-
import hashlib
import json
import os, sys, time, base64
# pip install pycryptodome
import random
import requests
from Crypto.Cipher import AES

# AES_128_ECB_PKCS5Padding算法。
class EncryptDate:
    def __init__(self, key):
        self.key = key.encode("utf-8")  # 初始化密钥
        self.length = AES.block_size  # 初始化数据块大小
        self.aes = AES.new(self.key, AES.MODE_ECB)  # 初始化AES,ECB模式的实例
        # 截断函数，去除填充的字符
        self.unpad = lambda date: date[0:-ord(date[-1])]

    def pad(self, text):
        """
        #填充函数，使被加密数据的字节码长度是block_size的整数倍
        """
        count = len(text.encode('utf-8'))
        add = self.length - (count % self.length)
        entext = text + (chr(add) * add)
        return entext

    def encrypt(self, encrData):  # 加密函数
        res = self.aes.encrypt(self.pad(encrData).encode("utf8"))
        msg = str(base64.b64encode(res), encoding="utf8")
        return msg

    def decrypt(self, decrData):  # 解密函数
        res = base64.decodebytes(decrData.encode("utf8"))
        msg = self.aes.decrypt(res).decode("utf8")
        return self.unpad(msg)


def aes_ecb_pk5padding(sign_string, key="d245a0ba8d678a61"):
    # 这里密钥的长度必须是16的倍数
    eg = EncryptDate(key)
    result = eg.encrypt(str(sign_string))
    return result


def get_sign_string(params: dict):
    """
        ::param {recommendId: "73", lastId: ""}
    """
    sign_string = ''
    sort_params = {k: params[k] for k in sorted(params.keys())}
    for k, v in sort_params.items():
        if "newSign" == k:
            continue
        if "sign" == k:
            continue
        sign_string += k + v
    sign_string += "048a9c4943398714b356a696503d2d36"
    return sign_string


def get_sign_string_v2(params: dict):
    """
        ::param {recommendId: "73", lastId: ""}
    """
    sign_string = ''
    sort_params = {k: params[k] for k in sorted(params.keys())}
    for k, v in sort_params.items():
        if "newSign" == k:
            continue
        if "sign" == k:
            continue
        sign_string += k + v
    sign_string += ""
    return sign_string


def dewu_newsign(post_data: dict):
    sign_step1 = get_sign_string_v2(post_data)
    sign_step2 = aes_ecb_pk5padding(sign_step1)
    sign_step3 = sign_step2 + ""
    sign_step4 = hashlib.md5(sign_step3.encode()).hexdigest()
    return sign_step4



# dewu 签名方法验证
post_data = {"loginToken":"ed834540|1763500000|5f1e6dc97d8300000","newSign":"d46c59af3079feb490bc14d09d18bf47","platform":"android","timestamp":"1638231836503","uuid":"d000356a5a000000","v":"4.80.5"}

sign = get_sign_string(post_data)
sign_md5 = hashlib.md5(sign.encode()).hexdigest()
print("sign=", sign_md5)

#post_data.update({"sign": sign_md5})
#post_data.update(post_data)

timestamp = int(round(time.time()) * 1000) + 1000
duuuid = "d000356a5a000000"
post_data.update({"timestamp": str(timestamp), "uuid": duuuid})

new_sign = dewu_newsign(post_data)
print("新Sign=", new_sign)
post_data.update({"newSign": new_sign})
print(json.dumps(post_data))

print('End')

firehack

得物的签名算法一直在更新，如果不涉及到核心的交易、用户这些接口，可以尝试从Web端入手去分析，这样简单很多。

wantwill

谢谢楼主分享!

神枪泡泡丶

期待逆向过程分析！

a657938016

感谢大佬分享，学习了

yk156511

6666，学了

monk3435

新手上路，学习了

icjhao

之前我自己解析一直没成功

Pineker

感谢分享，期待大佬出个文章，观摩观摩

youngapt

新手学习

huaibaoyy

看看大佬如何做到的!!