A, goals,

These two years rarely see news and information, the source of the basic new melon is the public number, this is not also counted as information cocoon room?

Check out this information App today, and the target is Signature

This signature is interesting, unlike alphanumeric characters like MD5 or Base64

Second, the steps

Jadx search “signature”

Not a lot. Only 26 of them. If you look at them one by one.

It’s the first thing to click on. Click on it again

This is obviously not true, it produces a 32-bit MD5-like string.

Don’t want to find one by one, see its sibling parameters can narrow the range?

Jadx searches for “SearchEntry” and “eventid”

Eight results. Much happier. Click in and see

Not happy, onlysearchentryeventidAssignment, not foundsignatureThe assignment.

Here’s a little trick. To find all functions that call mo63380j, right-click on the line mo63380j() to find the use case.

When I checked it again, I felt dizzy, but there was still no sign of Signature.

Continue to find a “signature”

What should I do if I feel I’m going the wrong way? Back in time, stop in time. Let’s go back and search for Signatures, but 26 of them, one by one.

This guy is more suspicious, unexpectedly ended up calling Native function, disk it.

Hang up your beloved Frida

var SignUtilCls = Java.use("com.yxdxxx.news.util.sign.SignUtil");
SignUtilCls.signInternal.implementation = function(a,b){
        var rc = this.signInternal(a,b);
        console.log("inStr = " + b);
        console.log(">>> rc = " + rc);
        return rc;
}
Copy the code

Come on, have a run

[MI NOTE Pro::com.hxxx.yxdxxx]-> inStr = yxdxxx5.7.7.21k6LWWMIG_1620885238340_91028401 >>> RC = AQ-exTbeIxgwJNiKPYQihZuzQOtyeV9v_93SvtH74beFqRgCvU9-O7onF3__WtnEwHHe84_nkFDDSIkh1a4VDE2xMj4l86XfDy09EO_hMbFHNbGAWRImIxNb GF9Ihlp-tSEs0N6c1rmNTjjxpKMowTsYfoPKuSJTtHNHy7xTrU4Copy the code

Great. That’s what we’re looking for.

Third, summary

Don’t bother, always want to find a shortcut, the result is not as good as one by one, slow is fast. A wise man will make a fool of himself!

Native is also one of the signposts, and for 9,021 years, all the algorithms that have been pursued have been put in Native.

In the face of the roaring wheel of The Times, we must speed up running. Sometimes powerless, sometimes impetuous anxiety, but must adapt. It can easily throw every outdated individual far away and grind them to dust without killing them.

TIP: The purpose of this article is only one is learning more backward techniques and train of thought, if anyone use this technology to get illegal commercial interests the legal liabilities are their operators, and the author and it doesn’t matter, this paper involves the knowledge of code project can go to my friends to fly star come undone, welcome to join star learn together to explore technology knowledge. Have a problem can add me WX: FENfei331 discussion.

Wechat public account: Fenfei safety, the latest technology dry goods real-time push