This paragraph of time is known as “year the highest score domestic crime drama” “white night chase fierce” is hot broadcast, small make up this two days chase after drama chase is also a little abtrance, especially see lovely hacker small fat that “studio”, really let small make up some fascinated……
What do you mean, can I
You think you’re watching that stupid movie
gung
A press enter
Can you see anything in the White House bathroom
Crystal clear
The current traffic surveillance system
Firewalls are at least 64 encrypted
Any time you’re involved in security surveillance
It could even be 128 bits encrypted
And that’s not even before we cracked it
What kind of authentication electronic authorization
After view | |
After watching this segment, we should Get several points: 1. The work of the hacker is not so simple as the last press enter, although in the end of the play xiao Pang or seemingly simple to press enter let Guan Hongyu see the real-time traffic monitoring screen; 2. Security is always a contradiction and shield relationship, there is no absolutely safe system, even such a high level of protection system can also be breached, this is absolutely not a joke;
In fact, the complexity and difficulty of the security system is much more than breaking it. In the security field, most of the encryption algorithms, security systems and networks are also invented, built and released by some foreign experts and institutions, and most of the domestic security experts only stay in deciphering.
In addition, in under the action of the market economy, the domestic most companies in the busy making money at the same time, in the aspect of safety investment can be poor, many user password even plaintext storage company, in addition to the company’s leadership to did not take security seriously, investment and other main reason, as a programmer, most rarely have this aspect of consciousness.
The original version of the software had no protection against network requests, meaning that the server responded correctly to all network requests from emulated clients as long as they were emulated. Later added the digital signature check, is it safe? Or else…
If the signature is not correct, the server will not respond to the request.
Such protection is believed to be sufficient for ordinary programmers and applications, at least with this layer of protection most people cannot simulate requests through the most direct means, ordinary domestic applications can do so, has been a conscience. But today’s goal is to show you how to use unconventional means to obtain the details of the digital signature algorithm, so that we can further improve security awareness, not to do so means that you can rest easy.
Of course, in this case, even if the digital signature is broken, there is no great harm, in some types of applications, it may be…..
By observing that the signature string is a 64-bit string, experienced programmers can quickly guess that it is a digital signature using the SHA256 algorithm. Of course, this is not absolute, and this idea will be further verified later. In addition, the signature must be a string “encrypted” by some digital signature algorithm after the other three keys and a client key have been concatenated in some way.
However, how is the specific splicing, we do not know, we need to further analysis……
Through the reverse tool (IDA) decompile the processed class assembly code such as the above figure, we can easily know that the client key is the corresponding client_secret_key field in the above figure through the analysis of the code. Although some clues can be seen from this code, however, to correctly understand the logic of digital signature, Is not an easy thing, so for reverse work, a lot of work is the speculation that is educated guesses, of course, through the constant speculation and verification, to get the results you want, this process may soon, also may be very long, by constantly reading analysis, forecast and validation, we get the conclusion, The digital signature is obtained by ordering each parameter and client key in ascending order by key and value, then connecting it with equal sign, and then concatenating it with & for sha256 hash function operation. The result is as follows:
NSString *raw = @”client_id=000000&client_secret_key=853k3a3qfq6g9qutefaicvn7jsaww09m&nonce=477570×tamp=1508293067″;
NSString *signature = [raw sha256String];
After verification, the value of signature is:
E30de3e862f1385ca606ccbe576b78fd5a79c6273c20c67d048c5721c114e8c2.
Exactly the same as in the picture, although the above description is relatively simple, the whole process took about 24 hours.
Through the analysis of this actual combat case, I hope to cause enough attention to safety, the boss in the money at the same time also want to keep some social moral bottom line, do the least to protect the rights and interests of your users; As a programmer, you should not only think about functions, but also have security awareness.
Continue to chase the play……