A, goals,

How to solve the problem, in addition to kebab beer, also only brush small video.

Today our goal is to check out the overseas version of x-Gorgon, a small video App

TIP: v18.9.4 (180904).

Second, the steps

Jadx search “X – the Gorgon”

There are only two results. It’s easy to locate here

Do it on Frida

var strUtilCls =  Java.use('com.ss.a.b.a');
strUtilCls.a.overload('[B').implementation = function(a){
        var rc = this.a(a);
        console.log(">>> X-Gorgon = " + rc);
        return rc ;
}
Copy the code

Run the

>>> X-Gorgon = 040420f90005015f8e95d8d8da66ce27e0c536e8eabdc77847f5
Copy the code

No problem. We got x-Gorgon

Go into the reference

The result is found, so we need to analyze the entry parameter

strUtilCls.a.overload("java.lang.String").implementation = function(a){
        var rc = this.a(a);
        console.log("inStr = " + a);			
        return rc ;			
}
Copy the code

Run it again, and it’s coming out

inStr = 7322d9d39cbeb2fff08237fb1e2199c495A35C6A6BFFAAFEE6A7265145CC097C00000000000000000000000000000000000000000000000000000000 00000000Copy the code

This is a bit complicated.

If we look at the code, the input parameter actually consists of 4 parts, each part is an MD5 string

inStr =
7322d9d39cbeb2fff08237fb1e2199c4
95A35C6A6BFFAAFEE6A7265145CC097C
00000000000000000000000000000000
00000000000000000000000000000000
Copy the code

So what data is used for MD5? Let’s print it again

var ParamHttpCls = Java.use('com.ss.sys.ces.gg.tt$1');
ParamHttpCls.a.implementation = function(a,b){
        var rc = this.a(a,b);
        console.log("a = " + a);
        console.log("b = " + b.entrySet().toArray());

        console.log(">>> rc = " + rc.entrySet().toArray());
        return rc;
}
Copy the code

Run and the result becomes clear

Then you can make an RPC call.

Third, summary

Small video toxic, I can’t control a few

The only lesson one can learn from history is that one cannot learn anything from history

TIP: The purpose of this article is only one is learning more backward techniques and train of thought, if anyone use this technology to get illegal commercial interests the legal liabilities are their operators, and the author and it doesn’t matter, this paper involves the knowledge of code project can go to my friends to fly star come undone, welcome to join star learn together to explore technology knowledge. Have a problem can add me WX: FENfei331 discussion.

Wechat public account: Fenfei safety, the latest technology dry goods real-time push